Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2016
Ran by Petr (06-11-2016 16:38:42)
Running from C:\Users\Petr\Desktop
Windows 10 Pro Version 1607 (X64) (2016-08-29 23:39:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3486481722-36798458-2831538139-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3486481722-36798458-2831538139-503 - Limited - Disabled)
Guest (S-1-5-21-3486481722-36798458-2831538139-501 - Limited - Disabled)
Petr (S-1-5-21-3486481722-36798458-2831538139-1001 - Administrator - Enabled) => C:\Users\Petr

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Ansel (Version: 368.81 - NVIDIA Corporation) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.01 - Creative Technology Limited)
Creative Entertainment Console (HKLM-x32\...\Entertainment Console) (Version: 3.01 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited)
Defiance (HKLM\...\Steam App 224600) (Version:  - Trion Worlds, Inc.)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version:  - Rockstar North)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 2.02 - Creative Technology Limited)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Killer Bandwidth Control Filter Driver (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer E240x Drivers (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.57.1125 - Rivet Networks)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 cs)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.19.0) (Version: 4.0.19.0 - Locktime Software)
NetLimiter 4 (Version: 4.0.19.0 - Locktime Software) Hidden
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.81 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.81 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.99.11.0 - Overwolf Ltd.)
Ovládací panel NVIDIA 368.81 (Version: 368.81 - NVIDIA Corporation) Hidden
Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17354 - Microsoft Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Rust (HKLM\...\Steam App 252490) (Version:  - Facepunch Studios)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Forest (HKLM\...\Steam App 242760) (Version:  - Endnight Games Ltd)
Volume Panel (HKLM-x32\...\Creative Volume Panel) (Version: 2.21 - Creative Technology Limited)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
War Thunder (HKLM\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WildStar (HKLM\...\Steam App 376570) (Version:  - Carbine Studios)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3486481722-36798458-2831538139-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3486481722-36798458-2831538139-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {169EDAC3-16A3-4C69-B379-1D7761F9F044} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
Task: {807D1863-E3AE-4E77-A636-CF0702E0F95D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-12] (Google Inc.)
Task: {80C0D4EC-ECC4-4436-AE44-F2AA35A7F234} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {8E19425D-2D6D-45A1-9DE8-8DDE10A09FD7} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
Task: {A4A09143-DCA9-4764-AF3C-2A421A250473} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-12] (Google Inc.)
Task: {A96EF0D9-D90B-4F9D-9226-C8E1F9785364} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {BDDDEC05-558A-448C-BB85-5A59BBD2192F} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
Task: {F16ECF8D-3FDC-42FD-8D7B-BB412B384F58} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-10-30] (Overwolf LTD)
Task: {F918B7C2-2832-411A-B291-1C712C77F9DB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-28] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-02-15 20:01 - 2016-02-15 20:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll
2016-07-20 18:48 - 2016-06-14 21:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-07-20 18:48 - 2016-06-14 21:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-07-20 18:48 - 2016-06-14 21:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-07-20 18:48 - 2016-06-14 21:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-07-20 18:48 - 2016-06-14 21:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-07-20 18:48 - 2016-06-14 21:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-07-20 18:48 - 2016-06-14 21:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-07-20 18:48 - 2016-06-14 21:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-30 17:55 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-30 00:19 - 2016-07-10 23:58 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-30 17:55 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-30 17:55 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-30 00:46 - 2016-08-30 00:47 - 01864384 _____ () C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-09-15 16:01 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-12 18:53 - 2016-10-05 10:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-28 15:45 - 2016-10-15 04:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-28 15:45 - 2016-10-15 04:34 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-28 15:45 - 2016-10-15 04:34 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-28 15:45 - 2016-10-15 04:34 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-28 15:45 - 2016-10-15 04:38 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-20 18:48 - 2016-06-14 21:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-07-20 18:48 - 2016-06-14 21:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2016-07-13 12:19 - 2016-04-09 14:06 - 00035840 _____ () C:\Users\Petr\Desktop\Dokumenty\Outlook\KeepOutlookRunning-64bit.dll
2015-11-11 01:49 - 2015-11-11 01:49 - 01557160 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2016-11-05 13:34 - 2016-11-05 13:35 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-05 13:34 - 2016-11-05 13:35 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-05 13:34 - 2016-11-05 13:35 - 41608704 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-08-29 23:13 - 2016-08-29 23:13 - 03763712 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-08-16 09:17 - 2016-08-16 09:18 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-16 09:17 - 2016-08-16 09:18 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-07-14 10:38 - 2016-07-14 10:39 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-07-12 15:12 - 2016-07-12 15:12 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-10-27 18:05 - 2016-10-20 09:56 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libglesv2.dll
2016-10-27 18:05 - 2016-10-20 09:56 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libegl.dll
2016-05-25 21:52 - 2016-05-25 21:52 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-07-20 18:48 - 2016-06-14 21:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-07-12 15:51 - 2016-09-08 04:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-07-12 15:51 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-07-12 15:51 - 2016-10-13 02:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2016-07-12 15:51 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-07-12 15:51 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-07-12 15:51 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-07-12 15:51 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-07-12 15:51 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-07-12 15:51 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-07-12 15:51 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-07-12 15:51 - 2016-10-13 02:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-07-12 15:51 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-15 12:42 - 2016-08-04 21:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3486481722-36798458-2831538139-1001\...\carpi.cz -> hxxps://fw.carpi.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3486481722-36798458-2831538139-1001\Control Panel\Desktop\\Wallpaper -> c:\users\petr\pictures\crussader cyka blyat.png
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FB5E4167-A547-4925-B8B4-B55E6B70D368}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{B655BBC0-808D-45E3-9C75-558C89E214D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [UDP Query User{F0EB784A-1553-4C6E-AF71-C893012C161C}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{846260BF-E9F8-48D2-9ECD-5DD56361F061}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{796017D8-EDE1-47F8-A137-0E61CD00CEE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{ACF9066E-F3FB-47EB-BDB1-D9845E5A463F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [UDP Query User{FEAD19CF-79CC-4FF3-8FC2-7C00E83B3079}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [TCP Query User{09883C86-B6EB-4F79-A444-4EA4F9663385}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{726CC901-8528-48C1-B1BC-0F60076C6984}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{98BAB85B-CA65-45B1-ACF2-D2FC18A4E42E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3A716C31-7EEF-46BC-AAF6-CD5621B36D63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{606D7598-7BF6-4AA3-8E6D-0784E9DC4448}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7DE885EA-5927-4AB8-8D0B-367F7093F66F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{77036A27-194E-4692-AEA9-642800A5F053}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9A5EE698-AA83-4C0C-8B3D-32D360B0F833}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{08EECD76-46DA-43FD-8A01-1797D00716F3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{89BF4FED-92DF-40D7-86B7-E2A0AA0A2DCA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [UDP Query User{2A327E2A-969F-4B09-B099-D1D4D0F5F8B7}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [TCP Query User{B5D5B55E-7D07-48DB-81AC-5AB0D7891455}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{C04F566D-5113-462A-8B28-4611FE15830F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{A4D00BCD-D0D2-4347-98B6-0340E4EB93E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{A8755C8C-6A1C-4489-89FE-C94CE4187D59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{9A46F02C-6E2B-4F40-856F-28DE42EBC985}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{7432F2FB-7B83-412F-82E7-DFD436518ADB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FC5E3C94-8D11-49F9-AE4F-9772FCC165ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{26EC1D63-FEEF-4440-B854-FF19B1B3CDEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1FA206CF-7A06-43AD-88F8-020A37F3CFDB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3C5BE756-D47D-4E52-90D7-AF4A7E31EA97}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DA16EBD6-954B-4A12-8271-3F5B1838FA1C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F31C6551-F8D4-44B8-986A-C7EA18051B65}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2323B9AE-D2F0-4A13-8B6E-7609AE48A6D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Defiance\Patcher.exe
FirewallRules: [{3FD746DF-934F-4A54-8642-C5F337CEF7BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Defiance\Patcher.exe
FirewallRules: [{34FFB70A-8513-4B57-9DE9-F65FF7FBC088}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{B1AC4708-8D32-434E-B31F-0F3D1C15C731}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{ADAFDA8C-5894-43A8-9C94-0863A13AE81A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3924DD95-DBBF-4189-9533-FD9A74E2FD18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{AB7C085B-3A7F-4269-B11B-ED40472E2B05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [TCP Query User{BE9BAEC4-052E-444F-8843-B3CBAAB4BDD7}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{BD8785BB-049E-44DA-AF6A-8C7836E77527}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{48CBE787-48AC-4479-BAD4-EC6BA85E2D8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{1AE8FF70-5948-4DE4-8536-EA95D351277E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{373509EC-B769-4BE8-965E-EF391B17C3C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5F0E74DC-BD2F-47B7-86D3-D2BB51DDF3DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe

==================== Restore Points =========================

18-10-2016 16:18:51 Windows Update
28-10-2016 11:29:20 Naplánovaný kontrolní bod
06-11-2016 16:05:56 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/06/2016 04:06:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service EasyAntiCheat since QueryServiceConfig API failed

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (11/06/2016 04:06:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (11/06/2016 03:46:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamUserAgent.exe, verze: 7.1.2084.9592, časové razítko: 0x57605c64
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.351, časové razítko: 0x5801a332
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003061d
ID chybujícího procesu: 0x19f0
Čas spuštění chybující aplikace: 0x01d2383c92e443c8
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: ab161443-8436-41b0-ac7a-89194df3f6ae
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (11/04/2016 11:24:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamUserAgent.exe, verze: 7.1.2084.9592, časové razítko: 0x57605c64
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.351, časové razítko: 0x5801a332
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003061d
ID chybujícího procesu: 0xfc8
Čas spuštění chybující aplikace: 0x01d23685a094950e
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 65722cec-1a14-4966-af50-ecca26ab60fc
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (11/04/2016 11:24:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamUserAgent.exe, verze: 7.1.2084.9592, časové razítko: 0x57605c64
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.351, časové razítko: 0x5801a332
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003061d
ID chybujícího procesu: 0x1b10
Čas spuštění chybující aplikace: 0x01d2368597fc4b2f
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: b6f7e954-39f5-4dc2-a379-5d26dc8a91a7
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (11/02/2016 02:49:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 54.0.2840.71, časové razítko: 0x58085902
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.14393.321, časové razítko: 0x57f4c4f0
Kód výjimky: 0xe0000008
Posun chyby: 0x0000000000017788
ID chybujícího procesu: 0xd8c
Čas spuštění chybující aplikace: 0x01d234e806aeb0f0
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 9fd5697c-bb00-4f6f-b95f-20f66b64ce34
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (11/01/2016 04:16:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 54.0.2840.71, časové razítko: 0x58085902
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.14393.321, časové razítko: 0x57f4c4f0
Kód výjimky: 0xe0000008
Posun chyby: 0x0000000000017788
ID chybujícího procesu: 0x48c
Čas spuštění chybující aplikace: 0x01d2343712bf8e13
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 6fc2ffb1-bd17-4c1e-b0ac-bc2ebdb569bd
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (11/01/2016 12:25:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 54.0.2840.71, časové razítko: 0x58085902
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.14393.321, časové razítko: 0x57f4c4f0
Kód výjimky: 0xe0000008
Posun chyby: 0x0000000000017788
ID chybujícího procesu: 0x1ce0
Čas spuštění chybující aplikace: 0x01d234237ef7beb7
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 24026d58-1acb-4d1e-bbae-c07a24c933b0
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (10/31/2016 08:18:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 54.0.2840.71, časové razítko: 0x58085902
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.14393.321, časové razítko: 0x57f4c4f0
Kód výjimky: 0xe0000008
Posun chyby: 0x0000000000017788
ID chybujícího procesu: 0x17cc
Čas spuštění chybující aplikace: 0x01d2338fdd474ee0
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 86519631-8e1c-4944-80d3-a1359b4ad38e
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (10/30/2016 08:20:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 54.0.2840.71, časové razítko: 0x58085902
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.14393.321, časové razítko: 0x57f4c4f0
Kód výjimky: 0xe0000008
Posun chyby: 0x0000000000017788
ID chybujícího procesu: 0xf90
Čas spuštění chybující aplikace: 0x01d232cfcaf45098
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: c7321d11-931b-4d6a-9e3b-bd715d2b16da
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (11/06/2016 04:00:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba platformy připojených zařízení byla ukončena s následující chybou: 
Nespecifikovaná chyba

Error: (11/06/2016 04:00:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba platformy připojených zařízení byla ukončena s následující chybou: 
Nespecifikovaná chyba

Error: (11/06/2016 03:46:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 a APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/06/2016 12:01:12 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba platformy připojených zařízení byla ukončena s následující chybou: 
Nespecifikovaná chyba

Error: (11/06/2016 12:01:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba platformy připojených zařízení byla ukončena s následující chybou: 
Nespecifikovaná chyba

Error: (11/05/2016 09:49:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba platformy připojených zařízení byla ukončena s následující chybou: 
Nespecifikovaná chyba

Error: (11/05/2016 09:49:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba platformy připojených zařízení byla ukončena s následující chybou: 
Nespecifikovaná chyba

Error: (11/05/2016 09:32:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba platformy připojených zařízení byla ukončena s následující chybou: 
Nespecifikovaná chyba

Error: (11/05/2016 09:31:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 a APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/05/2016 09:30:42 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Funkce řízení spotřeby pro výkon jsou u logického procesoru technologie Hyper-V 3 zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.


CodeIntegrity:
===================================
  Date: 2016-11-06 15:57:08.631
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 11:35:33.736
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-29 13:50:43.686
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-14 13:58:18.182
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-13 14:55:36.525
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-01 14:07:13.157
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-17 11:51:04.418
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-16 12:02:20.819
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-09 14:07:04.614
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-06 13:47:20.653
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Percentage of memory in use: 19%
Total physical RAM: 16347.05 MB
Available physical RAM: 13094.08 MB
Total Virtual: 18779.05 MB
Available Virtual: 15188.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.21 GB) (Free:248.47 GB) NTFS
Drive d: (PETR) (Removable) (Total:57.66 GB) (Free:51.58 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: C6CD7D39)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 57.7 GB) (Disk ID: AE37DD21)
Partition 1: (Not Active) - (Size=57.7 GB) - (Type=0C)

==================== End of Addition.txt ============================