Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2017
Ran by bizap (05-03-2017 10:43:51)
Running from C:\Users\bizap\Downloads
Windows 10 Pro Version 1607 (X64) (2016-11-26 03:23:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2172335363-1738720639-4197107604-500 - Administrator - Disabled)
bizap (S-1-5-21-2172335363-1738720639-4197107604-1001 - Administrator - Enabled) => C:\Users\bizap
DefaultAccount (S-1-5-21-2172335363-1738720639-4197107604-503 - Limited - Disabled)
Guest (S-1-5-21-2172335363-1738720639-4197107604-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2172335363-1738720639-4197107604-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
CanoScan 9000F Mark II Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9604) (Version:  - Canon Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 20.4.19 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
foobar2000 v0.9.5.2 (HKLM-x32\...\foobar2000) (Version: 0.9.5.2 - Peter Pawlowski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Java 8 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2172335363-1738720639-4197107604-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA Ovladač 3D Vision 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 376.53 (Version: 376.53 - NVIDIA Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SilverFast 8.8.0r6 (64bit) (HKLM-x32\...\SilverFast 8 x64) (Version: 8.8.0r6 - LaserSoft Imaging AG)
Spotify (HKU\S-1-5-21-2172335363-1738720639-4197107604-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
TIFF to JPG (HKLM-x32\...\{CA3F4C73-397E-4A3B-AF6F-92E7D3F69826}_is1) (Version:  - tifftojpg.com)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3161988) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E1C47F57-5CCA-4077-96A6-7BFD2A026ECD}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3161988) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E1C47F57-5CCA-4077-96A6-7BFD2A026ECD}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3161988) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E1C47F57-5CCA-4077-96A6-7BFD2A026ECD}) (Version:  - Microsoft)
UsbFix (HKLM-x32\...\Usbfix) (Version: 9.001 - www.SOSVirus.Net)
Vivaldi (HKU\S-1-5-21-2172335363-1738720639-4197107604-1001\...\Vivaldi) (Version: 1.7.735.46 - Vivaldi)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {23675A63-ADC2-4CF3-B6E0-6522D6ABC77F} - System32\Tasks\WindowsUpda2ta => C:\Users\bizap\AppData\Roaming\MICROSOFT\Microsoft Office 2013 Activator.vbs  <==== ATTENTION
Task: {48CCA43D-9C0E-41A2-978B-BF94FFD66929} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-19] (Dropbox, Inc.)
Task: {599C96EE-0503-4E30-A26E-572D4D87C101} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-31] (Google Inc.)
Task: {849A4287-3623-42D5-AD47-48DB825A7616} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-19] (Dropbox, Inc.)
Task: {8879F881-E59F-43A9-ACC5-BD04693D2DB7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {90BDC30C-0CC0-4687-AF05-DBAEAEDE0F71} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_205_pepper.exe [2016-10-29] (Adobe Systems Incorporated)
Task: {927FA01E-E70C-4B91-83F8-F3141EF1B9D2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {C8AE9A81-6DA8-4A9E-84DF-CA5C4DA92F3B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-31] (Google Inc.)
Task: {DF63410A-3DE0-46DA-A9BA-1094EE7B429F} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\bizap\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {FEEAB51F-393E-465D-9FFD-EAEC33354A8F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_205_pepper.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=13472&utm_medium=desktop&x-pos=Metro

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-16 08:41 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-26 04:06 - 2016-12-29 13:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-16 08:41 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-26 03:56 - 2016-11-26 03:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-14 09:45 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-14 09:45 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-14 09:45 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-14 09:45 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-14 09:45 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-14 09:45 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-23 13:55 - 2017-02-23 13:56 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-23 13:55 - 2017-02-23 13:56 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-23 13:55 - 2017-02-23 13:56 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 08:38 - 2017-02-06 08:38 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2016-09-14 14:16 - 2016-09-14 14:16 - 104713728 _____ () C:\Program Files\SilverFast Application\SilverFast 8\SilverFast 8.exe
2016-09-14 13:48 - 2016-09-14 13:48 - 00796160 _____ () C:\Program Files\SilverFast Application\SilverFast 8\libraw64.dll
2016-09-14 13:48 - 2016-09-14 13:48 - 00081408 _____ () C:\Program Files\SilverFast Application\SilverFast 8\z.1.2.8_64.dll
2016-09-14 13:48 - 2016-09-14 13:48 - 00055808 _____ () C:\Program Files\SilverFast Application\SilverFast 8\qtflickr64.dll
2016-09-14 13:48 - 2016-09-14 13:48 - 00134144 _____ () C:\Program Files\SilverFast Application\SilverFast 8\qtdropbox64.dll
2016-09-14 14:10 - 2016-09-14 14:10 - 18373120 _____ () C:\Program Files\SilverFast Application\SilverFast 8\scannercanonnewsdk.5.6.0.dll
2017-03-03 08:14 - 2017-03-03 08:15 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-03 08:14 - 2017-03-03 08:15 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-03 08:14 - 2017-03-03 08:15 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-08-06 12:06 - 2016-08-06 12:07 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-03 08:14 - 2017-03-03 08:15 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-03 08:14 - 2017-03-03 08:15 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-08-04 02:18 - 2016-08-04 02:18 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-09-24 10:43 - 2017-02-20 08:03 - 51777648 _____ () C:\Users\bizap\AppData\Roaming\Spotify\libcef.dll
2016-10-27 07:41 - 2017-02-20 08:02 - 00110192 _____ () C:\Users\bizap\AppData\Roaming\Spotify\SpotifyWinRT.dll
2017-02-28 08:07 - 2017-02-21 19:58 - 00802112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-01-12 17:52 - 2017-01-25 22:03 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-01-12 17:52 - 2017-01-25 22:03 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-01-12 17:50 - 2017-01-25 22:03 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-01-12 17:50 - 2017-02-21 20:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-01-12 17:50 - 2017-01-25 22:03 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-01-12 17:52 - 2017-01-25 22:04 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-02-28 08:07 - 2017-01-25 22:03 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-02-28 08:07 - 2017-01-25 22:04 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-02-28 08:07 - 2017-01-25 22:03 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-01-12 17:50 - 2017-01-25 22:06 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-01-12 17:50 - 2017-02-21 20:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00052544 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-01-12 17:50 - 2017-01-25 22:06 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-02-28 08:07 - 2017-01-25 22:03 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-02-28 08:07 - 2017-01-25 22:06 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-01-12 17:50 - 2017-01-25 22:06 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-01-12 17:50 - 2017-02-21 20:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-01-12 17:50 - 2017-01-25 22:06 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-01-12 17:52 - 2017-02-21 20:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-01-12 17:50 - 2017-01-25 22:06 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-01-12 17:50 - 2017-01-25 22:06 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-01-12 17:50 - 2017-01-25 22:06 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-01-12 17:50 - 2017-01-25 22:06 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-01-12 17:50 - 2017-01-25 22:06 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-01-12 17:50 - 2017-01-25 22:06 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-01-12 17:50 - 2017-01-25 22:06 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-01-12 17:52 - 2017-01-25 22:05 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-01-12 17:50 - 2017-01-25 22:06 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-01-12 17:50 - 2017-01-25 22:04 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-28 08:05 - 2017-02-21 20:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-01-12 17:52 - 2017-02-21 20:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-24 10:28 - 2017-02-21 20:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-01-12 17:50 - 2017-02-21 20:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-24 10:28 - 2017-02-21 20:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-24 10:28 - 2017-02-21 20:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-24 10:28 - 2017-02-21 20:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-01-12 17:52 - 2017-01-25 22:06 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-01-12 17:52 - 2017-02-21 20:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-02-28 08:07 - 2017-01-25 22:01 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-02-28 08:07 - 2017-02-21 20:01 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-02-28 08:07 - 2017-01-27 03:02 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-02-28 08:07 - 2017-02-21 20:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-02-28 08:07 - 2017-01-25 22:11 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-02-28 08:07 - 2017-01-25 22:11 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-02-28 08:07 - 2017-02-21 20:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-01-12 17:50 - 2017-01-25 22:06 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-01-12 17:52 - 2017-02-21 20:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-02-28 08:07 - 2017-02-21 20:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-02-11 10:08 - 2017-02-07 20:28 - 01928824 _____ () C:\Users\bizap\AppData\Local\Vivaldi\Application\1.7.735.46\libglesv2.dll
2017-02-11 10:08 - 2017-02-07 20:28 - 00087160 _____ () C:\Users\bizap\AppData\Local\Vivaldi\Application\1.7.735.46\libegl.dll
2016-09-24 10:43 - 2017-02-20 08:02 - 01803888 _____ () C:\Users\bizap\AppData\Roaming\Spotify\libglesv2.dll
2016-09-24 10:43 - 2017-02-20 08:02 - 00086128 _____ () C:\Users\bizap\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2172335363-1738720639-4197107604-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bizap\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{71E9EE95-ED78-4355-9B1E-69B3E065A7BA}C:\users\bizap\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bizap\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{EC40A7B7-518D-4678-8CB1-233C6478DA3A}C:\users\bizap\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bizap\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{829BB0A0-7C79-4CAD-9F5E-D57FD011F043}E:\programy\office proplus 2013  (x86 and x64)\office 2013 kmsmicro activator v3.10\kmsmicro v3.10\qemu\qemu.exe] => (Block) E:\programy\office proplus 2013  (x86 and x64)\office 2013 kmsmicro activator v3.10\kmsmicro v3.10\qemu\qemu.exe
FirewallRules: [TCP Query User{095B3AD5-8BD0-42DC-B239-AA95ED801767}E:\programy\office proplus 2013  (x86 and x64)\office 2013 kmsmicro activator v3.10\kmsmicro v3.10\qemu\qemu.exe] => (Block) E:\programy\office proplus 2013  (x86 and x64)\office 2013 kmsmicro activator v3.10\kmsmicro v3.10\qemu\qemu.exe
FirewallRules: [UDP Query User{B5298FE6-43F4-4201-BAA4-98A550707E47}C:\users\bizap\desktop\kmsmicro v3.10\kmsmicro v3.10\qemu\qemu.exe] => (Block) C:\users\bizap\desktop\kmsmicro v3.10\kmsmicro v3.10\qemu\qemu.exe
FirewallRules: [TCP Query User{59C0E957-4EA1-4CF7-8227-94F6994319D1}C:\users\bizap\desktop\kmsmicro v3.10\kmsmicro v3.10\qemu\qemu.exe] => (Block) C:\users\bizap\desktop\kmsmicro v3.10\kmsmicro v3.10\qemu\qemu.exe
FirewallRules: [{FA32025D-4BB3-4F61-92CE-3B70AE12EA26}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{98FF3730-318C-484C-AB8E-3909D500FFBA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{014552C3-C7AE-4B08-B04F-BDF989EECFFE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{EAE3CC58-4315-4EFA-8772-A64A581023DD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [TCP Query User{00B94ACB-6005-4097-8022-BA550EA51B9E}C:\users\bizap\appdata\local\vivaldi\application\vivaldi.exe] => (Allow) C:\users\bizap\appdata\local\vivaldi\application\vivaldi.exe
FirewallRules: [UDP Query User{8C80F12E-2795-4D6A-BC09-2C34E76EFC03}C:\users\bizap\appdata\local\vivaldi\application\vivaldi.exe] => (Allow) C:\users\bizap\appdata\local\vivaldi\application\vivaldi.exe
FirewallRules: [{CD973EBA-0BC4-4A49-91DA-1DBE9A299B4D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E9921FF4-401B-4149-9848-CD0BBAFF05EA}] => (Allow) C:\Users\bizap\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{94F9E4E4-758F-4412-ACCB-25F03F9A88E4}] => (Allow) C:\Users\bizap\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{55CB6105-FDE2-4883-8596-ADB1C6616F38}] => (Allow) C:\Users\bizap\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BF163FDF-C1AF-4905-A81D-AA9339B19521}] => (Allow) C:\Users\bizap\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5E56618B-CE98-43AA-BC50-AFA22E813D35}] => (Allow) C:\Users\bizap\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9E1B820C-5BE1-42E3-89F9-2B1A21045FE7}] => (Allow) C:\Users\bizap\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{64D4FA38-D782-40BB-B19A-D51804E4DA13}C:\users\bizap\appdata\local\vivaldi\application\vivaldi.exe] => (Allow) C:\users\bizap\appdata\local\vivaldi\application\vivaldi.exe
FirewallRules: [UDP Query User{2D39344F-A44C-42E3-9B5D-1B225F153348}C:\users\bizap\appdata\local\vivaldi\application\vivaldi.exe] => (Allow) C:\users\bizap\appdata\local\vivaldi\application\vivaldi.exe
FirewallRules: [{5943269F-4734-4827-8CD1-7D4926A69C2B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Description: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (03/05/2017 10:27:29 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/04/2017 08:37:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_stisvc, verze: 10.0.14393.0, časové razítko: 0x57899b1c
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.479, časové razítko: 0x5825887f
Kód výjimky: 0xc0000008
Posun chyby: 0x00000000000a9d2a
ID chybujícího procesu: 0x2724
Čas spuštění chybující aplikace: 0x01d294ba206648b4
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 041710e5-f09b-4a06-aa9a-1761508c48f9
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/04/2017 07:46:17 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/03/2017 07:42:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.82, časové razítko: 0x57a55786
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000604
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x2324
Čas spuštění chybující aplikace: 0x01d2944ddfde4742
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 8b0c5862-1534-4508-b262-1b1450a4a74c
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (03/03/2017 07:42:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.82, časové razítko: 0x57a55786
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000604
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x2324
Čas spuštění chybující aplikace: 0x01d2944ddfde4742
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 70fb5888-5a11-4035-b8ab-6cced42acd83
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (03/03/2017 08:13:33 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/01/2017 08:35:42 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/28/2017 08:36:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-4AOMQ6O)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/28/2017 08:05:41 AM) (Source: DbxSvc) (EventID: 270) (User: )
Description: (-2145452013) Systém nenalezl určený filtr.

Error: (02/28/2017 08:04:55 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (03/04/2017 09:23:15 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (03/04/2017 09:23:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2017 08:37:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Načítání obrázků (WIA) byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/04/2017 07:43:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 a APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2017 10:43:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2017 09:26:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 a APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2017 09:25:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2017 09:25:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/03/2017 09:25:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (03/03/2017 09:15:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4AOMQ6O)
Description: Server {0002DF02-0000-0000-C000-000000000046} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================
  Date: 2017-03-04 08:24:53.580
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 08:33:07.939
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-17 21:21:56.335
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-15 09:17:58.280
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-15 17:25:15.276
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-23 08:20:26.195
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-18 10:33:59.008
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-29 12:10:08.567
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 69%
Total physical RAM: 4093.55 MB
Available physical RAM: 1263.5 MB
Total Virtual: 5994.8 MB
Available Virtual: 1239.14 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.12 GB) (Free:50.95 GB) NTFS
Drive d: (ESD-USB) (Removable) (Total:7.48 GB) (Free:4.95 GB) FAT32
Drive e: () (Fixed) (Total:833.86 GB) (Free:731.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 22DB91D3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7.5 GB) (Disk ID: CF4E7CA6)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0C)

==================== End of Addition.txt ============================