Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Maverick (25-03-2017 12:36:43)
Running from C:\Users\Maverick\Desktop
Windows 10 Pro Version 1607 (X64) (2017-01-11 11:42:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4098470848-2151582029-2812650841-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4098470848-2151582029-2812650841-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4098470848-2151582029-2812650841-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-4098470848-2151582029-2812650841-501 - Limited - Disabled)
Maverick (S-1-5-21-4098470848-2151582029-2812650841-1001 - Administrator - Enabled) => C:\Users\Maverick

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4098470848-2151582029-2812650841-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Aerosoft's - Mega Airport Prag - PREPAR3D V3.x (HKLM-x32\...\Mega Airport Prag - PREPAR3D V3.x) (Version: 1.05 - Aerosoft)
Aktualizace NVIDIA 23.23.0.0 (Version: 23.23.0.0 - NVIDIA Corporation) Hidden
amulesw (HKLM-x32\...\{7CC4BD9A-10F3-432B-A037-AE9FCE1F9B64}) (Version: 1.0.8 - amules) <==== ATTENTION
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.6.0000 - Asmedia Technology)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
B1900D HD SERIES FSX/P3D (HKLM-x32\...\B1900D HD SERIES FSX/P3D) (Version: 1.00.00.00 - Carenado)
Carenado SR22T HD SERIES FSX/P3D (HKLM-x32\...\Carenado SR22T HD SERIES FSX/P3D) (Version: 1.00.00.00 - Carenado)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Flight1 King Air B200 for P3D (HKLM-x32\...\Flight1 King Air B200 for P3D1.6) (Version: 1.6 - Flight One Software)
FsPassengersP3D for Prepar3D (HKLM-x32\...\FsPassengersP3D) (Version: 20170211 - SecondReality Software)
FTX Global Base Pack (HKLM-x32\...\FTX Global Base Pack1.40) (Version: 1.40 - Orbx Simulation Systems Pty Ltd)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
James Cameron's AVATAR(tm): THE GAME (HKLM-x32\...\{7E19B002-4CA3-4C9F-BA92-91D101B97219}) (Version: 1.01.00 - Ubisoft)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
jetAudio Basic (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.1.0 - COWON)
LFMD Cannes P3D version 1.01 (HKLM-x32\...\{291EB439-E619-45E0-8276-10D670265F3F}_is1) (Version: 1.01 - LMT SIMULATION)
Microsoft Flight Simulator SimConnect Client v10.0.60905.0 (HKLM-x32\...\{D1AC9B0B-2727-4811-91DC-1FC3C4E47A9B}) (Version: 10.0.60905.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61242.0 (HKLM-x32\...\{85DF6786-66AA-42EE-8616-AE456B07BD99}) (Version: 10.0.61242.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4098470848-2151582029-2812650841-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpusFSI for FSX, FSX-SE, and Prepar3D Flight Simulators (HKLM-x32\...\{2B80493B-5263-4289-9E61-75786C2F40F2}) (Version: 4.50.2 - Opus Software Limited)
Ovládací panel NVIDIA 378.66 (Version: 378.66 - NVIDIA Corporation) Hidden
PC12 FSX/P3D (HKLM-x32\...\PC12 FSX/P3D) (Version: ${PRODUCT_VERSION} - Carenado)
Prepar3D v3 Academic (HKLM-x32\...\{7a078c14-0169-4c38-9659-6caf49dcc20d}) (Version: 3.4.22.19868 - Lockheed Martin)
Prepar3D v3 Academic Client (HKLM-x32\...\{213CD124-D688-436D-9BD8-FFB56DC830BE}) (Version: 3.4.22.19868 - Lockheed Martin)
Prepar3D v3 Content (HKLM-x32\...\{CE8E65FC-9BE3-438A-8449-BCD5E8ACC6BE}) (Version: 3.4.22.19868 - Lockheed Martin)
Prepar3D v3 Scenery (HKLM-x32\...\{3F2CF900-1437-4F93-9ABF-07B8B80E37DA}) (Version: 3.4.22.19868 - Lockheed Martin)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7560 - Realtek Semiconductor Corp.)
REX 4 - Texture Direct (with Soft Clouds) (HKLM-x32\...\{A6683ACB-C41B-4977-87A6-4577C83DABCD}) (Version: 4.4.2015.0115 - REX Game Studios, LLC.)
SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
SPAD v0.5.1 (HKLM-x32\...\{4855F170-260D-4AF7-AD85-7342D61926A9}_is1) (Version:  - Massimo De Nadal)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com)
UK2000 Common Library P3D  (HKLM-x32\...\UK2000 Common Library P3D) (Version: 3.35 - UK2000 Scenery)
Vagar Airport Reloaded - P3D (HKLM-x32\...\Vagar Airport Reloaded - P3D) (Version: 1.3 - Azurafiles)
Vietcong & Vietcong: Fist Alpha (HKLM-x32\...\{DCF5C463-BD5C-4982-91F9-2C3F8F9E9C88}) (Version: 1.06 - )
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinSnare (HKLM-x32\...\{7AC6FFC5-B011-4452-A0B7-58065AAD2932}) (Version: 4.3.7 - WinSnare) <==== ATTENTION
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version:  - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04508376-E9B6-46E7-B0FB-D75C52E5171A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {1D71E59E-CEBB-407D-A3F4-7CB78B5F212A} - System32\Tasks\SafeZone scheduled Autoupdate 1484136095 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software)
Task: {20AB279F-F3CE-4EFB-9038-79384BA131E7} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
Task: {27CDB0D4-9AE8-495B-9397-D4054F22263B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation)
Task: {40E46576-B918-4D96-AF7B-AF281DB507C5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
Task: {6CD2C642-F5A0-463A-AE9D-AC3925838198} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-12] (AVAST Software)
Task: {80C47B3C-57B3-4C8D-8CD8-30D3B83B2CB5} - System32\Tasks\Saaleruherty Core => C:\Program Files (x86)\Anerhspchpiry\drbose.exe 
Task: {86CE9E49-1660-4DE0-8033-A9F35D228D40} - System32\Tasks\{F087DDD5-4056-47D2-80B6-B24191C30CD2} => pcalua.exe -a "K:\Crimson Skies\crimson.exe" -d "K:\Crimson Skies"
Task: {9087120B-3967-4DA0-AF35-E9F9C8B44A9E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {933FF198-1299-442C-AADB-3F3032015186} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-11] (Google Inc.)
Task: {A866EB38-E3CD-4576-915C-603FF8E822C3} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {D25C6AC9-A366-4F30-87E6-60108978302B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {EC64F659-4066-459D-BAAB-3919E7FC039B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-11] (Google Inc.)
Task: {FA00FF5C-A76B-44B1-A676-67E49ED572BA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-10] (AVAST Software)
Task: {FA13F780-2AAB-4EA1-9905-028316983C19} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Maverick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-03-15 15:21 - 2017-03-04 08:19 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2017-01-11 12:53 - 2017-02-09 23:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-12 14:42 - 2017-03-12 14:42 - 00308736 _____ () C:\Program Files (x86)\Saaleruherty Core\local64spl.dll
2017-03-15 15:21 - 2017-03-04 08:19 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2017-01-11 15:46 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 15:21 - 2017-03-04 07:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 13:12 - 2017-01-20 19:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 13:12 - 2017-01-20 19:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-15 15:21 - 2017-03-04 07:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 15:21 - 2017-03-04 07:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 15:21 - 2017-03-04 07:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-15 15:21 - 2017-03-04 07:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-15 15:21 - 2017-03-04 07:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-25 09:56 - 2017-03-16 05:11 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\libglesv2.dll
2017-03-25 09:56 - 2017-03-16 05:11 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\libegl.dll
2017-03-13 16:10 - 2017-03-13 16:10 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-13 16:10 - 2017-03-13 16:10 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-13 16:10 - 2017-03-13 16:10 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-13 16:10 - 2017-03-13 16:10 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2017-03-03 07:51 - 2017-03-03 07:51 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-03 07:51 - 2017-03-03 07:51 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-03 07:51 - 2017-03-03 07:51 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-01-11 13:42 - 2017-01-11 13:42 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-03 07:51 - 2017-03-03 07:51 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-03 07:51 - 2017-03-03 07:51 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-07-16 23:34 - 2016-07-16 23:34 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-03-16 18:11 - 2016-05-23 03:37 - 00065696 ____N () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll
2017-01-11 13:12 - 2017-01-20 19:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-11 13:12 - 2017-01-20 19:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-11 13:12 - 2017-01-20 19:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-16 18:11 - 2016-05-23 03:37 - 00179200 ____N () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll
2017-03-10 23:32 - 2017-03-10 23:32 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-11 13:00 - 2017-01-11 13:00 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-10 23:32 - 2017-03-10 23:32 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-03-10 23:32 - 2017-03-10 23:32 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-01-11 13:12 - 2017-01-20 19:38 - 64245184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-01-11 13:12 - 2017-01-20 14:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-01-11 13:12 - 2017-01-20 14:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-01-11 13:12 - 2017-01-20 14:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-01-11 13:12 - 2017-01-20 14:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-01-11 13:12 - 2017-01-20 14:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-01-11 13:12 - 2017-01-20 14:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2017-01-11 13:12 - 2017-01-20 14:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2017-01-11 13:12 - 2017-01-20 14:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2015-07-06 20:36 - 2015-07-06 20:36 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2016-07-16 12:45 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4098470848-2151582029-2812650841-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{7EDCF3AA-2A16-4EE3-AE11-10E26404B6CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{B8FAE245-A383-4343-8DCC-1AEE18172C37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{67BB73DF-B36F-4E13-8987-F8B0DF27735B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6136CE27-1B1B-4A64-A782-961DE49CC52B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A67ECCA5-11B1-4B38-B9C8-328D6FF77EB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4B47E620-1EA0-4701-B71F-C9814D8ACF6D}] => (Allow) C:\Users\Maverick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A41DC28B-363E-4D84-B2F4-FC86F6422C83}] => (Allow) C:\Users\Maverick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FAC758FB-6096-4080-B1A9-FCAC73691562}] => (Allow) C:\Users\Maverick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EEAA66F5-7B71-40F1-8AF9-0C7F27BED7B5}] => (Allow) C:\Users\Maverick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D76EB113-F365-48D8-BE36-3999706EA3B6}] => (Allow) C:\Users\Maverick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{233737A8-226D-4AF2-86EB-D6D4DA8DE52D}] => (Allow) C:\Users\Maverick\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{76D5B6A5-8139-4003-A14B-1113AC84E9C3}] => (Allow) C:\REX Texture Direct\rextexturedirect.exe
FirewallRules: [{78B2B293-9D2F-49FE-A928-1CB485BAABAA}] => (Allow) C:\OpusFSI\FSISERVER.EXE
FirewallRules: [{E71BAB69-35B7-4C1A-93A8-A5EDD12E0F8B}] => (Allow) C:\OpusFSI\FSISERVER.EXE
FirewallRules: [{CE60C478-0F66-440F-9189-4153FF609164}] => (Allow) C:\OpusFSI\FSISERVER.EXE
FirewallRules: [{1E974B12-FE90-4D68-9765-B910AC36FF78}] => (Allow) C:\OpusFSI\FSISERVER.EXE
FirewallRules: [{A8C9FC20-3DBC-4882-AA40-280D5B888A5A}] => (Allow) C:\OpusFSI\GRIB\degrib.exe
FirewallRules: [{8C7007FE-9F51-4B46-A2BE-EED025AFDE72}] => (Allow) C:\OpusFSI\GRIB\degrib.exe
FirewallRules: [{8AC9843B-D39D-4A75-97D1-4C756203814B}] => (Allow) C:\OpusFSI\GRIB\degrib.exe
FirewallRules: [{21F5DFD7-2E86-42AC-874B-AB2BA513EC43}] => (Allow) C:\OpusFSI\GRIB\degrib.exe
FirewallRules: [{FAD66CDE-EE96-4AA8-972D-A073A283600A}] => (Allow) K:\GOG Games\The Saboteur\Saboteur.exe
FirewallRules: [{E6F8EB1B-5D69-4D85-A796-5E4B9B70D832}] => (Allow) K:\GOG Games\The Saboteur\Saboteur.exe
FirewallRules: [{BC7E8BB5-E89A-4234-A614-FF760DF9BA3B}] => (Allow) K:\GOG Games\The Saboteur\Saboteur.exe
FirewallRules: [{7B508AF0-D946-4713-A534-F99018BAF882}] => (Allow) K:\GOG Games\The Saboteur\Saboteur.exe
FirewallRules: [TCP Query User{53476E33-92ED-4DC7-8E10-E07D50C05DA2}C:\program files (x86)\lockheed martin\prepar3d v3\prepar3d.exe] => (Allow) C:\program files (x86)\lockheed martin\prepar3d v3\prepar3d.exe
FirewallRules: [UDP Query User{B188735A-6116-4510-9CEA-12C8BCDBB26B}C:\program files (x86)\lockheed martin\prepar3d v3\prepar3d.exe] => (Allow) C:\program files (x86)\lockheed martin\prepar3d v3\prepar3d.exe
FirewallRules: [{1842953A-4F89-4F5E-9A85-0C809DF13D0B}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
FirewallRules: [{73CA6D10-AEDD-42F8-AA54-2C6F94957E58}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
FirewallRules: [{C2B45CCA-00B5-4F32-B0ED-73A101723892}] => (Allow) C:\Program Files (x86)\Hipmy\Application\chrome.exe
FirewallRules: [{7D49F19B-9EA0-4C77-8BF3-216C5CF200C5}] => (Allow) K:\James Cameron's AVATAR - THE GAME\bin\Avatar.exe
FirewallRules: [{B777731B-243C-4B5C-A118-E89586C391DD}] => (Allow) K:\James Cameron's AVATAR - THE GAME\bin\Avatar.exe
FirewallRules: [{62752B73-4A58-4DF0-A256-8C953993E384}] => (Allow) K:\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe
FirewallRules: [{F6F643D6-E6B6-4C9B-B3C8-41838D14D55C}] => (Allow) K:\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe
FirewallRules: [{AC338D99-0150-4394-A363-C7E0D4EAC729}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{973DDBB8-7073-42F1-9668-9A96D8ABCC11}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{B32F99BA-C98C-4AE3-8BA2-3DEBCD029B3E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

25-03-2017 09:58:29 Removed deskapp

==================== Faulty Device Manager Devices =============

Name: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Description: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/25/2017 09:58:30 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (03/25/2017 09:56:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.953, časové razítko: 0x58ba5911
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000604
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x2428
Čas spuštění chybující aplikace: 0x01d2a545a6cfc0a4
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 3a34f6d4-a3ae-4b05-80e8-4147b993aac9
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (03/25/2017 09:56:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.953, časové razítko: 0x58ba5911
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000604
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x2428
Čas spuštění chybující aplikace: 0x01d2a545a6cfc0a4
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 6933cbcb-91e4-4ef6-bbe3-2ef803a0364a
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (03/22/2017 02:49:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (03/20/2017 07:31:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Prepar3D.exe verze 3.4.14.18870 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 26b0

Čas spuštění: 01d2a13f1bf145ee

Čas ukončení: 37

Cesta k aplikaci: C:\Program Files (x86)\Lockheed Martin\Prepar3D v3\Prepar3D.exe

ID hlášení: cd31c89c-0d36-11e7-b566-d050995a358e

Úplný název balíčku s chybou: 

ID aplikace související s balíčkem s chybou:

Error: (03/19/2017 02:25:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service Kyubey since QueryServiceConfig API failed

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (03/19/2017 02:25:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (03/19/2017 10:22:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-9M7RES2)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/17/2017 05:48:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service Apple Devices Service since QueryServiceConfig API failed

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (03/17/2017 05:48:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.


System errors:
=============
Error: (03/25/2017 11:39:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba YAC Kit Driver neuspěla při spuštění v důsledku následující chyby: 
Požadavek není podporován.

Error: (03/25/2017 11:39:39 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 a APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/25/2017 11:39:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba iSafeKrnlKit neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (03/25/2017 11:39:39 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9M7RES2)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 a APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 uživateli DESKTOP-9M7RES2\Maverick (SID: S-1-5-21-4098470848-2151582029-2812650841-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/25/2017 11:39:38 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9M7RES2)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 a APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 uživateli DESKTOP-9M7RES2\Maverick (SID: S-1-5-21-4098470848-2151582029-2812650841-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/25/2017 11:39:38 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9M7RES2)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 a APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 uživateli DESKTOP-9M7RES2\Maverick (SID: S-1-5-21-4098470848-2151582029-2812650841-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/25/2017 11:39:38 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9M7RES2)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 a APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 uživateli DESKTOP-9M7RES2\Maverick (SID: S-1-5-21-4098470848-2151582029-2812650841-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/25/2017 11:39:38 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-9M7RES2)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 a APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 uživateli DESKTOP-9M7RES2\Maverick (SID: S-1-5-21-4098470848-2151582029-2812650841-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/25/2017 11:39:36 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: P:\Device\HarddiskVolume132

Error: (03/25/2017 11:38:46 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================
  Date: 2017-03-25 12:22:37.062
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-03-25 11:44:42.709
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-03-25 10:13:48.922
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-03-25 09:56:13.290
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-03-25 09:56:12.000
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-03-25 09:54:24.134
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-03-25 09:46:57.100
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-03-25 07:47:35.922
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-03-24 17:12:16.203
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2017-03-24 16:04:43.020
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 17%
Total physical RAM: 16326.49 MB
Available physical RAM: 13452.62 MB
Total Virtual: 18758.49 MB
Available Virtual: 15700.49 MB

==================== Drives ================================

Drive c: (SYSTEM/SIM) (Fixed) (Total:232.44 GB) (Free:3.16 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Místní disk) (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
Drive e: (OS) (Fixed) (Total:922.35 GB) (Free:43.94 GB) NTFS
Drive f: (HP_RECOVERY) (Fixed) (Total:9.06 GB) (Free:1.08 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (Code of Conduct) (CDROM) (Total:0.2 GB) (Free:0 GB) UDF
Drive i: () (Fixed) (Total:146.48 GB) (Free:17.6 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive j: () (Fixed) (Total:19.53 GB) (Free:14.61 GB) NTFS
Drive k: (Nový svazek) (Fixed) (Total:299.74 GB) (Free:54.76 GB) NTFS
Drive p: (SAMSUNG) (Fixed) (Total:596.17 GB) (Free:22.81 GB) NTFS
Drive t: (AVATAR) (CDROM) (Total:3.62 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: CF3518E9)
Partition 1: (Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 04AE9035)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=922.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.1 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6D303660)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=299.7 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.

========================================================
Disk: 7 (Size: 596.2 GB) (Disk ID: 3AC8D3C6)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================