Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-04-2015 04 Ran by Haneczka at 2015-04-16 13:07:14 Running from C:\Users\Hania\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.8 - ASUS) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of Might and Magic III - Złota Edycja (HKLM-x32\...\Heroes of Might and Magic III - Złota Edycja_is1) (Version: - ) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation) K-Lite Mega Codec Pack 10.6.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.0 - ) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Mozilla Firefox 37.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 pl)) (Version: 37.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NVIDIA Oprogramowanie systemu PhysX 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation) NVIDIA Sterownik graficzny 332.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.28 - NVIDIA Corporation) Pakiet sterowników systemu Windows - ASUS (ATP) Mouse (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS) Panel sterowania NVIDIA 332.28 (Version: 332.28 - NVIDIA Corporation) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7156 - Realtek Semiconductor Corp.) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - ) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Vit Registry Fix 9.5.9 (remove only) (HKLM\...\Vit Registry Fix) (Version: - VITSOFT) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.) WinRAR 5.10 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 02-04-2015 23:46:23 Zaplanowany punkt kontrolny 07-04-2015 10:41:54 Operacja przywracania 10-04-2015 17:27:06 Removed AVG 2015 14-04-2015 16:59:39 Windows Update 16-04-2015 12:27:21 Removed Facebook Video Calling 3.1.0.521 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0A0145D5-5356-4D2B-B595-AFC72A8FA8F6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated) Task: {2F0A6DD7-A1E4-47BC-A118-E2A05B8312D4} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {42BDBE32-8DE5-4255-8CBD-63432D30A430} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {52E1F1F9-7BDC-4F09-B50D-6E837F2F3B72} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {5E5C5FD3-0049-459C-AB9A-FC0B9790A21D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.) Task: {621A4CBF-E7DD-414C-88EA-19ECD414EE18} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation) Task: {7B61695A-0961-433F-A2F8-C37A7E04EFED} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-12-12] (AsusTek) Task: {8856751A-C3FE-4112-AC01-55FDA82EFB02} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.) Task: {8FDE39BB-6871-44B9-8A92-D4A8F7BBFC81} - System32\Tasks\Gamma Task Menager Cleaner => C:\Program Files (x86)\Gamma Task Menager\ gtrsecure.exe [2015-04-04] (SecureSoft) Task: {98860CB4-7439-46A5-AFDB-FF3D1BDF2971} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {A96C207B-3468-4711-8462-31ABF5FB52B5} - System32\Tasks\Win Installer => C:\Users\Hania\AppData\Local\Updater\winupd.exe Task: {E9725D31-08E3-46B1-8A56-4F2333EAB58E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3708558119-1453270157-3961042179-1001Core1cff483feb0af8a.job => C:\Users\Hania\AppData\Local\Facebook\Update\FacebookUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2014-07-16 17:29 - 2013-12-24 22:49 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-11-25 17:26 - 2014-11-25 17:26 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll 2015-04-10 17:51 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-04-10 17:51 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2015-04-10 17:51 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-04-10 17:51 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2015-04-10 17:51 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2014-07-16 17:13 - 2013-10-23 13:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Hania\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3708558119-1453270157-3961042179-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hania\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta z Przeglądarki fotografii systemu Windows.jpg DNS Servers: 62.179.1.61 - 62.179.1.63 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKU\S-1-5-21-3708558119-1453270157-3961042179-1001\...\StartupApproved\Run: => "DAEMON Tools Lite" ==================== Accounts: ============================= Administrator (S-1-5-21-3708558119-1453270157-3961042179-500 - Administrator - Disabled) Gość (S-1-5-21-3708558119-1453270157-3961042179-501 - Limited - Disabled) Haneczka (S-1-5-21-3708558119-1453270157-3961042179-1001 - Administrator - Enabled) => C:\Users\Hania ==================== Faulty Device Manager Devices ============= Name: USB2.0-CRW Description: USB2.0-CRW Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/16/2015 00:52:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: HANECZKA) Description: Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=254, identyfikator autora=311, identyfikator dostawcy=14122, typ dostawcy=1 Error: (04/16/2015 00:52:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: HANECZKA) Description: Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=254, identyfikator autora=311, identyfikator dostawcy=14122, typ dostawcy=1 Error: (04/16/2015 00:52:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: HANECZKA) Description: Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=254, identyfikator autora=311, identyfikator dostawcy=14122, typ dostawcy=1 Error: (04/16/2015 00:33:49 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: HANECZKA) Description: Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=254, identyfikator autora=311, identyfikator dostawcy=14122, typ dostawcy=1 Error: (04/16/2015 00:33:49 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: HANECZKA) Description: Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=254, identyfikator autora=311, identyfikator dostawcy=14122, typ dostawcy=1 Error: (04/16/2015 00:33:49 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: HANECZKA) Description: Pomijanie: nie można zweryfikować Eap method DLL path. Błąd: identyfikator typu=254, identyfikator autora=311, identyfikator dostawcy=14122, typ dostawcy=1 Error: (04/16/2015 00:27:46 PM) (Source: MsiInstaller) (EventID: 11316) (User: HANECZKA) Description: Product: Facebook Video Calling 3.1.0.521 -- Error 1316. Określone konto już istnieje. Error: (04/13/2015 08:09:38 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (04/12/2015 11:03:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: gtrsecure.exe, wersja: 1.1.0.0, sygnatura czasowa: 0x55154774 Nazwa modułu powodującego błąd: gtrsecure.exe, wersja: 1.1.0.0, sygnatura czasowa: 0x55154774 Kod wyjątku: 0xc0000409 Przesunięcie błędu: 0x0000f9f2 Identyfikator procesu powodującego błąd: 0xd10 Godzina uruchomienia aplikacji powodującej błąd: 0x gtrsecure.exe0 Ścieżka aplikacji powodującej błąd: gtrsecure.exe1 Ścieżka modułu powodującego błąd: gtrsecure.exe2 Identyfikator raportu: gtrsecure.exe3 Pełna nazwa pakietu powodującego błąd: gtrsecure.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: gtrsecure.exe5 Error: (04/12/2015 07:42:22 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 System errors: ============= Error: (04/16/2015 01:01:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/16/2015 01:01:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) ME Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/16/2015 01:01:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/16/2015 01:01:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Spybot-S&D 2 Security Center Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/16/2015 01:01:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Spybot-S&D 2 Updating Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/16/2015 01:01:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Spybot-S&D 2 Scanner Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/16/2015 01:01:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/16/2015 01:01:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Platform and Thermal Framework Critical Service Application niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/16/2015 01:01:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (04/16/2015 01:01:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Microsoft Office Sessions: ========================= Error: (04/16/2015 00:52:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: HANECZKA) Description: Eap method DLL path254311141221 Error: (04/16/2015 00:52:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: HANECZKA) Description: Eap method DLL path254311141221 Error: (04/16/2015 00:52:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: HANECZKA) Description: Eap method DLL path254311141221 Error: (04/16/2015 00:33:49 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: HANECZKA) Description: Eap method DLL path254311141221 Error: (04/16/2015 00:33:49 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: HANECZKA) Description: Eap method DLL path254311141221 Error: (04/16/2015 00:33:49 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: HANECZKA) Description: Eap method DLL path254311141221 Error: (04/16/2015 00:27:46 PM) (Source: MsiInstaller) (EventID: 11316) (User: HANECZKA) Description: Product: Facebook Video Calling 3.1.0.521 -- Error 1316. Określone konto już istnieje. (NULL)(NULL)(NULL)(NULL)(NULL) Error: (04/13/2015 08:09:38 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (04/12/2015 11:03:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: gtrsecure.exe1.1.0.055154774 gtrsecure.exe1.1.0.055154774c00004090000f9f2d1001d0754748c5801bC:\Program Files (x86)\Gamma Task Menager\ gtrsecure.exeC:\Program Files (x86)\Gamma Task Menager\ gtrsecure.exe6693bd7a-e157-11e4-8276-8086f25ba2ce Error: (04/12/2015 07:42:22 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 CodeIntegrity Errors: =================================== Date: 2015-04-12 20:31:32.420 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-12 20:31:32.123 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-03-13 12:36:50.413 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-03-13 12:36:50.131 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-03-05 21:30:03.392 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-03-05 21:30:03.235 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-18 14:40:36.859 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-18 14:40:36.640 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-16 11:40:58.803 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-16 11:40:58.553 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz Percentage of memory in use: 19% Total physical RAM: 8075.27 MB Available physical RAM: 6499.52 MB Total Pagefile: 16267.27 MB Available Pagefile: 14611.86 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.42 GB) (Free:367.65 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B05CD80C) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS) ==================== End Of Log ============================