﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by Marienka (2016-02-13 17:07:28)
Running from C:\Users\Dávid\Desktop
Windows 8.1 (X64) (2015-05-22 21:46:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3658503805-2194808240-3863320045-500 - Administrator - Disabled)
Guest (S-1-5-21-3658503805-2194808240-3863320045-501 - Limited - Disabled)
Marienka (S-1-5-21-3658503805-2194808240-3863320045-1001 - Administrator - Enabled) => C:\Users\Dávid

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 7.2.0.1021 - 360 Security Center)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
ĂŔÍĽäŻŔŔ (HKLM-x32\...\ĂŔÍĽäŻŔŔ) (Version:  - )
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0036 - ASUS)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
F4200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
F4200_NCL_Help (x32 Version: 110.0.206.000 - Hewlett-Packard) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 sk) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 sk)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Opera Stable 35.0.2066.37 (HKLM-x32\...\Opera 35.0.2066.37) (Version: 35.0.2066.37 - Opera Software)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7224 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Driver Package - ASUS (ATP) Mouse  (03/18/2014 6.0.0.35) (HKLM\...\DAA6E0EEB715139C1CEA332C78AB4609FB3C211B) (Version: 03/18/2014 6.0.0.35 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3658503805-2194808240-3863320045-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {100ED310-8196-4EE5-8B19-E4C508D4E48F} - System32\Tasks\Opera scheduled Autoupdate 1432331819 => C:\Program Files (x86)\Opera\launcher.exe [2016-02-01] (Opera Software)
Task: {14C97F69-0588-43C0-9BB8-4BEB44EEF75C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {1D143EA2-8109-4BA2-8406-068D05DA8CA4} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {1DCA3FE4-5FBB-4486-B9EA-7F461EE57FFE} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {255635A0-852D-4370-A0A8-C0AD3A34CE82} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-13] (Adobe Systems Incorporated)
Task: {333134A9-6357-4223-A524-7932AB937D0A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe [2016-02-13] (Adobe Systems Incorporated)
Task: {404D4DA1-7849-4C2C-B7B2-C4A7440B48C8} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15] (Realtek Semiconductor)
Task: {6229DD90-0168-4A83-9563-35D259EC99E4} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {6F6A5F79-91C6-4D2E-B264-E62BA6E6086F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {70349DE0-952A-4CD3-8B62-E24AB943B636} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-02-13] (Microsoft Corporation)
Task: {87FCFEEE-4E6F-4DAB-8FAB-E4C3E1640B26} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10] (Realtek Semiconductor)
Task: {A35E7157-3FDC-471F-ABA1-29F472736867} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)
Task: {A8541F52-0A4E-436B-A03A-143A6952C0BA} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {E20FD4EA-00A9-44E8-B6F3-60C819E8B441} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {EC096D9D-85B4-4538-BC32-9E783666B1AE} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {ED859D2E-65F9-4144-A3CF-7AD743913D63} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-06-28 20:15 - 2015-09-21 06:29 - 00613968 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2014-02-25 22:14 - 2014-02-25 22:14 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-25 22:11 - 2014-02-25 22:11 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-25 22:17 - 2014-02-25 22:17 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-06-28 20:15 - 2015-09-21 06:29 - 01032312 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
2015-06-28 20:15 - 2015-09-21 06:29 - 01597560 _____ () C:\Program Files (x86)\360\Total Security\QHSafeMain.exe
2015-06-28 20:15 - 2015-09-21 06:29 - 00087672 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2014-04-02 14:46 - 2014-04-02 14:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-04-02 14:46 - 2014-04-02 14:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-04-02 14:46 - 2014-04-02 14:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-04-02 14:46 - 2014-04-02 14:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2014-07-17 17:46 - 2013-10-23 13:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-06-28 20:15 - 2015-09-21 06:29 - 00559224 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll
2013-04-27 09:24 - 2013-04-27 09:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3658503805-2194808240-3863320045-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dávid\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Photo Viewer.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{79F44669-A657-49A2-9F13-B82167BE1E0E}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{BCDBD673-8D9B-4DA1-AFCE-A854BA6EED02}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A71AF383-8C74-4AD6-9E3D-F23276AE792B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EDAE5083-5BB3-4ACA-93FC-4F5D1231E7A3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{D61CC59B-6FEE-4434-BD7F-3F5F9413D671}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{FFA75725-87E8-4963-8606-D4654CADB02E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{7D6B6F71-A36A-49F9-8EE3-3E5161D6E748}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{17518C82-07C6-43E4-9978-0E39764B1C20}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{FE06F359-F927-4B17-A751-1AF2F0EE2FD4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1F6E8894-3E97-4796-836B-47908DD35974}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{66608D34-46AC-4C3D-B2D8-82E6525E882D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{E657AA7C-2C23-40CB-9943-889C3B0C7084}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{60B16683-BB80-4FE4-BB8B-ED1BB933C627}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{80778D51-992B-4363-873E-9E6A09A91B62}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{F2CCC455-EF32-4585-B1D7-C9106AFAA303}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{5192460B-E93A-4CA5-BD97-A66D4047C05D}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{251F8AB4-95BC-4A7E-9830-E14D066700DA}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{8050CDE2-788C-4742-A536-480504249466}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{714B16AB-61E3-4A50-822B-D549480A8B4A}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{628C3B9F-2958-4BF5-83B9-AE99C5B22B08}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{3AB53FFB-11EB-428B-A9F6-CAF4554A9224}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [TCP Query User{EE6FAA41-B37B-4681-BFAA-2E8FCD7A7898}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{82C82720-9C6D-4625-BF08-D0E9E7397A42}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{93E3F7EF-E0B3-4933-8CEE-DA99F98869D5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{35EB844C-5048-4C5F-8CF8-588E39F9B89C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{078FFA25-EC9D-45E7-AB8C-B9E4E6067C89}] => (Allow) C:\Program Files (x86)\Common Files\Baidu\BDDownload\108\bddownloader.exe
FirewallRules: [{62DEF73B-8EAD-4E4C-A329-D5E34D8F5D54}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{58174EBC-D989-41A1-83EC-C6021412ACEE}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{1026D058-81F8-4FB5-A8B2-892E9994BE22}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{DBBF28C2-118B-4F0F-8D48-1E84186553C3}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{6BC97354-6D8F-4414-8ABF-C5622F2F9219}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{E34721C5-C1EB-47EA-AE37-EC3BBF232FAB}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Restore Points =========================

03-01-2016 10:50:06 Windows Update
15-01-2016 12:57:01 Windows Update
28-01-2016 18:37:54 Windows Update
04-02-2016 08:59:22 Windows Update
08-02-2016 11:03:53 Installed Microsoft Office Enterprise 2007
13-02-2016 15:49:42 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/13/2016 04:30:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (02/13/2016 04:30:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (02/13/2016 04:28:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Skype.exe, verzia: 7.18.85.111, časová značka: 0x56b0129b
Názov chybujúceho modulu: msxml6.dll, verzia: 6.30.9600.18046, časová značka: 0x55e72e8b
Kód výnimky: 0xc0000005
Odstup chyby: 0x000077d3
Identifikácia chybujúceho procesu: 0xf58
Čas spustenia chybujúcej aplikácie: 0xSkype.exe0
Cesta chybujúcej aplikácie: Skype.exe1
Cesta chybujúceho modulu: Skype.exe2
Identifikácia hlásenia: Skype.exe3
Celé meno chybujúceho balíka: Skype.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: Skype.exe5

Error: (02/08/2016 07:50:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (02/08/2016 07:50:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (02/08/2016 07:47:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Skype.exe, verzia: 7.18.85.111, časová značka: 0x56b0129b
Názov chybujúceho modulu: mshtml.dll, verzia: 11.0.9600.18161, časová značka: 0x566a47d3
Kód výnimky: 0xc00000fd
Odstup chyby: 0x00d06a78
Identifikácia chybujúceho procesu: 0xc7c
Čas spustenia chybujúcej aplikácie: 0xSkype.exe0
Cesta chybujúcej aplikácie: Skype.exe1
Cesta chybujúceho modulu: Skype.exe2
Identifikácia hlásenia: Skype.exe3
Celé meno chybujúceho balíka: Skype.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: Skype.exe5

Error: (02/08/2016 07:31:50 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: Outlook

Error: (02/08/2016 07:31:50 PM) (Source: Perflib) (EventID: 1021) (User: )
Description: Outlook8

Error: (02/08/2016 07:21:54 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (02/08/2016 07:21:54 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (02/13/2016 04:24:54 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 30) (User: NT AUTHORITY)
Description: The event logging service encountered an error (5) while enabling publisher {0BF2FB94-7B60-4B4D-9766-E82F658DF540} to channel Microsoft-Windows-Kernel-ShimEngine/Operational. This does not affect channel operation, but does affect the ability of the publisher to raise events to the channel. One common reason for this error is that the Provider is using ETW Provider Security and has not granted enable permissions to the Event Log service identity.

Error: (02/13/2016 04:24:46 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 30) (User: NT AUTHORITY)
Description: The event logging service encountered an error (5) while enabling publisher {0BF2FB94-7B60-4B4D-9766-E82F658DF540} to channel Microsoft-Windows-Kernel-ShimEngine/Operational. This does not affect channel operation, but does affect the ability of the publisher to raise events to the channel. One common reason for this error is that the Provider is using ETW Provider Security and has not granted enable permissions to the Event Log service identity.

Error: (02/13/2016 04:24:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Software Protection zlyhalo kvôli nasledujúcej chybe: 
%%5

Error: (02/13/2016 04:18:28 PM) (Source: DCOM) (EventID: 10010) (User: MARIENKA)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (02/13/2016 04:18:28 PM) (Source: DCOM) (EventID: 10010) (User: MARIENKA)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (02/13/2016 04:18:28 PM) (Source: DCOM) (EventID: 10010) (User: MARIENKA)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (02/13/2016 04:18:28 PM) (Source: DCOM) (EventID: 10010) (User: MARIENKA)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (02/08/2016 07:44:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby QQRepaird8d bol dosiahnutý časový limit (30000 ms).

Error: (02/08/2016 07:44:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby QQRepair11e3 bol dosiahnutý časový limit (30000 ms).

Error: (02/08/2016 07:43:57 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správca riadenia služieb sa po neočakávanom ukončení služby Windows Search pokúsil vykonať opravnú akciu (Reštartovať službu), ale táto činnosť zlyhala s nasledujúcou chybou: 
%%1056


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4010U CPU @ 1.70GHz
Percentage of memory in use: 47%
Total physical RAM: 3979.63 MB
Available physical RAM: 2072.23 MB
Total Virtual: 4875.63 MB
Available Virtual: 2525.01 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:129.41 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:258.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: FA7FFB4B)

Partition: GPT.

==================== End of Addition.txt ============================