Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-03-2017
Ran by Lucia (14-03-2017 21:29:50)
Running from C:\Users\Lucia\Desktop
Windows 10 Home Version 1607 (X64) (2016-12-25 12:32:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3668747667-419819588-178633127-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3668747667-419819588-178633127-503 - Limited - Disabled)
Guest (S-1-5-21-3668747667-419819588-178633127-501 - Limited - Disabled)
Lucia (S-1-5-21-3668747667-419819588-178633127-1001 - Administrator - Enabled) => C:\Users\Lucia

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Antivírusový a antispywarový softvér McAfee  (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Antivírusový a antispywarový softvér McAfee  (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.4.14 - ASUSTek Computer Inc)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.14.0006 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.103 - ICEpower a/s)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Dropbox 25 GB (HKLM-x32\...\{736A97C6-8766-3699-84A9-71736C5E0CE3}) (Version: 3.1.11.0 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
eDANE – aplikácia sekcie daňovej FR SR pre podávanie daňových dokumentov  (HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\6471891987962ff1) (Version: 1.2.0.6 - Finančné riaditeľstvo SR - Sekcia daňová)
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
Foxit PhantomPDF (HKLM-x32\...\{E40149BB-552F-44C8-A10F-4188ADC5AD70}) (Version: 7.0.510.429 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.13.125.1 - Intel Security)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4300 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Maintenance Samsung CLX-3180 Series (HKLM-x32\...\Samsung CLX-3180 Series) (Version:  - Samsung Electronics Co., Ltd.)
McAfee LiveSafe   (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.235 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.2 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Readiris Pro 10 (HKLM-x32\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7687 - Realtek Semiconductor Corp.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.05.22.00 - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.20.00 - Samsung Electronics Co., Ltd.)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.)
SmarThru 4 (HKLM-x32\...\{90F1943D-EA4A-4460-B59F-30023F3BA69A}) (Version:  - Samsung Electronics Co., Ltd.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.5.541 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
Windows Driver Package - ASUS (AsusSGDrv) Mouse  (10/21/2015 8.0.0.19) (HKLM\...\DE393C6A9AB085F9E19765D003555C3D360497DB) (Version: 10/21/2015 8.0.0.19 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410D}) (Version: 21.0.12288 - WinZip Computing, S.L. )
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 10.2.0.5804 - Kingsoft Corp.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {129086DB-6D3A-47E6-880E-EE22ADBD69BC} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-04-04] ()
Task: {12BD2F80-0004-4904-904F-7CF0725376BC} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-18] (AsusTek)
Task: {19C02158-BD95-41FD-B183-A57B1B5E2008} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-12-02] (ASUS)
Task: {20DF1875-23E4-465E-819B-4C1BA6B1BE4B} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {225B0A16-7EDD-41BE-9FA9-040EF88D8126} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {2786A4F6-CC20-47BB-90CB-BD82680AA126} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-12-14] (Realtek Semiconductor)
Task: {2A4803C0-E21F-4940-8031-FBE73ED675AB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-01] (Dropbox, Inc.)
Task: {3384405D-8012-4233-867D-DA0E21F42F63} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-12-14] (Realtek Semiconductor)
Task: {35DF26B9-4DFA-4848-A5B9-3CE869368555} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2015-03-14] (Microsoft Corporation)
Task: {431F6E00-03FB-42E9-B361-8EEE07AACA8B} - System32\Tasks\WpsKtpcntrQingTask_Lucia => C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5804\office6\ktpcntr.exe [2016-12-01] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {43241C0F-8727-44B9-B6D0-7621A55C98C2} - System32\Tasks\ASUSTek Computer Inc\ASUS GIFTBOX-Reminder => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [2016-12-26] (ASUSTek Computer Inc)
Task: {4860DE48-E6BE-4357-9D38-CF698EDD1DBA} - System32\Tasks\WpsExternal_Lucia_20161201211609 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe [2016-12-01] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {4FACDDC4-5530-414D-B7EE-AA0A158BF92A} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {506BA5AA-3422-497A-BD44-8CA7418E1E7E} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {507751A4-7BC0-4B92-B8A0-11D91184B3E8} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2017-02-10] (WinZip Computing, S.L.)
Task: {55BB4D00-2777-4A73-A5B8-F7DCB6A2FCC3} - System32\Tasks\ASUS\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [2016-12-26] (ASUSTek Computer Inc)
Task: {593B92E5-AB16-4A17-BD54-FBB3EED798BE} - System32\Tasks\WpsUpdateTask_Lucia => C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5804\wtoolex\wpsupdate.exe 
Task: {5DE13DDF-4089-4723-867C-7C8AFB33320A} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {67C55F0C-E9DA-40F2-92D8-6B05AF96435C} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {733A588B-DB29-4BE4-B80F-74EF24CDF52E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-01] (Google Inc.)
Task: {81EC324C-02F6-4C99-AC7D-5CC6EA2BE6AA} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-12-01] (AVAST Software)
Task: {8C0CCF8F-25FE-43C0-B118-18D208644120} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-01] (Google Inc.)
Task: {934640D4-4F9A-47CC-A512-76CD07876C36} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-06] (McAfee, Inc.)
Task: {9EBADC21-92EE-43E7-A382-B1F16AD7F297} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {A19B6510-D6A7-4C8F-BADC-7A3993F07774} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {B6D26760-7073-482A-AD19-B272615D5A91} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-02-10] (WinZip)
Task: {C71DCFF3-2C36-4E7A-B3DB-8D74EA9CD7A9} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-01] (Dropbox, Inc.)
Task: {E325F033-5A5B-4480-A6A6-1F22FE44C807} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)
Task: {E9A478F1-E559-4E4D-9BB2-55F8E5961F59} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {EF7972AA-1382-4B03-A7B6-2117EA781FCB} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)
Task: {F5001031-BCF6-44F1-BE6B-DD2C71E4DFB6} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\WpsExternal_Lucia_20161201211609.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe ~/wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll
Task: C:\WINDOWS\Tasks\WpsKtpcntrQingTask_Lucia.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5804\office6\ktpcntr.exe Ãqing 10.2.0.5804 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Lucia.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5804\wtoolex\wpsupdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-27 10:35 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-01-23 18:38 - 2011-06-22 08:14 - 00034304 _____ () C:\WINDOWS\System32\sst2cl6.dll
2017-01-23 18:38 - 2011-06-22 08:13 - 00826880 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\sst2cdu.dll
2016-12-01 20:23 - 2016-12-01 20:23 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-12-27 10:35 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-02-16 07:56 - 2015-10-26 14:30 - 00395368 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-12-27 10:32 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 20:57 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 20:56 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 20:56 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 20:56 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 20:56 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 20:56 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-23 18:36 - 2011-07-06 13:17 - 00688128 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2017-01-23 18:42 - 2011-04-29 08:58 - 01990144 _____ () C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
2017-01-23 18:37 - 2009-09-29 10:47 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2017-03-13 08:15 - 2017-03-13 08:16 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-13 08:15 - 2017-03-13 08:16 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-13 08:15 - 2017-03-13 08:16 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-13 08:15 - 2017-03-13 08:16 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2017-02-06 21:14 - 2017-02-01 10:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 21:14 - 2017-02-01 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-02-24 07:58 - 2017-02-24 08:02 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-02-24 07:58 - 2017-02-24 08:02 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-02-24 07:58 - 2017-02-24 08:02 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-12-02 18:05 - 2016-12-02 18:07 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-02-24 07:58 - 2017-02-24 08:02 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-02-24 07:58 - 2017-02-24 08:02 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-12-02 18:05 - 2016-12-02 18:07 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-12-02 19:01 - 2015-12-02 19:01 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-12-02 19:01 - 2015-12-02 19:01 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-12-02 19:01 - 2015-12-02 19:01 - 00029184 _____ () C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2016-12-26 22:52 - 2016-12-26 22:52 - 01937408 _____ () C:\Program Files (x86)\ASUS\Giftbox\ffmpeg.dll
2017-01-30 12:52 - 2017-01-30 12:52 - 01926632 ____R () C:\Program Files (x86)\Skype\Phone\roottools.dll
2016-12-01 20:24 - 2016-12-01 20:24 - 38907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2017-01-23 18:42 - 2009-10-31 14:42 - 01384520 _____ () C:\Windows\twain_32\Samsung\CLX3180\ssole.dll
2017-01-23 18:42 - 2010-11-11 10:46 - 00293888 _____ () C:\Windows\twain_32\Samsung\CLX3180\NetModule2.dll
2016-12-26 22:52 - 2016-12-26 22:52 - 02177536 _____ () C:\Program Files (x86)\ASUS\Giftbox\libglesv2.dll
2016-12-26 22:52 - 2016-12-26 22:52 - 00079360 _____ () C:\Program Files (x86)\ASUS\Giftbox\libegl.dll
2016-12-26 22:52 - 2016-12-26 22:52 - 03561984 _____ () C:\Program Files (x86)\ASUS\Giftbox\node.dll
2016-12-26 22:51 - 2016-12-26 22:52 - 00289792 _____ () \\?\C:\Program Files (x86)\ASUS\Giftbox\node_modules\appcloud-native-utils\anu.node
2016-12-26 22:51 - 2016-12-26 22:51 - 00236032 _____ () \\?\C:\Program Files (x86)\ASUS\Giftbox\node_modules\appcloud-engine\node_modules\appcloud-native-utils\anu.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2017-01-30 21:17 - 00000857 ____A C:\WINDOWS\system32\Drivers\etc\hosts


0.0.0.1	mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3668747667-419819588-178633127-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3E8BA6A3-C3D5-4ECF-BE45-FD459BF1C1FA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2911BF62-5D6A-47E4-9869-8E076C80F6DA}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{D7A00497-B01B-4124-B371-8567086BAB37}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CB83467F-D679-43F5-BEDB-F69313E2A0B5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E770CB10-B3F6-47C6-A481-BEA436233C21}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{17812516-59BE-4981-9861-9622948561CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AA13B923-2094-49B9-90AA-6D2DE1F98039}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe
FirewallRules: [{1751C332-99A1-436E-8562-86DD61C1EC21}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe
FirewallRules: [{E6FDC223-14B2-4E96-AE20-EAD0C70BA7A8}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
FirewallRules: [{247FF1ED-4D2C-4160-A9A4-FE8EFA185A42}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
FirewallRules: [{AB215B6E-C675-487C-A1DD-ACCB520C8493}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Sscan2io.exe
FirewallRules: [{8FAA1104-23E8-4133-AB95-B4736C0FB99A}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Sscan2io.exe
FirewallRules: [{0EE492DC-2574-4CE0-AAE9-173BA2A0DDBD}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{C7D08FAC-CFA8-4E8B-8D65-D852573D3AD6}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{C4425F2D-9D19-4189-8FFF-37A1CAB96F09}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

22-02-2017 12:04:23 Windows Update
03-03-2017 14:14:46 Scheduled Checkpoint
12-03-2017 15:39:08 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/12/2017 10:41:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-EUFOBHH)
Description: Aktivácia aplikácie Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (03/12/2017 03:39:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (03/11/2017 08:35:53 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (03/10/2017 10:17:01 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (5436) WebCacheLocal: Database recovery/restore failed with unexpected error -1032.

Error: (03/10/2017 10:17:01 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (5436) WebCacheLocal: An attempt to open the file "C:\Users\Lucia\AppData\Local\Microsoft\Windows\WebCache\V01.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (03/10/2017 08:50:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-EUFOBHH)
Description: Balík Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI sa ukončil, pretože jeho odstavenie trvalo príliš dlho.

Error: (03/09/2017 10:38:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: AcroRd32.exe, verzia: 15.23.20070.19033, časová značka: 0x58a745fb
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000008
Odstup chyby: 0x45509d2a
Identifikácia chybujúceho procesu: 0x2b60
Čas spustenia chybujúcej aplikácie: 0x01d298b8f6ae431d
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: 91763d85-356e-49b2-81bc-ed457c1ba8d4
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (03/07/2017 06:57:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-EUFOBHH)
Description: Aktivácia aplikácie Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1 zlyhala pre chybu: -2147023174 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (03/07/2017 08:14:31 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvorenie bodu obnovenia zlyhalo. (Proces = C:\Users\Lucia\AppData\Local\Temp\vc_redist.x86.exe /install /quiet /norestart; Popis = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215; Chyba = 0x80070514).

Error: (03/03/2017 02:15:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.


System errors:
=============
Error: (03/14/2017 09:28:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Interactive Services Detection bola ukončená s nasledujúcou chybou: 
Incorrect function.

Error: (03/14/2017 08:42:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/14/2017 08:42:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/14/2017 08:42:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/14/2017 08:42:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/14/2017 08:42:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby DgiVecp zlyhalo kvôli nasledujúcej chybe: 
The system cannot find the device specified.

Error: (03/14/2017 08:41:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/14/2017 08:41:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee SiteAdvisor Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 3000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (03/14/2017 08:41:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel Security True Key sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (03/14/2017 08:41:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Security Assist sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz
Percentage of memory in use: 65%
Total physical RAM: 3999.96 MB
Available physical RAM: 1367.59 MB
Total Virtual: 5599.96 MB
Available Virtual: 2195.59 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:318.55 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:558.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 56D40A90)

Partition: GPT.

==================== End of Addition.txt ============================