﻿Additional scan result of Farbar Recovery Scan Tool (x86) Version:08-10-2015
Ran by oem-user (2015-10-08 21:15:16)
Running from C:\Users\oem-user\Desktop
Microsoft Windows 8.1 (X86) (2014-05-28 11:20:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2625918598-2988866889-3153320694-500 - Administrator - Disabled)
Guest (S-1-5-21-2625918598-2988866889-3153320694-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2625918598-2988866889-3153320694-1003 - Limited - Enabled)
oem-user (S-1-5-21-2625918598-2988866889-3153320694-1001 - Administrator - Enabled) => C:\Users\oem-user

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM\...\Avast) (Version: 10.4.2233 - AVAST Software)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version:  - )
Broadcom Location Sensor (HKLM\...\{F83D6787-4DE0-46E4-BB6C-28DD6C607BCA}) (Version: 19.17.7413.6 - Broadcom Corporation)
Classic Shell (HKLM\...\{E0E49E80-19DE-43FE-BFF2-8C58DDF3C7F9}) (Version: 4.1.0 - IvoSoft)
České (Dvorak) (HKLM\...\{38FA3550-58AE-4746-9076-FE65474031CE}) (Version: 1.0.3.13 - SWX)
Dropbox (HKU\S-1-5-21-2625918598-2988866889-3153320694-1001\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
f.lux (HKU\S-1-5-21-2625918598-2988866889-3153320694-1001\...\Flux) (Version:  - )
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.6.122.702 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.2.0.722 - Foxit Software Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
HP ESU for Microsoft Windows 8.1 (HKLM\...\{8694492B-C69F-4204-A8BA-15BE0D9BAFCA}) (Version: 1.1.1 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM\...\{76D4147B-1544-480B-80E7-69BE8461127F}) (Version: 3.5.4.0 - Hewlett-Packard Company)
Letter Quest version 2.2.0 (HKLM\...\{03683176-25AE-47ED-B27B-DB26FC7BCEFF}_is1) (Version: 2.2.0 - Bacon Bandit Games)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NEO Scavenger (HKLM\...\1207667263_is1) (Version: 2.1.0.2 - GOG.com)
NetTime (HKLM\...\NetTime_is1) (Version:  - Mark Griffiths)
Nosferatu - Wrath of Malachi (HKLM\...\1207666093_is1) (Version: 2.0.0.1 - GOG.com)
Opera Stable 32.0.1948.69 (HKLM\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.309.0 - Tracker Software Products Ltd)
Potplayer (HKLM\...\PotPlayer) (Version:  - Daum Kakao Corp.)
PowerSlave (HKLM\...\{561F816E-FDEB-4F4A-B040-C80F6583D4B9}) (Version: 1.0.0 - Polychrome Limited)
Qualcomm Atheros Bluetooth UART Driver (HKLM\...\{823CC489-ADF8-4532-A3D4-283D4A803CD2}) (Version: 2.2.0.17 - Qualcomm Atheros)
Qualcomm Atheros Driver Installation Program (HKLM\...\{4ACEE5EC-6357-4F01-AC66-E69381500345}) (Version: 3.7 - Qualcomm Atheros Mobile)
Realtek Card Reader (HKLM\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek I2S Audio (HKLM\...\{89A448AA-3301-46AA-AFC3-34F2D7C670E8}) (Version: 6.2.9400.3077 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
The Secret of Monkey Island™ - Special Edition (HKLM\...\1207666253_is1) (Version: 2.0.0.6 - GOG.com)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
TouchMousePointer 32bit (HKLM\...\TouchMousePointer) (Version: 1.6.0.1 - LoveSummerTrue)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUS_{6B99320D-817F-42CE-B45E-5C9AD42678E3}) (Version:  - Microsoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\oem-user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\oem-user\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\oem-user\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\oem-user\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\oem-user\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\oem-user\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\oem-user\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\oem-user\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\oem-user\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\oem-user\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\oem-user\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\oem-user\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\oem-user\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\oem-user\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\oem-user\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\oem-user\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\oem-user\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2625918598-2988866889-3153320694-1001_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\oem-user\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Restore Points =========================

08-10-2015 20:56:46 Revo Uninstaller's restore point - Process Lasso

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:13 - 2015-10-07 18:50 - 00003143 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 vortex.data.microsoft.com 
0.0.0.0 vortex-win.data.microsoft.com 
0.0.0.0 telecommand.telemetry.microsoft.com 
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net 
0.0.0.0 oca.telemetry.microsoft.com 
0.0.0.0 sqm.telemetry.microsoft.com 
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net 
0.0.0.0 watson.telemetry.microsoft.com 
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net 
0.0.0.0 redir.metaservices.microsoft.com 
0.0.0.0 choice.microsoft.com 
0.0.0.0 choice.microsoft.com.nsatc.net 
0.0.0.0 wes.df.telemetry.microsoft.com 
0.0.0.0 services.wes.df.telemetry.microsoft.com 
0.0.0.0 sqm.df.telemetry.microsoft.com 
0.0.0.0 telemetry.microsoft.com 
0.0.0.0 watson.ppe.telemetry.microsoft.com 
0.0.0.0 telemetry.appex.bing.net 
0.0.0.0 telemetry.urs.microsoft.com 
0.0.0.0 telemetry.appex.bing.net:443 
0.0.0.0 settings-sandbox.data.microsoft.com 
0.0.0.0 survey.watson.microsoft.com 
0.0.0.0 watson.live.com 
0.0.0.0 watson.microsoft.com 
0.0.0.0 statsfe2.ws.microsoft.com 
0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com 
0.0.0.0 compatexchange.cloudapp.net 
0.0.0.0 a-0001.a-msedge.net 
0.0.0.0 statsfe2.update.microsoft.com.akadns.net 

There are 32 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05E941A4-2CB5-4E5E-8921-5D430F8DB370} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {30E47B09-2D3F-4958-A6FA-05AF086C9FD9} - System32\Tasks\Opera scheduled Autoupdate 1438520847 => C:\Program Files\Opera\launcher.exe [2015-09-25] (Opera Software)
Task: {3BC43CC7-B63D-4859-98F3-2695465315B0} - System32\Tasks\avast! Emergency Update => C:\Program Files\Avast\AvastEmUpdate.exe [2015-09-20] (AVAST Software)
Task: {4BDE8A0C-675D-49A2-9947-A569C5AE77FD} - System32\Tasks\TouchMousePointer0741448 => C:\Apps\TouchMousePointer\TouchMousePointer.exe [2014-07-04] ( )
Task: {4E2EB170-B4BC-46D9-A332-A43ED6A3891A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2625918598-2988866889-3153320694-1001Core => C:\Users\oem-user\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {58AAB0DE-C625-43EA-8A07-80CC764CCF5C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5C62BEE0-7F55-426D-A3C9-95B23CEB50FC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C2B70E0F-8C36-4B69-8DAD-24D790764259} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {CC825232-28E2-48F4-9995-FF759BD117CD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {E09C8402-D5BD-4ECF-9F76-25B6BADCC563} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E358E192-5054-4670-AE77-08135D5DE940} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2625918598-2988866889-3153320694-1001UA => C:\Users\oem-user\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {F3347140-8814-418B-AE9C-EE86C12B5799} - System32\Tasks\CleanMem Mini Monitor => C:\Apps\Cleanmem\mini_monitor.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2625918598-2988866889-3153320694-1001Core.job => C:\Users\oem-user\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2625918598-2988866889-3153320694-1001UA.job => C:\Users\oem-user\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

