﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by betus (2016-03-28 00:03:29)
Running from C:\Users\betus\Desktop
Windows 10 Home Version 1511 (X64) (2016-02-11 07:55:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2924441769-580111986-43208321-500 - Administrator - Disabled) => C:\Users\Administrator
betus (S-1-5-21-2924441769-580111986-43208321-1001 - Administrator - Enabled) => C:\Users\betus
DefaultAccount (S-1-5-21-2924441769-580111986-43208321-503 - Limited - Disabled)
Guest (S-1-5-21-2924441769-580111986-43208321-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2924441769-580111986-43208321-1013 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: STOPzilla (Disabled - Up to date) {17032AB1-6644-0721-EEB5-A39B8B646009}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: STOPzilla (Enabled - Up to date) {AC62CB55-407E-08AF-D405-98E9F0E32AB4}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.8 - Absolute Software)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{E68DD413-B834-4923-8181-0A03B7555187}) (Version:  - Microsoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.2 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D9ED3EFC-AB00-4CE0-ADED-80EE6B1158A7}) (Version: 2.2.2000.0 - Dell Products, LP)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.39 - PC-Doctor, Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.3 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DSC/AA Factory Installer (Version: 3.2.6032.39 - PC-Doctor, Inc.) Hidden
EndNote Web (HKLM-x32\...\{1DFE388B-6FD3-4230-A47B-393AEA68C01D}) (Version: 3.2.0.1635 - Thomson Reuters)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-2924441769-580111986-43208321-1001\...\Google Photos Backup) (Version: 1.1.1.276 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Driver Update Utility 2.4 (x32 Version: 2.4.0.15 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Intel(R) Product Improvement Program (x32 Version: 2.1.27.3 - Intel) Hidden
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{1b09c4de-9cae-4122-b17c-65d395062b50}) (Version: 2.4.0.15 - Intel)
Intel® Chipset Device Software (x32 Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.204 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.003 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
STATISTICA CZ 12 (HKLM-x32\...\{77BF5C2F-3386-4C2F-92EA-6BB17C297F40}) (Version: 12.0.1133.23 - StatSoft, Inc.)
STATNOVAPDF (novaPDF 7.7 printer) (HKLM\...\STATNOVAPDF_is1) (Version:  - Softland)
STOPzilla (HKLM-x32\...\{9242735B-A101-45B0-BC06-2AA20A114627}) (Version: 6.1.100.3 - iS3 Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2924441769-580111986-43208321-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\betus\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2924441769-580111986-43208321-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\betus\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2924441769-580111986-43208321-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2924441769-580111986-43208321-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\betus\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02AB03B3-7BDB-42A6-9B48-AF344D99CDBE} - \PCDEventLauncher -> No File <==== ATTENTION
Task: {04C743D5-7ADE-4476-8667-C093588C94F8} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {158CBC75-8D8A-47AC-847E-5EB128C53BD6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-11] (Google Inc.)
Task: {4BE33737-EE4B-4FC1-A8D1-AF72F90675AB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {5809F8DC-F21A-4DD5-9929-65DA2CBAD167} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924441769-580111986-43208321-1001UA => C:\Users\betus\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-16] (Google Inc.)
Task: {70483384-DC6A-4A4E-85BE-592C427B0FDA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924441769-580111986-43208321-1001Core => C:\Users\betus\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-16] (Google Inc.)
Task: {96F2339D-5842-4370-BCC7-D4C3CB250788} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {98E0FE4C-4C5D-48E6-B7CD-C1401398EE3F} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-20] (Intel)
Task: {9ECFBC09-A603-459B-9949-B78BE4C22BF5} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {AD6F966E-6A82-455A-BB39-43B275E898A3} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {D0BA50FA-7F04-44AE-9C91-F1D8C5F6989B} - System32\Tasks\avast! Windows 10 Start Menu helper => c:\program files\avast software\avast\asww10mon.exe [2016-03-23] (AVAST Software)
Task: {D1D95129-795E-4872-B5C7-A83516A26B15} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {EEE941D6-59DC-4B38-8AD7-3102B6FD2494} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-12] (AVAST Software)
Task: {F6EFCA02-576C-4DC6-903A-D3F4CB09F905} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {F730DA82-E650-47D3-8A44-B6506A16A6BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-11] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924441769-580111986-43208321-1001Core.job => C:\Users\betus\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924441769-580111986-43208321-1001UA.job => C:\Users\betus\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2012-10-26 20:28 - 2012-04-25 04:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-03-02 12:14 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 12:14 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-11 12:54 - 2016-02-11 12:55 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-11 10:50 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-02 12:14 - 2016-02-23 10:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-11 10:52 - 2016-01-05 03:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-02-11 10:51 - 2016-01-05 03:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-11 10:52 - 2016-01-16 07:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-11 10:52 - 2016-01-16 07:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-27 23:01 - 2016-03-09 20:43 - 00460952 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-03-27 23:01 - 2016-03-09 20:43 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-03-27 23:01 - 2016-03-09 20:43 - 00188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2016-03-27 23:01 - 2016-03-09 20:43 - 00416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-03-27 23:01 - 2016-03-09 20:43 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-03-27 23:01 - 2016-03-09 20:43 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-03-27 23:01 - 2016-03-09 20:43 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-03-27 23:01 - 2016-03-09 20:43 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-03-27 23:01 - 2016-03-09 20:43 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-03-27 23:01 - 2016-03-09 20:43 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-03-27 23:01 - 2016-03-09 20:43 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-03-27 23:01 - 2016-03-09 20:43 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-03-27 23:43 - 2015-06-26 03:13 - 00184184 _____ () C:\ProgramData\STOPzilla!\VIPRE\libBase64.dll
2016-03-27 23:43 - 2015-06-26 03:13 - 00175992 _____ () C:\ProgramData\STOPzilla!\VIPRE\libMachoUniv.dll
2016-02-12 20:17 - 2016-02-12 20:17 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-02-12 20:17 - 2016-02-12 20:17 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-03-27 20:23 - 2016-03-27 20:23 - 02846208 _____ () C:\Program Files\AVAST Software\Avast\defs\16032702\algo.dll
2016-02-12 20:17 - 2016-02-12 20:17 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-11 12:54 - 2016-02-11 12:55 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-11 12:54 - 2016-02-11 12:55 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2012-10-26 20:26 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 18:34 - 2012-06-08 18:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-02-12 20:17 - 2016-02-12 20:17 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-03-10 18:06 - 2016-03-10 18:06 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\4805406b741ac032d23aeb182dc05111\PSIClient.ni.dll
2012-10-26 20:17 - 2012-06-25 17:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-03-15 00:45 - 2016-03-08 04:48 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll
2016-03-15 00:45 - 2016-03-08 04:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2924441769-580111986-43208321-1001\Software\Classes\.exe: exefile =>  <===== ATTENTION
HKU\S-1-5-21-2924441769-580111986-43208321-1001\Software\Classes\exefile:  <===== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2016-03-27 23:35 - 00000860 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2924441769-580111986-43208321-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Dell\Win7 LTBLUE 1920x1200.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKU\S-1-5-21-2924441769-580111986-43208321-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-2924441769-580111986-43208321-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2924441769-580111986-43208321-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8DA85D0D-15E5-4F17-863C-6CBC9E4696CF}] => (Allow) LPort=1900
FirewallRules: [{A5DD0B81-385B-4419-BA04-EAADE0DF97F6}] => (Allow) LPort=2869
FirewallRules: [{B8AA974E-BA69-488F-8F81-7AD648548077}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0AF158BF-C4BE-4B2E-91F6-6A4F124C8459}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{CFC5B976-BD73-4EAD-8813-8BC2DE06A9EB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{17B631E7-63D2-4A90-9219-1C4E027AAA9D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{3DFFDD92-974F-4524-810F-40A0BE8C9CFA}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Win7Ui.exe
FirewallRules: [{BE354B79-55EB-4902-B7CC-344333852EAF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{834EC323-7BDB-4AB2-AA87-74A06C189378}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

13-03-2016 15:59:30 simplitec Power Suite: Optimize Startup (Optimize)
22-03-2016 22:49:32 Windows Update
27-03-2016 16:06:25 JRT Pre-Junkware Removal
27-03-2016 20:47:39 before anti rootkit
27-03-2016 21:15:30 Malwarebytes Anti-Rootkit Restore Point
27-03-2016 23:00:29 Intel® Driver Update Utility
27-03-2016 23:43:50 STOPzilla Restore Point.

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/27/2016 11:44:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (03/27/2016 11:07:13 PM) (Source: IDUU) (EventID: 1000) (User: )
Description: <?xml version="1.0" encoding="utf-16"?>
<InstallationDevice>
	<IDUUVersion>2.4.0.9</IDUUVersion>
	<Region>en</Region>
	<InstallerName />
	<InstallResult>Exception Thrown!: Proces s identifikátorem 7452 není spuštěn.</InstallResult>
	<FileName>SetupChipset.exe</FileName>
	<OS>Windows® 10, 64-bit*</OS>
	<Bitness>64-bit</Bitness>
	<Type>Chipset</Type>
	<DriverClassGUID>4d36e97b-e325-11ce-bfc1-08002be10318</DriverClassGUID>
	<HardwareSignature>VEN_8086&amp;DEV_282A</HardwareSignature>
	<CurrentDriverDate>19. 2. 2015</CurrentDriverDate>
	<DriverDescription>Intel(R) Mobile Express Chipset SATA RAID Controller</DriverDescription>
	<DriverManufacturer>Intel Corporation</DriverManufacturer>
	<DriverID>24165</DriverID>
	<AvailablePackageVersion>10.1.1.14</AvailablePackageVersion>
	<AvailablePackageDate>2016-02-04T00:00:00</AvailablePackageDate>
	<AvailablePackageName>SetupChipset.exe</AvailablePackageName>
	<InfFilePath>C:\WINDOWS\INF\iastorav.inf</InfFilePath>
	<DownloadedURL>https://downloadmirror.intel.com/24165/eng/setupchipset.exe</DownloadedURL>
	<VersionBeforeInstallation>11.6.1.1001</VersionBeforeInstallation>
	<VersionAfterInstallation />
	<InstallSuccessful>False</InstallSuccessful>
	<Timestamp>2016-03-27T21:07:13.7541472Z</Timestamp>
</InstallationDevice>

Error: (03/27/2016 11:00:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (03/27/2016 09:15:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Access is denied.
.

Error: (03/27/2016 08:47:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Access is denied.
.

Error: (03/27/2016 08:17:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: betka)
Description: Aplikaci Microsoft.Getstarted_3.5.10.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca se nepovedlo aktivovat, protože došlo k chybě: -2144927149. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/27/2016 07:31:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rundll32.exe_ResetEng.dll, verze: 10.0.10586.0, časové razítko: 0x5632d71b
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.122, časové razítko: 0x56cbf9dd
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000953f7
ID chybujícího procesu: 0x1b88
Čas spuštění chybující aplikace: 0xrundll32.exe_ResetEng.dll0
Cesta k chybující aplikaci: rundll32.exe_ResetEng.dll1
Cesta k chybujícímu modulu: rundll32.exe_ResetEng.dll2
ID zprávy: rundll32.exe_ResetEng.dll3
Úplný název chybujícího balíčku: rundll32.exe_ResetEng.dll4
ID aplikace související s chybujícím balíčkem: rundll32.exe_ResetEng.dll5

Error: (03/27/2016 05:03:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: betka)
Description: Aplikaci Microsoft.Getstarted_3.5.10.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca se nepovedlo aktivovat, protože došlo k chybě: -2144927149. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/27/2016 04:52:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rundll32.exe_ResetEng.dll, verze: 10.0.10586.0, časové razítko: 0x5632d71b
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.122, časové razítko: 0x56cbf9dd
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000953f7
ID chybujícího procesu: 0x1fe8
Čas spuštění chybující aplikace: 0xrundll32.exe_ResetEng.dll0
Cesta k chybující aplikaci: rundll32.exe_ResetEng.dll1
Cesta k chybujícímu modulu: rundll32.exe_ResetEng.dll2
ID zprávy: rundll32.exe_ResetEng.dll3
Úplný název chybujícího balíčku: rundll32.exe_ResetEng.dll4
ID aplikace související s chybujícím balíčkem: rundll32.exe_ResetEng.dll5

Error: (03/27/2016 04:21:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rundll32.exe_ResetEng.dll, verze: 10.0.10586.0, časové razítko: 0x5632d71b
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.122, časové razítko: 0x56cbf9dd
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000953f7
ID chybujícího procesu: 0x19c4
Čas spuštění chybující aplikace: 0xrundll32.exe_ResetEng.dll0
Cesta k chybující aplikaci: rundll32.exe_ResetEng.dll1
Cesta k chybujícímu modulu: rundll32.exe_ResetEng.dll2
ID zprávy: rundll32.exe_ResetEng.dll3
Úplný název chybujícího balíčku: rundll32.exe_ResetEng.dll4
ID aplikace související s chybujícím balíčkem: rundll32.exe_ResetEng.dll5


System errors:
=============
Error: (03/27/2016 11:54:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (03/27/2016 11:54:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dell Digital Delivery Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/27/2016 11:53:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (03/27/2016 11:51:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SystemUsageReportSvc_WILLAMETTE neuspěla při spuštění v důsledku následující chyby: 
%%1053

Error: (03/27/2016 11:51:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby SystemUsageReportSvc_WILLAMETTE bylo dosaženo časového limitu (30000 ms).

Error: (03/27/2016 11:49:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Sync Host_3f936 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restart the service.

Error: (03/27/2016 11:49:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (03/27/2016 11:34:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/27/2016 11:34:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Start Technology Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/27/2016 11:32:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable


CodeIntegrity:
===================================
  Date: 2016-03-28 00:00:52.408
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-28 00:00:52.385
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-28 00:00:52.341
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-28 00:00:52.321
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-28 00:00:49.452
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-28 00:00:49.432
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-28 00:00:49.402
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-28 00:00:49.378
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-28 00:00:42.904
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-28 00:00:42.885
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 54%
Total physical RAM: 3962.51 MB
Available physical RAM: 1809.07 MB
Total Virtual: 5882.51 MB
Available Virtual: 3684.05 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:452.08 GB) (Free:319.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BAEA7AE6)

Partition: GPT.

========================================================
Disk: 1 (Size: 8 GB) (Disk ID: F862BF32)

Partition: GPT.

==================== End of Addition.txt ============================