﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-11-2014 01
Ran by Roman at 2014-11-08 17:01:04
Running from C:\Users\Roman\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 33.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 cs)) (Version: 33.0.3 - Mozilla)
OpenOffice.org 2.0 (HKLM-x32\...\{5DB8BFC7-9595-49CC-BF0D-A17D3A83929A}) (Version: 2.0.9044 - OpenOffice.org)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.48.823.2011 - Realtek)
Windows Driver Package - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

07-11-2014 22:27:28 avast! antivirus system restore point
07-11-2014 22:32:34 Windows Update
07-11-2014 22:50:32 Driver Booster : Broadcom Bluetooth 4.0 USB
07-11-2014 23:01:14 Driver Booster : Intel(R) Display Audio
07-11-2014 23:20:55 Windows Update
07-11-2014 23:26:35 Nainstalováno rozhraní DirectX
07-11-2014 23:29:21 Nainstalováno rozhraní DirectX
08-11-2014 00:15:33 Operace obnovení
08-11-2014 00:28:37 Windows Update
08-11-2014 00:51:47 Driver Booster : 2nd Generation Intel(R) Core(TM) Processor Family DRAM Controller - 0104
08-11-2014 01:01:55 Windows Update
08-11-2014 01:05:09 Nainstalováno rozhraní DirectX
08-11-2014 02:12:11 Windows Update
08-11-2014 02:20:39 Operace obnovení

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {39964426-A2DF-44CF-8184-89767D3BBC60} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-17] (Adobe Systems Incorporated)
Task: {3DDB5822-CF28-471D-9C81-96F63D7E507D} - System32\Tasks\ASC7_SkipUac_Roman => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-08-22] (IObit)
Task: {8EB6F81B-F3F7-4EEF-AE45-DA982F8E0B9C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-15] (AVAST Software)
Task: {AC54C9FC-99CC-4BC9-B28E-23E7D1AAB575} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-08-22] (IObit)
Task: {B75D31B9-CA73-40A5-A6ED-839C179DD280} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {BFBA20AC-4D4D-4D3B-8ACE-8B1220C03394} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {F07C9191-A0D0-4FB0-9895-3AEDEE1C7605} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\{4AF8BC7D-1CF7-4F3E-BE07-2C09959A23CD}.job => C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\scheduleCall.exe
Task: C:\Windows\Tasks\{F1E90B80-903D-4DBC-869A-685D1D6EE221}.job => C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\scheduleCall.exe

==================== Loaded Modules (whitelisted) =============

2012-08-08 08:19 - 2013-11-11 16:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-06-02 21:58 - 2011-06-02 21:58 - 00201568 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2011-06-02 21:59 - 2011-06-02 21:59 - 00156000 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2012-08-08 08:50 - 2012-08-08 08:50 - 01508192 _____ () C:\Windows\system32\IcnOvrly.dll
2012-08-08 08:50 - 2012-08-08 08:50 - 00628064 _____ () C:\Windows\system32\SimpleExt.dll
2012-06-21 12:23 - 2012-06-21 12:23 - 00108040 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll
2012-08-08 08:30 - 2012-02-08 03:03 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2008-12-20 11:20 - 2012-08-08 08:52 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-04-20 00:22 - 2012-08-08 08:52 - 01516592 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2012-03-08 23:36 - 2012-08-08 08:52 - 00011096 _____ () C:\Program Files (x86)\Lenovo\Energy Management\cs-CZ\EMWpfUI.resources.dll
2008-12-20 11:20 - 2012-08-08 08:52 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-08-08 08:47 - 2012-08-08 08:47 - 00099680 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2012-02-06 03:38 - 2012-02-06 03:38 - 00258936 _____ () C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe
2012-05-05 12:16 - 2012-03-27 01:33 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2014-11-08 16:58 - 2014-11-08 16:58 - 00029696 _____ () C:\Users\Roman\AppData\Local\MSGBOX.EXE
2014-03-08 23:57 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2014-07-15 20:45 - 2014-07-15 20:45 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-11-07 23:32 - 2014-11-07 23:32 - 02900480 _____ () C:\Program Files\AVAST Software\Avast\defs\14110700\algo.dll
2011-06-02 21:57 - 2011-06-02 21:57 - 00161120 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2011-06-02 21:58 - 2011-06-02 21:58 - 00132448 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2011-06-28 07:28 - 2011-06-28 07:28 - 00042496 _____ () C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\QTKB.dll
2014-07-15 20:45 - 2014-07-15 20:45 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-08-08 08:30 - 2012-02-08 02:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-11-08 09:19 - 2014-11-08 09:19 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Roman^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk => C:\Windows\pss\OpenOffice.org 2.0.lnk.Startup
MSCONFIG\startupreg: Advanced SystemCare 7 => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
MSCONFIG\startupreg: Intelligent Touchpad => C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: VeriFaceManager => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s

========================= Accounts: ==========================

Administrator (S-1-5-21-683440959-2606681586-737459993-500 - Administrator - Disabled)
Guest (S-1-5-21-683440959-2606681586-737459993-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-683440959-2606681586-737459993-1003 - Limited - Enabled)
Roman (S-1-5-21-683440959-2606681586-737459993-1001 - Administrator - Enabled) => C:\Users\Roman

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/08/2014 04:26:08 PM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 1

Error: (11/08/2014 04:24:23 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/08/2014 04:24:23 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (11/08/2014 04:24:02 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (11/08/2014 04:24:02 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

Error: (11/08/2014 04:24:02 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (11/08/2014 04:24:02 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

Error: (11/08/2014 04:24:02 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (11/08/2014 04:24:02 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

Error: (11/08/2014 04:24:02 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).


System errors:
=============
Error: (11/08/2014 04:17:48 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (11/08/2014 03:54:47 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.

Error: (11/08/2014 03:54:46 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {49BD2028-1523-11D1-AD79-00C04FD8FDFF}

Error: (11/08/2014 03:45:40 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {49BD2028-1523-11D1-AD79-00C04FD8FDFF}

Error: (11/08/2014 03:45:38 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.

Error: (11/08/2014 03:36:49 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla ukončena s následující chybou: 
%%-2147196306

Error: (11/08/2014 03:36:28 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.

