Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14.03.2018
Ran by ATAcomp (30-03-2018 09:37:57)
Running from C:\Users\ATAcomp\Desktop
Microsoft® Windows Vista™ Business  Service Pack 2 (X86) (2012-11-27 14:23:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1969540636-3590949601-557156478-500 - Administrator - Disabled)
ATAcomp (S-1-5-21-1969540636-3590949601-557156478-1000 - Administrator - Enabled) => C:\Users\ATAcomp
Guest (S-1-5-21-1969540636-3590949601-557156478-501 - Limited - Enabled)
host (S-1-5-21-1969540636-3590949601-557156478-1032 - Limited - Enabled) => C:\Users\host

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 26 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.2.2328 - AVAST Software)
Balíček ovladače systému Windows - AuthenTec Inc. (ATSwpWDF) Biometric  (01/14/2010 8.6.0.13) (HKLM\...\0481B164C8D1D26C560D6A5E717C5920D4362D60) (Version: 01/14/2010 8.6.0.13 - AuthenTec Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
Client Security - Password Manager (HKLM\...\{44E9D4C2-946C-4378-9354-558803C47A68}) (Version: 8.21.0006.00 - Lenovo Group Limited)
Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.92.15.0 - Conexant)
Diablo (HKLM\...\Diablo) (Version:  - )
Diablo (HKU\S-1-5-21-1969540636-3590949601-557156478-1000\...\Diablo) (Version:  - )
Diablo 2 Lord of Destruction (HKLM\...\Diablo 2 Lord of Destruction_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 9.0.1.1049 - Foxit Software Inc.)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hamachi 1.0.3.0 (HKLM\...\Hamachi) (Version:  - )
Hellfire (HKLM\...\Hellfire) (Version:  - )
Help Center (HKLM\...\{986F64DC-FF15-449D-998F-EE3BCEC6666A}) (Version: 2.00n - )
Heroes of Might and Magic III Complete (HKLM\...\{EDFB64A7-5BFD-4137-943D-5663149A15F5}) (Version: 1.00.0000 - CD Projekt) Hidden
Heroes of Might and Magic III Complete (HKLM\...\InstallShield_{EDFB64A7-5BFD-4137-943D-5663149A15F5}) (Version: 1.00.0000 - CD Projekt)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.1 - Intel)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java 8 Update 161 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Fingerprint Software (HKLM\...\{3D8994A3-02A8-45B5-B955-53E608BC69ED}) (Version: 3.3.2.27 - AuthenTec, Inc.)
Lenovo Patch Utility (HKLM\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.03.13 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
LibreCAD (HKLM\...\LibreCAD) (Version: 2.1.2 - LibreCAD Team)
LucasArts' Outlaws (HKLM\...\LucasArts' Outlaws) (Version:  - )
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 CSY (HKLM\...\{E8BEDB28-151D-465C-9BE0-F6EB930A629C}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 52.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 52.0.2 (x86 cs)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need For Speed - Porsche Unleashed (HKLM\...\Need For Speed - Porsche Unleashed) (Version:  - )
OpenOffice.org 3.3 (HKLM\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
OpenTTD 1.7.0 (HKLM\...\OpenTTD) (Version: 1.7.0 - OpenTTD)
PlugY, The Survival Kit (HKLM\...\PlugY, The Survival Kit) (Version: 11.02 - )
Power Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.32 - )
Presentation Director (HKLM\...\{65706020-7B6F-41F2-8047-FC69579E386A}) (Version: 4.08 - )
Productivity Center Supplement for ThinkPad (HKLM\...\{D728E945-256D-4477-B377-6BBA693714AC}) (Version: 3.00b - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QCAD 3.15.3 (HKLM\...\QCAD) (Version: 3.15.3 - RibbonSoft GmbH)
QuickLOAD (HKLM\...\ST5UNST #1) (Version:  - )
Red Alert Windows 95 (HKLM\...\Red Alert) (Version:  - )
Registry patch for Windows Vista USB S3 PM Enablement (HKLM\...\USBPMon) (Version: 1.00 - )
Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista (HKLM\...\Dipmon) (Version: 1.01 - )
Rescue and Recovery (HKLM\...\{7E4C16B8-8F76-4940-8505-98E93C00BF19}) (Version: 4.21.0015.00 - Lenovo Group Limited)
Sierra Utilities (HKLM\...\Sierra Utilities) (Version:  - )
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{F8F28729-B336-492C-B4FD-53A9BBDF0482}) (Version: 13.04.0000 - Intel Corporation)
Star Wars Jedi Knight Jedi Academy (HKLM\...\{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}) (Version:  - )
Starcraft (HKLM\...\Starcraft) (Version:  - )
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellarium 0.12.2 (HKLM\...\Stellarium_is1) (Version: 0.12.2 - Stellarium team)
Stronghold (HKLM\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version:  - )
Stronghold Crusader (HKLM\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version:  - )
System Migration Assistant (HKLM\...\{8A4DB1CA-8206-4ADC-805C-66ACF1611DA3}) (Version: 6.00.0009 - Lenovo Group Limited.)
System Update (HKLM\...\{8675339C-128C-44DD-83BF-0A5D6ABD8297}) (Version: 3.15.0017 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3100 - Broadcom Corporation)
ThinkPad EasyEject Utility  (HKLM\...\{1297C681-92D7-40EF-93BF-03F66EC5105C}) (Version: 2.39 - )
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad Keyboard Customizer Utility (HKLM\...\{2111B23F-7FDA-4A41-8309-E5A1663CA296}) (Version: 1.0.01 - )
ThinkPad Mobility Center Customization (HKLM\...\{90FABD40-E741-446F-839D-CEAE905D63BE}) (Version: 1.50.0000 - Lenovo)
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.50 - Conexant Systems)
ThinkPad TrackPoint Driver (HKLM\...\TrackPoint) (Version: 4.73.1.0 - Lenovo)
ThinkVantage Access Connections (HKLM\...\{4D828D53-4443-45C6-86DE-23B1562107FE}) (Version: 5.90 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.5 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 1.42 - Lenovo)
ThinkVantage Productivity Center (HKLM\...\{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}) (Version: 3.11 - Lenovo)
TPFanControl v0.63 (HKLM\...\{717F5741-5C2E-4469-BDA0-B5EC2243646F}_is1) (Version:  - troubadix)
True Combat: Elite 0.49 (HKLM\...\True Combat: Elite) (Version: 0.49 - GrooveSix, TeamTerminator)
UninstallFujitsu Mouse WI910 Touch (HKLM\...\{05A0D09B-DFB9-44DD-A8DC-5CD1319F3120}}_is1) (Version:  - Fujitsu Mouse WI910 Touch)
Unity Web Player (HKU\S-1-5-21-1969540636-3590949601-557156478-1000\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS)
Unreal Commander v0.96 (HKLM\...\UnrealCommander_is1) (Version:  - Max Diesel)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Webshare uploader (HKLM\...\WebshareDLC) (Version:  - Webshare)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430) (HKLM\...\2004BB9EB6CEA02846881BEF1F51C11F7A90C9D6) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zoner Callisto 5 FREE (HKLM\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1969540636-3590949601-557156478-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\ATAcomp\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-03-25] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-03-25] (AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2017-12-11] (Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files\Alcohol Soft\Alcohol 52\AxShlex.dll [2010-03-25] (Alcohol Soft Development Team)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-03-25] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-10-13] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-03-25] (AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2017-12-11] (Foxit Software Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {234FE388-BC18-4F14-82CC-EB6732C5F693} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-03-25] (AVAST Software)
Task: {2B044551-CE1E-43C3-BCD1-9A754662CF2F} - System32\Tasks\PMTask => C:\Program Files\ThinkPad\Utilities\PWMIDTSV.EXE [2012-05-16] (Lenovo Group Limited)
Task: {41EA8B32-05C1-4ABB-A3D3-DD533FAA7936} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-17] (Adobe Systems Incorporated)
Task: {45FCFC8B-14C9-46EB-BADA-C40FB58D0B53} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-03-06] (Piriform Ltd)
Task: {68ECABAA-DCB0-45C4-A0D3-2C1F4A6F2478} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-10] ()
Task: {7BF02BB0-2866-4B90-8124-C153A3AE44E2} - System32\Tasks\{17DD8700-FBA9-4669-8A79-7EAC046F940C} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe" -c /M{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}
Task: {8A4AEB9C-4A3D-414C-B18A-47DC38104B57} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {938ABCAB-8EAE-4591-879A-3C92D78A6189} - System32\Tasks\SafeZone scheduled Autoupdate 1459483513 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {A5C6A5DD-F2AC-4C3F-8C40-C61FB8BEF3CF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-18] (AVAST Software)
Task: {A89CBAB0-EBD4-45DE-81CD-B9A807BD028B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C105AE8F-65B1-4D38-8799-FEE13145076E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {D3933DB9-2ED3-4659-AB6C-6C57875857A5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-16] (Adobe Systems Incorporated)
Task: {E799DC6A-66E0-4D30-87CA-C7C649647CAA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-03-06] (Piriform Ltd)
Task: {E9FAE569-5703-4C7A-A0A4-DE3F60066C81} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe [2018-03-16] (Adobe Systems Incorporated)
Task: {EEE6849A-4E6B-47CF-89F7-22F06B2261B3} - System32\Tasks\{13754263-EED2-42BA-B528-15C8135A6E0F} => C:\Windows\system32\pcalua.exe -a D:\Directx\dxsetup.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-03-25 17:28 - 2018-03-25 17:28 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-03-25 17:28 - 2018-03-25 17:28 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-03-29 16:08 - 2018-03-29 16:08 - 005809296 _____ () C:\Program Files\AVAST Software\Avast\defs\18032902\algo.dll
2018-03-25 17:28 - 2018-03-25 17:28 - 000756952 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-03-25 17:28 - 2018-03-25 17:28 - 000172760 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-03-25 17:28 - 2018-03-25 17:28 - 000964824 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-03-25 17:28 - 2018-03-25 17:28 - 000475352 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-03-25 17:28 - 2018-03-25 17:28 - 000339672 _____ () C:\Program Files\AVAST Software\Avast\streamback_avast.dll
2018-03-29 21:54 - 2018-03-29 21:54 - 005809296 _____ () C:\Program Files\AVAST Software\Avast\defs\18032904\algo.dll
2012-05-30 17:10 - 2012-05-30 17:10 - 000086016 _____ () C:\Program Files\ThinkPad\ConnectUtilities\AcWrpc.dll
2014-11-01 23:28 - 2014-11-02 21:45 - 000075136 _____ () C:\Windows\system32\PnkBstrA.exe
2014-11-01 23:28 - 2016-04-29 06:27 - 000099904 _____ () C:\Windows\system32\PnkBstrB.exe
2008-06-06 18:26 - 2008-06-06 18:26 - 000520192 _____ () C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
2008-06-06 18:13 - 2008-06-06 18:13 - 000139264 _____ () C:\Program Files\Lenovo\Rescue and Recovery\CDRecord.dll
2011-01-24 13:35 - 2011-01-24 13:35 - 000132384 _____ () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
2008-06-06 18:13 - 2008-06-06 18:13 - 000139264 _____ () C:\Program Files\Common Files\Lenovo\CDRecord.dll
2012-11-27 16:08 - 2012-05-16 07:32 - 000083968 ____N () C:\Program Files\ThinkPad\Utilities\US\PWMRT32V.DLL
2018-03-25 17:28 - 2018-03-25 17:28 - 048936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-03-25 17:28 - 2018-03-25 17:28 - 000275160 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:8927A071 [404]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2018-03-25 17:08 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1969540636-3590949601-557156478-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Win-theme-pozadi-ATAcomp.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: FileZilla Server Interface => "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe"
MSCONFIG\startupreg: LPMailChecker => C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
MSCONFIG\startupreg: LPManager => C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [{F5BC1589-9443-46A4-A48A-203E1A3ADEDD}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{59C06A72-23E2-4D3F-80D5-21524B1280CB}C:\miranda im\miranda32.exe] => (Allow) C:\miranda im\miranda32.exe
FirewallRules: [UDP Query User{3E5F8CB8-517A-4279-A0B1-7B10D1277D07}C:\miranda im\miranda32.exe] => (Allow) C:\miranda im\miranda32.exe
FirewallRules: [{D4CA87DB-D0AB-4B2A-9D07-BD612433D83D}] => (Allow) LPort=80
FirewallRules: [{F99D4317-6A9B-45FE-9338-21089433BFD3}] => (Allow) LPort=80
FirewallRules: [{4CD06E89-2BA2-4C68-8EEF-DC3511C0F825}] => (Allow) LPort=80
FirewallRules: [{F07570F3-5BDE-4E07-BA14-80F2A9E7CE28}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{E638ED4E-B9CE-4757-B373-9A01EF6011A2}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{455EDDAA-9EED-417B-BA09-0583FE4B72C7}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{5E12C72D-3061-45D3-9E6C-EE81CEFCD29A}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{F0726374-616C-4B96-87E9-BBEC28EC74EC}] => (Allow) C:\Users\ATAcomp\AppData\Local\PunkBuster\ET\pb\PnkBstrB.exe
FirewallRules: [{69EF3CDC-14B4-4571-A418-CE1FEF7231EF}] => (Allow) C:\Users\ATAcomp\AppData\Local\PunkBuster\ET\pb\PnkBstrB.exe
FirewallRules: [TCP Query User{BE717534-B0D6-4D9E-8C7D-70D966D8B80B}C:\program files\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files\firefly studios\stronghold crusader\stronghold crusader.exe
FirewallRules: [UDP Query User{6C1C5B9C-C904-4C28-8C71-DB456FE6A6C8}C:\program files\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files\firefly studios\stronghold crusader\stronghold crusader.exe
FirewallRules: [TCP Query User{F8E04F55-4521-4DC9-B4C5-C72EB704AFB4}C:\windows\system32\dplaysvr.exe] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [UDP Query User{FB204077-8176-4156-87E9-D6BC2A6C2FF3}C:\windows\system32\dplaysvr.exe] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [TCP Query User{19015597-FCFB-4ED2-8C1C-B48677389EFF}C:\program files\firefly studios\stronghold\stronghold.exe] => (Allow) C:\program files\firefly studios\stronghold\stronghold.exe
FirewallRules: [UDP Query User{8E367233-43D0-4263-904B-C019304E8C6F}C:\program files\firefly studios\stronghold\stronghold.exe] => (Allow) C:\program files\firefly studios\stronghold\stronghold.exe
FirewallRules: [{01421D91-AC16-4DA4-B07D-73BD486D9786}] => (Allow) LPort=45301
FirewallRules: [{51ADEC08-112B-46BB-B2F6-ED6F59ECB468}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{7A11099F-81FC-409A-847D-7D557BC187AD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B81EA7E8-1DDC-406A-8D98-DD32CF855B11}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{620CF8D7-89B5-416D-B6DE-A97DD71358A4}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{6BB2FF35-8707-4BCF-9A09-24740B0EE8BB}] => (Allow) C:\Program Files\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{01EB524A-ABFB-42DA-A6DC-11683EB2272C}] => (Allow) C:\Program Files\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{F4A45A04-5590-4092-A9C7-55982BACD914}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{72E743C8-B345-4441-8F69-5F9D07ED80BF}] => (Allow) C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe
FirewallRules: [{FE001E10-BED0-4509-84C9-540B29C07D99}] => (Allow) C:\Program Files\Steam\bin\cef\cef.winxp\steamwebhelper.exe

==================== Restore Points =========================

26-03-2018 20:07:10 Configured GR_Patch_4_extractor
26-03-2018 20:13:44 Removed Oracle VM VirtualBox 5.1.26
26-03-2018 20:15:42 Odebráno: PC Connectivity Solution

==================== Faulty Device Manager Devices =============

Name: Řadič jednoduché komunikace pro sběrnici PCI
Description: Řadič jednoduché komunikace pro sběrnici PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Sériový port sběrnice PCI
Description: Sériový port sběrnice PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič sběrnice SM 
Description: Řadič sběrnice SM 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: AYM1AN2Z IDE Controller
Description: AYM1AN2Z IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: a5g5wn8q
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/28/2018 05:07:45 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: Systém událostí modelu COM+ nemohl odebrat objekt EventSystem.EventSubscription - {F6FE5592-FCBC-44AD-A836-D37F5085ED5B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Výsledek HRESULT byl 80070005.

Error: (03/27/2018 10:15:39 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: Systém událostí modelu COM+ nemohl odebrat objekt EventSystem.EventSubscription - {F6FE5592-FCBC-44AD-A836-D37F5085ED5B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Výsledek HRESULT byl 80070005.

Error: (03/27/2018 04:16:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace esetonlinescanner_csy.exe, verze 2.0.19.0, časové razítko 0x59e88d00, chybující modul esets_apiW_a.dll_unloaded, verze 0.0.0.0, časové razítko 0x59d22ad5, kód výjimky 0xc0000005, posun chyby 0x5a018560,
ID procesu 0x16d0, čas spuštění aplikace 0x01d3c535b739b8c7.

Error: (03/26/2018 08:28:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace gldriverquery.exe, verze 0.0.0.0, časové razítko 0x59bc6c77, chybující modul VCRUNTIME140.dll, verze 6.0.6002.24024, časové razítko 0x57f7c302, kód výjimky 0xc0000135, posun chyby 0x00009f85,
ID procesu 0x1b40, čas spuštění aplikace 0x01d3c5304d9f3590.

Error: (03/26/2018 08:07:09 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
   Shromažďování dat modulu pro zápis

Kontext:
   ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
   Název modulu pro zápis: System Writer
   ID instance modulu pro zápis: {4faa6e09-90b9-4d59-9155-f9b3c4033fb9}

Error: (03/26/2018 03:27:20 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu PNRPsvc v knihovně DLL C:\Windows\system32\pnrpperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/26/2018 03:27:19 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: Procedura Collect pro službu EmdCache v knihovně DLL C:\Windows\system32\emdmgmt.dll generovala výjimku nebo vrátila neplatný stav. Výkonnostní data vrácená knihovnou DLL čítačů nebudou vrácena v bloku výkonnostních dat. Kód výjimky nebo stavu obsahují první čtyři bajty (DWORD) v datové části.

Error: (03/26/2018 03:27:19 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\system32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (03/30/2018 09:29:38 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba Foxit Reader Service je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/30/2018 08:58:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Data Transfer Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/29/2018 09:54:12 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Služba KTMRM pro koordinátor DTC ukončena s chybou 2147942438 (0x80070026), specifickou pro službu.

Error: (03/29/2018 09:50:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo: 
tvtumon

Error: (03/29/2018 09:50:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Parallel port driver neuspěla při spuštění v důsledku následující chyby: 
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (03/29/2018 09:50:19 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Zapůjčení adresy IP 192.168.8.101 pro síťovou kartu s adresou 0022FAC3C064 byla serverem DHCP 192.168.8.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error: (03/29/2018 04:12:03 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby SysMain bylo dosaženo časového limitu (30000 ms).

Error: (03/29/2018 04:11:33 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby TrkWks bylo dosaženo časového limitu (30000 ms).


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU L9400 @ 1.86GHz
Percentage of memory in use: 45%
Total physical RAM: 3031.08 MB
Available physical RAM: 1638.5 MB
Total Virtual: 6267.14 MB
Available Virtual: 4443.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.05 GB) (Free:29.23 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Diablo 2 + LOD) (CDROM) (Total:2.15 GB) (Free:0 GB) CDFS

\\?\Volume{d3e66eda-3359-11e8-afd2-00242cba8295}\ () (RAMDisk) (Total:0 GB) (Free:0 GB) 
\\?\Volume{c3c24075-5971-11e2-ae0b-0022fac3c064}\ () (CDROM) (Total:0 GB) (Free:0 GB) 

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149 GB) (Disk ID: 614B770F)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================