Prosím o kontrolu logu z FRST
Napsal: 02 led 2017 13:27
Dobrý den,
prosím kontrolu logu. Počítač je pomalý, i přes nevítíženost dle TM je procesor dost zaneprázděný...
Předem děkuji,
PH
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
Ran by Roman (administrator) on ROMAN-IBM-T61 (02-01-2017 13:14:58)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(forum.viry.cz) C:\Users\Roman\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-03-29] (Lenovo.)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-07-13] (AVAST Software)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-721136663-3884963376-534329591-1000\...\Run: [uTorrent] => C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe [1979072 2016-12-29] (BitTorrent Inc.)
HKU\S-1-5-21-721136663-3884963376-534329591-1000\...\MountPoints2: E - E:\Lenovo_Suite.exe
HKU\S-1-5-21-721136663-3884963376-534329591-1000\...\MountPoints2: {010c2492-c3b1-11e5-a6b6-001c25bcc973} - E:\Lenovo_Suite.exe
HKU\S-1-5-21-721136663-3884963376-534329591-1000\...\MountPoints2: {8a79c9b9-1881-11e2-8df2-001c26d8904b} - E:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-721136663-3884963376-534329591-1000\...\MountPoints2: {a27200c1-4bb6-11e1-b9be-001c26d8904b} - E:\LaunchU3.exe
HKU\S-1-5-21-721136663-3884963376-534329591-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-13] (AVAST Software)
Startup: C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2012-01-29]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
BootExecute: autocheck autochk * aswBoot.exe /M:11045c233 /wow /dir:"C:\Program Files\AVAST Software\Avast"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 06 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 06 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{1AD6FBD0-0CD7-4168-9997-2D014B1A1BA2}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{5DB3571F-4CF2-40C5-90EB-594C8C1B6749}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{E2E17D6F-8195-4565-B3B4-F492379D4155}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-02]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-24] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-24] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-721136663-3884963376-534329591-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Roman\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-721136663-3884963376-534329591-1000: @talk.google.com/O1DPlugin -> C:\Users\Roman\AppData\Roaming\Mozilla\plugins\npo1d.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-721136663-3884963376-534329591-1000: @talk.google.com/O3DPlugin -> C:\Users\Roman\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll [2013-10-29] ()
FF Plugin HKU\S-1-5-21-721136663-3884963376-534329591-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Roman\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-721136663-3884963376-534329591-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Roman\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Roman\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2013-10-29] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Roman\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll [2013-10-29] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Roman\AppData\Roaming\mozilla\plugins\npo1d.dll [2013-10-29] (Google)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-01-29] (Adobe Systems) [File not signed]
R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-13] (AVAST Software)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [477032 2011-03-24] (Lenovo.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2011-07-25] (Lenovo Group Limited) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 ServiceLayer; "C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2017-01-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2017-01-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2017-01-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2017-01-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2017-01-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2017-01-02] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2017-01-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-02] (AVAST Software)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
S3 Rockusb; C:\Windows\System32\DRIVERS\rockusb.sys [68456 2014-06-13] (Fuzhou Rockchip Electronics Co,Ltd.)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-02 13:14 - 2017-01-02 13:15 - 00017302 _____ C:\Users\Roman\Desktop\FRST.txt
2017-01-02 13:14 - 2017-01-02 13:14 - 00000000 ____D C:\FRST
2017-01-02 13:13 - 2017-01-02 13:13 - 00112640 _____ (forum.viry.cz) C:\Users\Roman\Desktop\FRSTLauncher.exe
2017-01-02 13:06 - 2017-01-02 13:06 - 02418176 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2017-01-02 13:04 - 2016-08-10 20:08 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswAF52.tmp
2017-01-02 13:04 - 2016-05-13 19:07 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswACE1.tmp
2017-01-02 13:04 - 2016-05-13 19:07 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswB0F8.tmp
2017-01-02 13:04 - 2016-05-13 19:07 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA409.tmp
2017-01-02 13:04 - 2016-05-13 19:07 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9FB3.tmp
2017-01-02 13:04 - 2016-05-13 19:07 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA7C1.tmp
2017-01-02 13:04 - 2016-05-13 19:07 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA179.tmp
2017-01-02 13:04 - 2016-05-13 19:05 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9BEB.tmp
2017-01-02 13:04 - 2016-05-13 19:05 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9999.tmp
2017-01-02 13:03 - 2017-01-02 13:03 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-01-02 13:03 - 2017-01-02 13:03 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-12-30 19:27 - 2016-12-30 19:27 - 00072698 _____ C:\Users\Roman\Documents\Zápis ze schůze PL odboru dne 13.pdf
2016-12-30 18:42 - 2016-12-31 09:46 - 00020412 _____ C:\Users\Roman\Documents\reakce.docx
2016-12-30 18:21 - 2016-12-30 19:27 - 00231936 _____ C:\Users\Roman\Documents\Brigady.xls
2016-12-30 17:30 - 2016-12-30 17:30 - 00050688 _____ C:\Users\Roman\Documents\Rok 2016.doc
2016-12-30 17:29 - 2016-12-30 17:29 - 00094770 _____ C:\Users\Roman\Documents\IMG_1174.JPG
2016-12-30 15:43 - 2016-12-31 09:38 - 00026849 _____ C:\Users\Roman\Documents\Zápis ze schůze PL odboru dne 13.docx
2016-12-03 21:42 - 2016-12-04 12:38 - 00892416 _____ C:\Users\Roman\Documents\Plachtova schuze 2017.ppt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-02 13:06 - 2015-08-14 20:33 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-01-02 13:06 - 2012-01-28 20:40 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2017-01-02 13:06 - 2012-01-28 20:40 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-01-02 13:05 - 2016-07-14 06:26 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-01-02 13:05 - 2012-02-04 19:06 - 00000000 ____D C:\Users\Roman\AppData\Roaming\uTorrent
2017-01-02 13:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-02 13:03 - 2015-08-14 20:40 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-01-02 13:03 - 2015-08-14 20:39 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-01-02 13:03 - 2015-08-14 20:33 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148335877494412
2017-01-02 13:03 - 2015-08-14 20:33 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-01-02 13:03 - 2015-08-14 20:33 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-01-02 13:03 - 2012-01-28 20:40 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148335877240010
2017-01-02 13:03 - 2012-01-28 20:40 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-01-02 13:02 - 2016-05-13 19:08 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-01-02 13:02 - 2012-01-28 20:40 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.148335876967007
2017-01-02 13:00 - 2009-07-14 05:45 - 00022272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-02 13:00 - 2009-07-14 05:45 - 00022272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-02 12:59 - 2013-11-12 21:44 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-02 12:59 - 2012-01-27 10:26 - 00003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{46BC4FB9-8E2A-42FA-A0C0-C2603B5BB91B}
2017-01-02 12:57 - 2009-07-14 13:50 - 00672424 _____ C:\Windows\system32\perfh005.dat
2017-01-02 12:57 - 2009-07-14 13:50 - 00142988 _____ C:\Windows\system32\perfc005.dat
2017-01-02 12:57 - 2009-07-14 06:13 - 01593374 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-02 12:51 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-02 10:49 - 2016-04-30 08:59 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-31 09:53 - 2012-01-27 08:54 - 00000000 ___RD C:\Users\Roman\Documents
2016-12-30 18:21 - 2012-01-27 08:54 - 00000000 ___RD C:\Users\Roman\Downloads
2016-12-29 13:38 - 2012-01-29 01:36 - 00000000 ____D C:\Users\Roman\AppData\Roaming\vlc
2016-12-29 13:12 - 2012-01-27 08:54 - 00000000 ___RD C:\Users\Roman\Videos
2016-12-28 12:40 - 2012-01-27 08:54 - 00000000 ___RD C:\Users\Roman\Pictures
2016-12-24 18:59 - 2016-04-30 08:59 - 00003962 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-12-24 18:59 - 2013-11-12 21:44 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-24 18:59 - 2012-04-30 06:06 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-24 18:59 - 2012-02-29 22:54 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-24 18:59 - 2012-01-30 22:49 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-24 18:59 - 2012-01-30 22:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-24 18:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64
2016-12-24 18:49 - 2015-03-13 15:12 - 00003856 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1418591433
2016-12-24 18:49 - 2012-01-28 20:48 - 00000000 ____D C:\Program Files (x86)\Opera
2016-12-24 18:49 - 2009-07-14 04:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-12-24 18:48 - 2013-12-21 14:43 - 00000000 __SHD C:\Windows\Installer
2016-12-20 06:38 - 2015-01-03 10:24 - 00003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-20 06:38 - 2015-01-03 10:24 - 00003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-20 06:38 - 2009-07-14 04:20 - 00000000 ___RD C:\Program Files (x86)
2016-12-20 06:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Tasks
==================== Files in the root of some directories =======
2012-01-29 23:14 - 2001-05-25 02:00 - 0097316 _____ () C:\Users\Roman\AppData\Roaming\aapmzdes.dll
2014-11-21 22:10 - 2014-11-28 23:13 - 0006656 _____ () C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-01-28 20:29 - 2015-11-23 22:09 - 0007630 _____ () C:\Users\Roman\AppData\Local\resmon.resmoncfg
2015-11-24 22:42 - 2015-11-24 22:42 - 0000000 _____ () C:\Users\Roman\AppData\Local\{D8FEF3D4-7641-4886-AC2C-1DF99C48FD57}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3 [127]
==================== Security Center ==================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Roman\Desktop" je 2799 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017
Ran by Roman (02-01-2017 13:16:11)
Running from C:\Users\Roman\Desktop
Windows 7 Enterprise Service Pack 1 (X64) (2012-01-27 07:54:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-721136663-3884963376-534329591-500 - Administrator - Disabled)
Guest (S-1-5-21-721136663-3884963376-534329591-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-721136663-3884963376-534329591-1002 - Limited - Enabled)
Roman (S-1-5-21-721136663-3884963376-534329591-1000 - Administrator - Enabled) => C:\Users\Roman
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-721136663-3884963376-534329591-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version: - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version: - )
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 12.3.2280 - AVAST Software)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Talk Plugin (HKLM-x32\...\{2A83AD05-56E6-3FBD-8752-B4143162EF59}) (Version: 4.9.1.16010 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Inkscape 0.48.2 (HKLM-x32\...\Inkscape) (Version: 0.48.2 - )
Intel PROSet Wireless (x32 Version: - ) Hidden
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 4.7.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 4.7.0 - )
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.10 - )
Lenovo Patch Utility (HKLM-x32\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{39A04221-294E-4D90-A0F2-CCB1EF15CB56}) (Version: 1.2.0.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.04 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Microsoft .NET Compact Framework 2.0 (HKLM-x32\...\{625386A4-B6B6-4911-A6E8-23189C3F2D15}) (Version: 2.0.5239 - Microsoft Corporation)
Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Ovladače grafiky 311.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.35 - NVIDIA Corporation)
Opera 12.18 (HKLM-x32\...\Opera 12.18.1872) (Version: 12.18.1872 - Opera Software ASA)
Opera Stable 42.0.2393.94 (HKLM-x32\...\Opera 42.0.2393.94) (Version: 42.0.2393.94 - Opera Software)
Ovládací panel NVIDIA 311.35 (Version: 311.35 - NVIDIA Corporation) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SeeYou Mobile (HKLM-x32\...\SeeYou Mobile) (Version: - )
SeeYou Version 3.5 (HKLM-x32\...\SeeYou_is1) (Version: - )
Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.7255 - Analog Devices)
System Migration Assistant (HKLM-x32\...\{8A4DB1CA-8206-4ADC-805C-66ACF1611DA3}) (Version: 6.00.0009 - Lenovo Group Limited.)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.01.0015 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3100 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588) (Version: 7.62.00 - )
ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.48 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 5.85 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.75 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{C2938C94-239C-4156-B245-C5406A4F3E93}) (Version: 5.9.5.7038 - Authentec Inc.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-721136663-3884963376-534329591-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Roman\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-721136663-3884963376-534329591-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Roman\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2D3691C2-6B1B-446C-BD1E-2AE9BF06A66F} - System32\Tasks\Opera scheduled Autoupdate 1418591433 => C:\Program Files (x86)\Opera\launcher.exe [2016-12-19] (Opera Software)
Task: {38D681A3-B862-49E5-A8F9-E545F0CA75E2} - System32\Tasks\SafeZone scheduled Autoupdate 1468474073 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {3ADF3DC3-74D4-4E09-A1BF-071D4B16E61A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-24] (Adobe Systems Incorporated)
Task: {5245D6CB-1C27-474C-837E-63AA27B5F939} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {59FA0B37-58C8-4BB2-A02C-EFA6C6BA4791} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {5CBDAD22-2265-428A-853B-6A41D0ED7D52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {6332A619-31EC-4B62-91F9-A00C6B3F507A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {687314CA-EA13-4E41-A04D-9B89D008765C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {6A583479-39FE-4E91-B53B-EC9178F23A88} - System32\Tasks\{9AA03CF3-9975-4FA0-ABD2-D60D93594127} => c:\program files (x86)\opera\opera.exe [2016-02-21] (Opera Software)
Task: {7E5A3688-44DF-4B53-88A6-06F20F2F8AE1} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {80A1D0A1-8677-4F86-8049-E324FD07BAC4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2017-01-02] (AVAST Software)
Task: {B7250F30-5053-4AD0-A204-F903A519DA34} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-03-24] (Lenovo Group Limited)
Task: {C7CC8DDC-078B-4511-9AEF-59B5822C11FB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe [2016-12-24] (Adobe Systems Incorporated)
Task: {ED9EC5BA-8563-4D11-9363-6931510A1E78} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-05] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2011-07-27 20:07 - 2011-07-27 20:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-03-17 20:58 - 2013-02-27 12:37 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-01-27 13:41 - 2011-03-24 03:48 - 00044544 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2016-05-13 19:05 - 2016-05-13 19:05 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-13 19:05 - 2016-05-13 19:05 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-02 12:52 - 2017-01-02 12:52 - 03131344 _____ () C:\Program Files\AVAST Software\Avast\defs\17010200\algo.dll
2016-05-13 19:05 - 2016-05-13 19:05 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-05-13 19:05 - 2016-05-13 19:05 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2011-10-20 10:12 - 2011-10-20 10:12 - 00086016 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2016-05-13 19:06 - 2016-05-13 19:06 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-01-28 20:48 - 2016-02-21 20:56 - 00835584 _____ () C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00093696 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00094208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00057344 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00096256 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00062976 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00067072 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00158208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00312832 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00038912 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00073728 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00101888 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
2016-05-13 19:06 - 2016-05-13 19:06 - 00984576 _____ () C:\Program Files\AVAST Software\Avast\ffmpegsumo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3 [127]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-721136663-3884963376-534329591-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3F653DFD-F449-49FD-871E-E51DD4255597}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{D81AE341-2C2E-43EB-978D-7A5FB9BC4102}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{F87FAE25-082B-460E-8DE0-1383562C107D}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{4C7A7F62-54F5-4918-8E29-ECEBC5BCA7BC}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{69C37905-1BA5-4611-9B32-436E2EB5C1CE}G:\dokumenty\hry\age of empires\empires2.exe] => G:\dokumenty\hry\age of empires\empires2.exe
FirewallRules: [UDP Query User{BBE08E1D-EE18-4133-B731-727233C84780}G:\dokumenty\hry\age of empires\empires2.exe] => G:\dokumenty\hry\age of empires\empires2.exe
FirewallRules: [TCP Query User{065A07A7-C23F-452C-989B-7E557F93E382}C:7\dokumenty\hry\age of empires\empires2.exe] => C:7\dokumenty\hry\age of empires\empires2.exe
FirewallRules: [UDP Query User{8DCD05DD-B261-4DEA-8C39-98E67CCBF360}C:7\dokumenty\hry\age of empires\empires2.exe] => C:7\dokumenty\hry\age of empires\empires2.exe
FirewallRules: [{23C021C7-E046-4CFC-8C90-B30B6355C457}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{AD8D5CCC-E5B6-4E7D-AAD8-6FACF5E21B83}] => LPort=2869
FirewallRules: [{7AA60738-0818-454A-94A8-D7BC3EF57941}] => LPort=1900
FirewallRules: [{284691F3-E6AA-4144-888C-703E33E67639}] => C:\Users\Roman\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{FC2AFDDE-C90D-49D4-B2B2-AE64AE12EC24}] => C:\Users\Roman\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [TCP Query User{801CCD22-33F3-4F5B-8854-3E972292D067}F:\dokumenty\hry\tanks\wotlauncher.exe] => F:\dokumenty\hry\tanks\wotlauncher.exe
FirewallRules: [UDP Query User{3D33CE8B-AF4F-4A58-9033-7DD191A1AD86}F:\dokumenty\hry\tanks\wotlauncher.exe] => F:\dokumenty\hry\tanks\wotlauncher.exe
FirewallRules: [{11EDEBF9-A8DB-45DC-9654-24D1CDEFFB4B}] => C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D5D9A42A-C42E-488B-8DEA-859A3E7CAEAA}] => C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EEC679A0-A033-4137-8F28-A76E4619FCA8}] => C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C5E1CBDA-8E46-436B-9F21-B45B961D18BE}] => C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DF73882E-3E0B-4796-9B25-6F913AEBC1FA}] => C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [{EEFD1BDC-9902-47A3-97CD-1A938459DE77}] => C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [TCP Query User{E49F5166-FBBB-4776-AD75-8445DA55041E}C:\users\roman\appdata\roaming\utorrent\updates\3.4.5_41162.exe] => C:\users\roman\appdata\roaming\utorrent\updates\3.4.5_41162.exe
FirewallRules: [UDP Query User{CD42C9E9-DDED-47FE-8953-43EA012D5712}C:\users\roman\appdata\roaming\utorrent\updates\3.4.5_41162.exe] => C:\users\roman\appdata\roaming\utorrent\updates\3.4.5_41162.exe
==================== Restore Points =========================
14-07-2016 00:11:13 Windows Update
06-11-2016 20:56:11 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/02/2017 12:51:04 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (01/02/2017 12:51:04 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (01/02/2017 12:51:04 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (11/12/2016 11:02:37 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (11/12/2016 11:02:37 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (11/12/2016 11:02:37 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (11/12/2016 11:02:37 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (11/12/2016 11:02:37 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (11/12/2016 11:02:37 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (11/12/2016 10:41:22 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0
System errors:
=============
Error: (01/02/2017 12:52:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/02/2017 12:52:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
prosím kontrolu logu. Počítač je pomalý, i přes nevítíženost dle TM je procesor dost zaneprázděný...
Předem děkuji,
PH
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
Ran by Roman (administrator) on ROMAN-IBM-T61 (02-01-2017 13:14:58)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(forum.viry.cz) C:\Users\Roman\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-03-29] (Lenovo.)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-07-13] (AVAST Software)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-721136663-3884963376-534329591-1000\...\Run: [uTorrent] => C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe [1979072 2016-12-29] (BitTorrent Inc.)
HKU\S-1-5-21-721136663-3884963376-534329591-1000\...\MountPoints2: E - E:\Lenovo_Suite.exe
HKU\S-1-5-21-721136663-3884963376-534329591-1000\...\MountPoints2: {010c2492-c3b1-11e5-a6b6-001c25bcc973} - E:\Lenovo_Suite.exe
HKU\S-1-5-21-721136663-3884963376-534329591-1000\...\MountPoints2: {8a79c9b9-1881-11e2-8df2-001c26d8904b} - E:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-721136663-3884963376-534329591-1000\...\MountPoints2: {a27200c1-4bb6-11e1-b9be-001c26d8904b} - E:\LaunchU3.exe
HKU\S-1-5-21-721136663-3884963376-534329591-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-13] (AVAST Software)
Startup: C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2012-01-29]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
BootExecute: autocheck autochk * aswBoot.exe /M:11045c233 /wow /dir:"C:\Program Files\AVAST Software\Avast"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 06 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 06 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{1AD6FBD0-0CD7-4168-9997-2D014B1A1BA2}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{5DB3571F-4CF2-40C5-90EB-594C8C1B6749}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{E2E17D6F-8195-4565-B3B4-F492379D4155}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-02]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-24] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-24] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-721136663-3884963376-534329591-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Roman\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-721136663-3884963376-534329591-1000: @talk.google.com/O1DPlugin -> C:\Users\Roman\AppData\Roaming\Mozilla\plugins\npo1d.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-721136663-3884963376-534329591-1000: @talk.google.com/O3DPlugin -> C:\Users\Roman\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll [2013-10-29] ()
FF Plugin HKU\S-1-5-21-721136663-3884963376-534329591-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Roman\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-721136663-3884963376-534329591-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Roman\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Roman\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2013-10-29] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Roman\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll [2013-10-29] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Roman\AppData\Roaming\mozilla\plugins\npo1d.dll [2013-10-29] (Google)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-01-29] (Adobe Systems) [File not signed]
R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-13] (AVAST Software)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [477032 2011-03-24] (Lenovo.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2011-07-25] (Lenovo Group Limited) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 ServiceLayer; "C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2017-01-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2017-01-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2017-01-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2017-01-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2017-01-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2017-01-02] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2017-01-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-02] (AVAST Software)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
S3 Rockusb; C:\Windows\System32\DRIVERS\rockusb.sys [68456 2014-06-13] (Fuzhou Rockchip Electronics Co,Ltd.)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-02 13:14 - 2017-01-02 13:15 - 00017302 _____ C:\Users\Roman\Desktop\FRST.txt
2017-01-02 13:14 - 2017-01-02 13:14 - 00000000 ____D C:\FRST
2017-01-02 13:13 - 2017-01-02 13:13 - 00112640 _____ (forum.viry.cz) C:\Users\Roman\Desktop\FRSTLauncher.exe
2017-01-02 13:06 - 2017-01-02 13:06 - 02418176 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2017-01-02 13:04 - 2016-08-10 20:08 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswAF52.tmp
2017-01-02 13:04 - 2016-05-13 19:07 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswACE1.tmp
2017-01-02 13:04 - 2016-05-13 19:07 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswB0F8.tmp
2017-01-02 13:04 - 2016-05-13 19:07 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA409.tmp
2017-01-02 13:04 - 2016-05-13 19:07 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9FB3.tmp
2017-01-02 13:04 - 2016-05-13 19:07 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA7C1.tmp
2017-01-02 13:04 - 2016-05-13 19:07 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA179.tmp
2017-01-02 13:04 - 2016-05-13 19:05 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9BEB.tmp
2017-01-02 13:04 - 2016-05-13 19:05 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9999.tmp
2017-01-02 13:03 - 2017-01-02 13:03 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-01-02 13:03 - 2017-01-02 13:03 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-12-30 19:27 - 2016-12-30 19:27 - 00072698 _____ C:\Users\Roman\Documents\Zápis ze schůze PL odboru dne 13.pdf
2016-12-30 18:42 - 2016-12-31 09:46 - 00020412 _____ C:\Users\Roman\Documents\reakce.docx
2016-12-30 18:21 - 2016-12-30 19:27 - 00231936 _____ C:\Users\Roman\Documents\Brigady.xls
2016-12-30 17:30 - 2016-12-30 17:30 - 00050688 _____ C:\Users\Roman\Documents\Rok 2016.doc
2016-12-30 17:29 - 2016-12-30 17:29 - 00094770 _____ C:\Users\Roman\Documents\IMG_1174.JPG
2016-12-30 15:43 - 2016-12-31 09:38 - 00026849 _____ C:\Users\Roman\Documents\Zápis ze schůze PL odboru dne 13.docx
2016-12-03 21:42 - 2016-12-04 12:38 - 00892416 _____ C:\Users\Roman\Documents\Plachtova schuze 2017.ppt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-02 13:06 - 2015-08-14 20:33 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-01-02 13:06 - 2012-01-28 20:40 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2017-01-02 13:06 - 2012-01-28 20:40 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-01-02 13:05 - 2016-07-14 06:26 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-01-02 13:05 - 2012-02-04 19:06 - 00000000 ____D C:\Users\Roman\AppData\Roaming\uTorrent
2017-01-02 13:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-02 13:03 - 2015-08-14 20:40 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-01-02 13:03 - 2015-08-14 20:39 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-01-02 13:03 - 2015-08-14 20:33 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148335877494412
2017-01-02 13:03 - 2015-08-14 20:33 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-01-02 13:03 - 2015-08-14 20:33 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-01-02 13:03 - 2012-01-28 20:40 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148335877240010
2017-01-02 13:03 - 2012-01-28 20:40 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-01-02 13:02 - 2016-05-13 19:08 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-01-02 13:02 - 2012-01-28 20:40 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.148335876967007
2017-01-02 13:00 - 2009-07-14 05:45 - 00022272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-02 13:00 - 2009-07-14 05:45 - 00022272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-02 12:59 - 2013-11-12 21:44 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-02 12:59 - 2012-01-27 10:26 - 00003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{46BC4FB9-8E2A-42FA-A0C0-C2603B5BB91B}
2017-01-02 12:57 - 2009-07-14 13:50 - 00672424 _____ C:\Windows\system32\perfh005.dat
2017-01-02 12:57 - 2009-07-14 13:50 - 00142988 _____ C:\Windows\system32\perfc005.dat
2017-01-02 12:57 - 2009-07-14 06:13 - 01593374 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-02 12:51 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-02 10:49 - 2016-04-30 08:59 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-31 09:53 - 2012-01-27 08:54 - 00000000 ___RD C:\Users\Roman\Documents
2016-12-30 18:21 - 2012-01-27 08:54 - 00000000 ___RD C:\Users\Roman\Downloads
2016-12-29 13:38 - 2012-01-29 01:36 - 00000000 ____D C:\Users\Roman\AppData\Roaming\vlc
2016-12-29 13:12 - 2012-01-27 08:54 - 00000000 ___RD C:\Users\Roman\Videos
2016-12-28 12:40 - 2012-01-27 08:54 - 00000000 ___RD C:\Users\Roman\Pictures
2016-12-24 18:59 - 2016-04-30 08:59 - 00003962 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-12-24 18:59 - 2013-11-12 21:44 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-24 18:59 - 2012-04-30 06:06 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-24 18:59 - 2012-02-29 22:54 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-24 18:59 - 2012-01-30 22:49 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-24 18:59 - 2012-01-30 22:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-24 18:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64
2016-12-24 18:49 - 2015-03-13 15:12 - 00003856 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1418591433
2016-12-24 18:49 - 2012-01-28 20:48 - 00000000 ____D C:\Program Files (x86)\Opera
2016-12-24 18:49 - 2009-07-14 04:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-12-24 18:48 - 2013-12-21 14:43 - 00000000 __SHD C:\Windows\Installer
2016-12-20 06:38 - 2015-01-03 10:24 - 00003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-20 06:38 - 2015-01-03 10:24 - 00003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-20 06:38 - 2009-07-14 04:20 - 00000000 ___RD C:\Program Files (x86)
2016-12-20 06:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Tasks
==================== Files in the root of some directories =======
2012-01-29 23:14 - 2001-05-25 02:00 - 0097316 _____ () C:\Users\Roman\AppData\Roaming\aapmzdes.dll
2014-11-21 22:10 - 2014-11-28 23:13 - 0006656 _____ () C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-01-28 20:29 - 2015-11-23 22:09 - 0007630 _____ () C:\Users\Roman\AppData\Local\resmon.resmoncfg
2015-11-24 22:42 - 2015-11-24 22:42 - 0000000 _____ () C:\Users\Roman\AppData\Local\{D8FEF3D4-7641-4886-AC2C-1DF99C48FD57}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3 [127]
==================== Security Center ==================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Roman\Desktop" je 2799 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017
Ran by Roman (02-01-2017 13:16:11)
Running from C:\Users\Roman\Desktop
Windows 7 Enterprise Service Pack 1 (X64) (2012-01-27 07:54:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-721136663-3884963376-534329591-500 - Administrator - Disabled)
Guest (S-1-5-21-721136663-3884963376-534329591-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-721136663-3884963376-534329591-1002 - Limited - Enabled)
Roman (S-1-5-21-721136663-3884963376-534329591-1000 - Administrator - Enabled) => C:\Users\Roman
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-721136663-3884963376-534329591-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version: - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version: - )
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 12.3.2280 - AVAST Software)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Talk Plugin (HKLM-x32\...\{2A83AD05-56E6-3FBD-8752-B4143162EF59}) (Version: 4.9.1.16010 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Inkscape 0.48.2 (HKLM-x32\...\Inkscape) (Version: 0.48.2 - )
Intel PROSet Wireless (x32 Version: - ) Hidden
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 4.7.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 4.7.0 - )
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.10 - )
Lenovo Patch Utility (HKLM-x32\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{39A04221-294E-4D90-A0F2-CCB1EF15CB56}) (Version: 1.2.0.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.04 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Microsoft .NET Compact Framework 2.0 (HKLM-x32\...\{625386A4-B6B6-4911-A6E8-23189C3F2D15}) (Version: 2.0.5239 - Microsoft Corporation)
Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Ovladače grafiky 311.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.35 - NVIDIA Corporation)
Opera 12.18 (HKLM-x32\...\Opera 12.18.1872) (Version: 12.18.1872 - Opera Software ASA)
Opera Stable 42.0.2393.94 (HKLM-x32\...\Opera 42.0.2393.94) (Version: 42.0.2393.94 - Opera Software)
Ovládací panel NVIDIA 311.35 (Version: 311.35 - NVIDIA Corporation) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SeeYou Mobile (HKLM-x32\...\SeeYou Mobile) (Version: - )
SeeYou Version 3.5 (HKLM-x32\...\SeeYou_is1) (Version: - )
Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.7255 - Analog Devices)
System Migration Assistant (HKLM-x32\...\{8A4DB1CA-8206-4ADC-805C-66ACF1611DA3}) (Version: 6.00.0009 - Lenovo Group Limited.)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.01.0015 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3100 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588) (Version: 7.62.00 - )
ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.48 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 5.85 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.75 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{C2938C94-239C-4156-B245-C5406A4F3E93}) (Version: 5.9.5.7038 - Authentec Inc.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-721136663-3884963376-534329591-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Roman\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-721136663-3884963376-534329591-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Roman\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2D3691C2-6B1B-446C-BD1E-2AE9BF06A66F} - System32\Tasks\Opera scheduled Autoupdate 1418591433 => C:\Program Files (x86)\Opera\launcher.exe [2016-12-19] (Opera Software)
Task: {38D681A3-B862-49E5-A8F9-E545F0CA75E2} - System32\Tasks\SafeZone scheduled Autoupdate 1468474073 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {3ADF3DC3-74D4-4E09-A1BF-071D4B16E61A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-24] (Adobe Systems Incorporated)
Task: {5245D6CB-1C27-474C-837E-63AA27B5F939} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {59FA0B37-58C8-4BB2-A02C-EFA6C6BA4791} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {5CBDAD22-2265-428A-853B-6A41D0ED7D52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {6332A619-31EC-4B62-91F9-A00C6B3F507A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {687314CA-EA13-4E41-A04D-9B89D008765C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {6A583479-39FE-4E91-B53B-EC9178F23A88} - System32\Tasks\{9AA03CF3-9975-4FA0-ABD2-D60D93594127} => c:\program files (x86)\opera\opera.exe [2016-02-21] (Opera Software)
Task: {7E5A3688-44DF-4B53-88A6-06F20F2F8AE1} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {80A1D0A1-8677-4F86-8049-E324FD07BAC4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2017-01-02] (AVAST Software)
Task: {B7250F30-5053-4AD0-A204-F903A519DA34} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-03-24] (Lenovo Group Limited)
Task: {C7CC8DDC-078B-4511-9AEF-59B5822C11FB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe [2016-12-24] (Adobe Systems Incorporated)
Task: {ED9EC5BA-8563-4D11-9363-6931510A1E78} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-05] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2011-07-27 20:07 - 2011-07-27 20:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-03-17 20:58 - 2013-02-27 12:37 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-01-27 13:41 - 2011-03-24 03:48 - 00044544 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2016-05-13 19:05 - 2016-05-13 19:05 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-13 19:05 - 2016-05-13 19:05 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-02 12:52 - 2017-01-02 12:52 - 03131344 _____ () C:\Program Files\AVAST Software\Avast\defs\17010200\algo.dll
2016-05-13 19:05 - 2016-05-13 19:05 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-05-13 19:05 - 2016-05-13 19:05 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2011-10-20 10:12 - 2011-10-20 10:12 - 00086016 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2016-05-13 19:06 - 2016-05-13 19:06 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-01-28 20:48 - 2016-02-21 20:56 - 00835584 _____ () C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00093696 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00094208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00057344 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00096256 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00062976 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00067072 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00158208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00312832 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00038912 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00073728 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
2012-01-28 20:48 - 2016-02-21 20:56 - 00101888 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
2016-05-13 19:06 - 2016-05-13 19:06 - 00984576 _____ () C:\Program Files\AVAST Software\Avast\ffmpegsumo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3 [127]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-721136663-3884963376-534329591-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3F653DFD-F449-49FD-871E-E51DD4255597}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{D81AE341-2C2E-43EB-978D-7A5FB9BC4102}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{F87FAE25-082B-460E-8DE0-1383562C107D}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{4C7A7F62-54F5-4918-8E29-ECEBC5BCA7BC}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{69C37905-1BA5-4611-9B32-436E2EB5C1CE}G:\dokumenty\hry\age of empires\empires2.exe] => G:\dokumenty\hry\age of empires\empires2.exe
FirewallRules: [UDP Query User{BBE08E1D-EE18-4133-B731-727233C84780}G:\dokumenty\hry\age of empires\empires2.exe] => G:\dokumenty\hry\age of empires\empires2.exe
FirewallRules: [TCP Query User{065A07A7-C23F-452C-989B-7E557F93E382}C:7\dokumenty\hry\age of empires\empires2.exe] => C:7\dokumenty\hry\age of empires\empires2.exe
FirewallRules: [UDP Query User{8DCD05DD-B261-4DEA-8C39-98E67CCBF360}C:7\dokumenty\hry\age of empires\empires2.exe] => C:7\dokumenty\hry\age of empires\empires2.exe
FirewallRules: [{23C021C7-E046-4CFC-8C90-B30B6355C457}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{AD8D5CCC-E5B6-4E7D-AAD8-6FACF5E21B83}] => LPort=2869
FirewallRules: [{7AA60738-0818-454A-94A8-D7BC3EF57941}] => LPort=1900
FirewallRules: [{284691F3-E6AA-4144-888C-703E33E67639}] => C:\Users\Roman\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{FC2AFDDE-C90D-49D4-B2B2-AE64AE12EC24}] => C:\Users\Roman\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [TCP Query User{801CCD22-33F3-4F5B-8854-3E972292D067}F:\dokumenty\hry\tanks\wotlauncher.exe] => F:\dokumenty\hry\tanks\wotlauncher.exe
FirewallRules: [UDP Query User{3D33CE8B-AF4F-4A58-9033-7DD191A1AD86}F:\dokumenty\hry\tanks\wotlauncher.exe] => F:\dokumenty\hry\tanks\wotlauncher.exe
FirewallRules: [{11EDEBF9-A8DB-45DC-9654-24D1CDEFFB4B}] => C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D5D9A42A-C42E-488B-8DEA-859A3E7CAEAA}] => C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EEC679A0-A033-4137-8F28-A76E4619FCA8}] => C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C5E1CBDA-8E46-436B-9F21-B45B961D18BE}] => C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DF73882E-3E0B-4796-9B25-6F913AEBC1FA}] => C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [{EEFD1BDC-9902-47A3-97CD-1A938459DE77}] => C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [TCP Query User{E49F5166-FBBB-4776-AD75-8445DA55041E}C:\users\roman\appdata\roaming\utorrent\updates\3.4.5_41162.exe] => C:\users\roman\appdata\roaming\utorrent\updates\3.4.5_41162.exe
FirewallRules: [UDP Query User{CD42C9E9-DDED-47FE-8953-43EA012D5712}C:\users\roman\appdata\roaming\utorrent\updates\3.4.5_41162.exe] => C:\users\roman\appdata\roaming\utorrent\updates\3.4.5_41162.exe
==================== Restore Points =========================
14-07-2016 00:11:13 Windows Update
06-11-2016 20:56:11 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/02/2017 12:51:04 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (01/02/2017 12:51:04 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (01/02/2017 12:51:04 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (11/12/2016 11:02:37 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (11/12/2016 11:02:37 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (11/12/2016 11:02:37 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (11/12/2016 11:02:37 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (11/12/2016 11:02:37 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (11/12/2016 11:02:37 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0
Error: (11/12/2016 10:41:22 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0
System errors:
=============
Error: (01/02/2017 12:52:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/02/2017 12:52:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).