Patmel2 a commview už roky nepoužívám nevím co dělají v registrech...
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2018
Ran by Roman (administrator) on ROMAN-PC (22-04-2018 09:07:45)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(LENOVO) C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe
() C:\Program Files (x86)\Lenovo EasyCamera\Monitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Roman\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [408872 2011-11-10] (Synaptics)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-08-08] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-08-08] (Lenovo(beijing) Limited)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-23] (NVIDIA Corporation)
HKLM\...\Run: [UpdatePRCShortCut1] => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
HKLM\...\Run: [HotKeysCmds1] => C:\Windows\system32\hkcmd.exe [411056 2015-06-01] (Intel Corporation)
HKLM\...\Run: [Persistence1] => C:\Windows\system32\igfxpers.exe [453552 2015-06-01] (Intel Corporation)
HKLM\...\Run: [IgfxTray1] => C:\Windows\system32\igfxtray.exe [183216 2015-06-01] (Intel Corporation)
HKLM\...\Run: [RtHDVBg_Dolby1] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-04-07] (AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [343040 2012-02-04] (Lenovo)
HKLM-x32\...\Run: [CAPOSD] => C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\CAPOSD.exe [1876992 2012-02-09] (LENOVO)
HKLM-x32\...\Run: [Lenovo EasyCamera_Monitor] => C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe [258936 2012-02-06] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-06] (Piriform Ltd)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174856 2015-02-23] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2015-02-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2015-02-23] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-12-25]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 83.240.0.214 83.240.0.135
Tcpip\..\Interfaces\{1F004AE9-736A-4A9E-A206-DE238301C1BF}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DD39D036-017D-4A2E-B4A8-4BC12D6F774B}: [DhcpNameServer] 83.240.0.214 83.240.0.135
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.google.cz/
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://
www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-683440959-2606681586-737459993-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://
www.google.com/search?sourceid=ie7&q={s ... OH_csCZ565
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-02-17] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-17] (AVAST Software)
FireFox:
========
FF DefaultProfile: 778j7se6.default-1497116886439
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\778j7se6.default-1497116886439 [2018-04-22]
FF Homepage: Mozilla\Firefox\Profiles\778j7se6.default-1497116886439 -> hxxp://mail.centrum.cz/?utm_source=centrumHP&utm_medium=mailbox&utm_campaign=A
FF NewTab: Mozilla\Firefox\Profiles\778j7se6.default-1497116886439 -> about:newtab
FF Extension: (Avast SafePrice) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\778j7se6.default-1497116886439\Extensions\
sp@avast.com.xpi [2018-03-07]
FF Extension: (Avast Online Security) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\778j7se6.default-1497116886439\Extensions\
wrc@avast.com.xpi [2017-10-06]
FF Extension: (Adblock Hyper - Blokování reklam) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\778j7se6.default-1497116886439\Extensions\{ec89c250-b704-4e53-9ace-d6789fd601b6}.xpi [2017-12-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_140.dll [2018-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_140.dll [2018-04-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-06-21] ( )
FF Plugin HKU\S-1-5-21-683440959-2606681586-737459993-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Roman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-04-07] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-04-07] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-02] (Broadcom Corporation.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-06-21] (Nitro PDF Software)
S2 NSDSvc; C:\Windows\System32\NSDSvc.exe [120160 2011-12-24] (Lenovo)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848 2017-05-23] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-11-29] () [File not signed]
S3 ampa; C:\Windows\SysWOW64\ampa.sys [17008 2013-11-29] () [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-04-07] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-02] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-02] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-02] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-02] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [227784 2018-04-07] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-04-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147224 2018-04-12] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111352 2018-04-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-04-07] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-04-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-04-07] (AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-04-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-04-07] (AVAST Software)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [118160 2016-10-04] (Future Technology Devices International Ltd.)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2016-07-31] (Highresolution Enterprises [
www.highrez.co.uk])
R3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2015-04-17] (ITE )
R0 NSD; C:\Windows\System32\drivers\nsd.sys [24160 2011-12-24] (Lenovo Corporation")
R1 Nsdfltr; C:\Windows\System32\drivers\Nsdfltr.sys [59488 2011-12-22] (Lenovo Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation)
S3 portio; C:\Windows\System32\DRIVERS\WP800IO.sys [8664 2007-09-05] (WinPic800) [File not signed]
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2002-10-16] () [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-03-27] ()
R3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-08-31] (Jungo)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-22 09:07 - 2018-04-22 09:08 - 000018216 _____ C:\Users\Roman\Desktop\FRST.txt
2018-04-22 09:06 - 2018-04-22 09:07 - 000000000 ____D C:\FRST
2018-04-22 09:05 - 2018-04-22 09:05 - 000112640 _____ (forum.viry.cz) C:\Users\Roman\Desktop\FRSTLauncher.exe
2018-04-22 09:04 - 2018-04-22 09:04 - 002404352 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2018-04-21 15:26 - 2018-04-22 09:07 - 000002958 _____ C:\Windows\System32\Tasks\{DBA6A7E7-AD58-4BAC-B458-D2AD7CF64774}
2018-04-21 15:26 - 2018-04-22 09:07 - 000002958 _____ C:\Windows\System32\Tasks\{C333A024-D2D3-4785-8F1C-D8AC05B107D2}
2018-04-21 15:26 - 2018-04-22 09:07 - 000002958 _____ C:\Windows\System32\Tasks\{0F731421-C889-4536-A6DC-90BED2CB20EE}
2018-04-21 15:21 - 2018-04-21 15:24 - 000000000 ____D C:\ProgramData\BOINC
2018-04-21 15:21 - 2018-04-21 15:22 - 000000000 ____D C:\Users\Roman\AppData\Roaming\BOINC
2018-04-21 15:21 - 2018-04-21 15:21 - 000000000 ____D C:\Windows\Downloaded Installations
2018-04-21 15:21 - 2018-04-21 15:21 - 000000000 ____D C:\Users\Roman\AppData\Roaming\NVIDIA
2018-04-21 15:21 - 2018-04-21 15:21 - 000000000 ____D C:\Users\Roman\.VirtualBox
2018-04-21 15:17 - 2018-04-21 15:17 - 000000000 ____D C:\Users\Roman\AppData\Local\{A7299175-8381-FDCD-EE19-D825CA7124BD}
2018-04-20 21:52 - 2018-04-20 21:52 - 000000000 ____D C:\zoek
2018-04-20 21:48 - 2018-04-20 21:53 - 000000581 _____ C:\runcheck.txt
2018-04-20 21:30 - 2018-04-20 21:30 - 000000000 ___HD C:\$AV_ASW
2018-04-20 21:20 - 2018-04-20 21:20 - 000000000 ____D C:\zoek_backup
2018-04-19 20:10 - 2018-04-19 20:10 - 007256272 _____ (Malwarebytes) C:\Users\Roman\Downloads\adwcleaner_7.1.0.0.exe
2018-04-18 21:49 - 2018-04-18 21:45 - 000994130 _____ C:\Users\Roman\Desktop\CMFD30_LCD.zip
2018-04-07 13:47 - 2018-04-07 13:47 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-04-05 19:15 - 2018-04-05 19:15 - 000002512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-04-05 19:15 - 2018-04-05 19:15 - 000002469 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-04-05 19:14 - 2018-04-05 19:14 - 000003428 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineUA
2018-04-05 19:14 - 2018-04-05 19:14 - 000003300 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineCore
2018-04-05 19:13 - 2018-04-05 19:13 - 000000000 ____D C:\Users\Roman\AppData\Local\AVAST Software
2018-04-05 19:13 - 2018-04-05 19:13 - 000000000 ____D C:\Program Files (x86)\AVAST Software
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-22 09:07 - 2018-03-17 18:55 - 000004528 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-04-22 09:07 - 2018-01-13 14:18 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-04-22 09:07 - 2017-07-15 09:55 - 000002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-04-22 09:07 - 2016-11-16 19:42 - 000000000 ____D C:\Users\Roman\AppData\LocalLow\Mozilla
2018-04-22 09:07 - 2015-12-03 22:39 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-04-22 09:03 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-22 09:03 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-22 08:54 - 2012-08-08 09:52 - 000130463 _____ C:\Windows\system32\fastboot.set
2018-04-22 08:53 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-21 15:47 - 2012-08-08 08:43 - 000669116 _____ C:\Windows\system32\perfh005.dat
2018-04-21 15:47 - 2012-08-08 08:43 - 000141744 _____ C:\Windows\system32\perfc005.dat
2018-04-21 15:47 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-21 15:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-04-21 15:41 - 2013-12-06 20:31 - 000074728 _____ C:\Users\Roman\AppData\Local\GDIPFONTCACHEV1.DAT
2018-04-21 15:40 - 2009-07-14 06:45 - 000344208 _____ C:\Windows\system32\FNTCACHE.DAT
2018-04-21 15:21 - 2013-12-06 20:28 - 000000000 ____D C:\Users\Roman
2018-04-21 09:23 - 2018-03-04 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-04-21 09:23 - 2017-03-15 19:36 - 000001317 _____ C:\Users\Public\Desktop\Skype.lnk
2018-04-20 23:12 - 2017-03-01 19:39 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-04-19 20:12 - 2017-07-15 09:40 - 000000000 ____D C:\AdwCleaner
2018-04-16 23:41 - 2009-07-14 07:08 - 000032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-04-14 08:02 - 2014-03-29 23:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-04-14 07:03 - 2013-12-06 22:36 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-04-14 07:03 - 2013-12-06 22:36 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-14 07:03 - 2013-12-06 22:36 - 000004398 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-04-14 07:03 - 2013-12-06 22:36 - 000000000 ____D C:\Windows\system32\Macromed
2018-04-14 07:03 - 2012-08-08 09:43 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-12 18:52 - 2013-12-06 21:12 - 000147224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-04-08 15:08 - 2017-04-14 20:54 - 000000000 ____D C:\Users\Roman\Documents\eagle
2018-04-07 13:47 - 2017-12-21 18:42 - 000227784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-04-07 13:47 - 2017-11-09 19:31 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-04-07 13:47 - 2014-04-19 20:13 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-04-07 13:47 - 2014-01-04 02:30 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-04-07 13:47 - 2013-12-06 21:12 - 001026696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-04-07 13:47 - 2013-12-06 21:12 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-04-07 13:47 - 2013-12-06 21:12 - 000380528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-04-07 13:47 - 2013-12-06 21:12 - 000111352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-04-07 13:47 - 2013-12-06 21:12 - 000084368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-04-05 19:44 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\LiveKernelReports
2018-04-05 19:18 - 2013-12-06 21:09 - 000000000 ____D C:\ProgramData\AVAST Software
2018-03-29 20:29 - 2016-11-15 20:14 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-03-29 20:29 - 2013-12-06 22:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Files in the root of some directories =======
2014-08-19 21:23 - 2014-08-19 21:23 - 000003584 _____ () C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-08 19:38 - 2014-05-05 00:47 - 000007597 _____ () C:\Users\Roman\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
2018-04-20 21:48 - 2018-04-20 21:48 - 000476672 _____ () C:\Users\Roman\AppData\Local\Temp\7za.exe
2018-04-21 15:14 - 2018-04-21 15:27 - 001780792 _____ ( ) C:\Users\Roman\AppData\Local\Temp\commview_for_wifi_0481576961.exe
2018-04-20 21:48 - 2018-04-20 21:48 - 000020480 _____ (E Dev) C:\Users\Roman\AppData\Local\Temp\DaS_21.exe
2018-04-20 21:48 - 2018-04-20 21:48 - 000388608 _____ (Trend Micro Inc.) C:\Users\Roman\AppData\Local\Temp\hijackthis.exe
2018-04-20 21:48 - 2018-04-20 21:48 - 000030720 _____ (NirSoft) C:\Users\Roman\AppData\Local\Temp\NirCmd.exe
2018-04-20 21:48 - 2018-04-20 21:48 - 000256512 _____ () C:\Users\Roman\AppData\Local\Temp\PEVZ.EXE
2018-04-20 21:48 - 2018-04-20 21:48 - 000069632 _____ () C:\Users\Roman\AppData\Local\Temp\remove.exe
2018-04-20 21:48 - 2018-04-20 21:48 - 000098816 _____ () C:\Users\Roman\AppData\Local\Temp\sed.exe
2018-04-20 21:48 - 2018-04-20 21:48 - 000057344 _____ (Optimum X) C:\Users\Roman\AppData\Local\Temp\shortcut.exe
2018-04-20 21:48 - 2018-04-20 21:48 - 000533851 _____ () C:\Users\Roman\AppData\Local\Temp\sr.exe
2018-04-20 21:48 - 2018-04-20 21:48 - 000161792 _____ (SteelWerX) C:\Users\Roman\AppData\Local\Temp\swreg.exe
2018-04-20 21:48 - 2018-04-20 21:48 - 000217088 _____ (SteelWerX) C:\Users\Roman\AppData\Local\Temp\swxcacls.exe
2018-04-20 21:48 - 2018-04-20 21:48 - 000024064 _____ () C:\Users\Roman\AppData\Local\Temp\zoek-delete.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Windows:nlsPreferences [0]
==================== Security Center ==================
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Roman\Desktop" je 10 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Intelligent Touchpad
C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lenovo Registration
C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant
C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnekeyStudio
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirage
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray
"C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.04.2018
Ran by Roman (22-04-2018 09:08:48)
Running from C:\Users\Roman\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-12-06 18:28:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-683440959-2606681586-737459993-500 - Administrator - Disabled)
Guest (S-1-5-21-683440959-2606681586-737459993-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-683440959-2606681586-737459993-1003 - Limited - Enabled)
Roman (S-1-5-21-683440959-2606681586-737459993-1001 - Administrator - Enabled) => C:\Users\Roman
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
AOMEI Partition Assistant Standard Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
ASIX UP v.3-30 (HKLM-x32\...\ASIX UP_is1) (Version: - ASIX s.r.o.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.3.2333 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 64.0.387.186 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
AVR Jungo USB (HKLM-x32\...\{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}) (Version: 10.4 - Atmel)
AVR QTouch Studio (HKLM-x32\...\{7BE9E558-BE53-4939-9565-A0BEA2F839D0}) (Version: 4.4.1 - Atmel)
AVR Studio 5.1 (HKLM-x32\...\{D574D18C-9D52-4B4B-9647-AE6B89FD3F70}) (Version: 5.1.208 - Atmel)
Balíček ovladače systému Windows - Segger (jlink) USB (01/26/2017 2.70.08.0) (HKLM\...\D12F44630DF6CA437A5B43B0F1A4C5A54E130B0D) (Version: 01/26/2017 2.70.08.0 - Segger)
Balíček ovladače systému Windows - SEGGER (JLinkCDC_x64) Ports (08/28/2014 6.0.2601.5) (HKLM\...\ED80E3D3A350D18BFD3D3D8DAED8E2B19105763A) (Version: 08/28/2014 6.0.2601.5 - SEGGER)
Borland C++Builder 6 (HKLM-x32\...\{2864C41B-EF2D-4640-95A2-526276524519}) (Version: 6.0 - Borland Software Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
EAGLE 5.11.0 (HKLM-x32\...\EAGLE 5.11.0) (Version: 5.11.0 - CadSoft Computer GmbH)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
mikroC (remove only) (HKLM-x32\...\mikroC) (Version: - )
mikroPascal (remove only) (HKLM-x32\...\mikroPascal) (Version: - )
mikroPascal for AVR (remove only) (HKLM-x32\...\mikroPascal for AVR) (Version: - )
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
MPLAB X IDE v4.05 (HKLM-x32\...\MPLAB X IDE v4.05 v4.05) (Version: v4.05 - Microchip)
MPLAB XC16 C Compiler (HKLM-x32\...\MPLAB XC16 C Compiler v1.33) (Version: v1.33 - Microchip)
MPLAB XC32 Compiler (HKLM-x32\...\MPLAB XC32 Compiler v1.44) (Version: v1.44 - Microchip)
MPLAB XC8 C Compiler (HKLM-x32\...\MPLAB XC8 C Compiler v1.44) (Version: v1.44 - Microchip)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA Ovladače grafiky 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.20 - NVIDIA Corporation)
OpenOffice 4.1.4 (HKLM-x32\...\{6CA4F7F3-B909-4292-B791-AAA959155DE0}) (Version: 4.14.9788 - Apache Software Foundation)
Ovládací panel NVIDIA 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 345.20 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.48.823.2011 - Realtek)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Skype verze 8.19 (HKLM-x32\...\Skype_is1) (Version: 8.19 - Skype Technologies S.A.)
State of War (HKLM-x32\...\State of War) (Version: - )
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)
Windows Driver Package - ASIX s.r.o. ASIX Development Tools Driver Package (07/10/2015 2.12.06) (HKLM\...\63179435CD5991EB4724264B890E0ED379471EE7) (Version: 07/10/2015 2.12.06 - ASIX s.r.o.)
Windows Driver Package - ASIX s.r.o. ASIX Development Tools Driver Package (09/28/2016 2.12.24) (HKLM\...\5378E6D0AF40C93BBB4559D6D163139BADD54A56) (Version: 09/28/2016 2.12.24 - ASIX s.r.o.)
Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-07] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-07] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\Windows\system32\IcnOvrly.dll [2012-08-08] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-07] (AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [NPShellExtension] -> {D7ECBD0E-B8E3-4a0c-9E84-514298EFA583} => C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll [2012-06-21] ()
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ContextMenuHandlers1: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-07] (AVAST Software)
ContextMenuHandlers3: [IkeyShlExt] -> {F1E551D1-822B-40e6-B4D8-A9B4A48AA07A} => C:\Windows\system32\SimpleExt.dll [2012-08-08] ()
ContextMenuHandlers4: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-07] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ContextMenuHandlers6: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => -> No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A9A16C4-C566-48ED-97FD-4A7B797528E8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-04-14] (AVAST Software)
Task: {2FC9A750-9B5B-4EAA-B757-F3B7EB5945F5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-03-06] (Piriform Ltd)
Task: {39964426-A2DF-44CF-8184-89767D3BBC60} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-14] (Adobe Systems Incorporated)
Task: {63FE8DE6-D57B-4F18-BBD6-0EBE9B81E23F} - System32\Tasks\{C333A024-D2D3-4785-8F1C-D8AC05B107D2} => C:\Users\Roman\Downloads\commview_for_wifi.exe
Task: {93D90012-EFC7-4797-A971-90D0E4893095} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A429D1E2-A164-4A93-B270-38D8337DF3E7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-03-06] (Piriform Ltd)
Task: {B75D31B9-CA73-40A5-A6ED-839C179DD280} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {B9D35FB0-4608-415F-9CEF-2C59A974B1C8} - System32\Tasks\{0F731421-C889-4536-A6DC-90BED2CB20EE} => C:\Users\Roman\Downloads\commview_for_wifi.exe
Task: {C729DE2E-153C-4B6C-8EB7-6482C5E9DC8D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {D5B67F00-F23B-48F8-A7C1-4B3AEA644DB4} - System32\Tasks\{3888D6C9-FF23-4BEE-B9F0-0F85B70A86BE} => C:\MeProgramy\PATMEL-2\PAtmel II.exe [2000-06-12] (D72)
Task: {DEDB057F-4D59-4F15-A2DC-27F71A1ACD8D} - System32\Tasks\{DBA6A7E7-AD58-4BAC-B458-D2AD7CF64774} => C:\Users\Roman\Downloads\commview_for_wifi.exe
Task: {E7F4E7FB-2053-4E65-B7F8-392D2FD22620} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {EB058A3C-BC05-433E-B298-B48788895A33} - System32\Tasks\{7E97F875-7619-4918-AAB1-B8AE23BC214B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Lenovo\Boot Optimizer\DeleteUninstall.exe" -d "C:\Program Files (x86)\Lenovo\Boot Optimizer"
Task: {F25424E4-4EBF-4FFB-8AEC-E113FF68339C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-04-07] (AVAST Software)
Task: {F363389C-DA12-4806-ACB1-DCDAC8C76A2D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [2018-04-14] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2012-08-08 09:19 - 2015-02-04 22:29 - 000115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-08-08 09:50 - 2012-08-08 09:50 - 001508192 _____ () C:\Windows\system32\IcnOvrly.dll
2012-08-08 09:50 - 2012-08-08 09:50 - 000628064 _____ () C:\Windows\system32\SimpleExt.dll
2012-06-21 13:23 - 2012-06-21 13:23 - 000108040 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll
2012-08-08 09:30 - 2012-02-08 04:03 - 000128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2008-12-20 12:20 - 2012-08-08 09:52 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-04-20 01:22 - 2012-08-08 09:52 - 001516592 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2012-03-09 00:36 - 2012-08-08 09:52 - 000011096 _____ () C:\Program Files (x86)\Lenovo\Energy Management\cs-CZ\EMWpfUI.resources.dll
2008-12-20 12:20 - 2012-08-08 09:52 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-02-06 04:38 - 2012-02-06 04:38 - 000258936 _____ () C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe
2012-05-05 13:16 - 2015-06-01 22:00 - 000102912 _____ () C:\Windows\system32\IccLibDll_x64.dll
2018-03-06 23:58 - 2018-03-06 23:58 - 000083784 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-04-07 13:47 - 2018-04-07 13:47 - 000349912 _____ () C:\Program Files\AVAST Software\Avast\streamback_avast.dll
2018-04-07 13:47 - 2018-04-07 13:47 - 000295640 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-04-07 13:47 - 2018-04-07 13:47 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-04-22 08:50 - 2018-04-22 08:50 - 005817488 _____ () C:\Program Files\AVAST Software\Avast\defs\18042200\algo.dll
2018-04-07 13:47 - 2018-04-07 13:47 - 000763608 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-04-07 13:47 - 2018-04-07 13:47 - 000911064 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-04-07 13:47 - 2018-04-07 13:47 - 000172760 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-04-07 13:47 - 2018-04-07 13:47 - 000969944 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-04-07 13:47 - 2018-04-07 13:47 - 000501464 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2013-12-07 20:39 - 2015-02-23 10:44 - 000010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-06-28 08:28 - 2011-06-28 08:28 - 000042496 _____ () C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\QTKB.dll
2018-03-02 22:22 - 2018-03-02 22:22 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-04-07 13:47 - 2018-04-07 13:47 - 000281816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2012-08-08 09:30 - 2012-02-08 03:39 - 001198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com
IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info
IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com
IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net
IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net
IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com
IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more sites.
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-683440959-2606681586-737459993-1001\...\100sexlinks.com -> 100sexlinks.com
There are 4790 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2018-04-20 21:52 - 000000841 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-683440959-2606681586-737459993-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 83.240.0.214 - 83.240.0.135
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: Intelligent Touchpad => C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
MSCONFIG\startupreg: Lenovo Registration => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: OnekeyStudio => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: VeriFaceManager => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6D014DEC-A2C5-4995-8BE3-584F89BED619}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{511220C7-6FE3-469E-9342-7B31C15B43E1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4AB3BFA7-F5E8-49DA-BAB0-BF56820DA0C7}] => (Allow) LPort=2869
FirewallRules: [{672D39F5-5497-4838-9C24-0505855D2D82}] => (Allow) LPort=1900
FirewallRules: [{27BDB785-6C1D-459E-BA81-43EC041108D0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6B8705A8-1F40-435A-983F-0EB88EAD91FD}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{A4237FF2-88A1-4282-A51B-64DE1253886F}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{435580A1-E9DF-4F55-910A-3CD8305F6DE4}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{A7120233-09C2-4DB3-8BC6-9EAD6211DC4D}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{8CD5A8B6-4568-4FBA-B23A-906340B6439C}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{0BC86A65-947E-4630-8691-C8F60948361D}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{2534CB2A-36C1-4C04-8C34-015E5FF6FC49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{14440D45-10C1-4161-B9BE-B5534F1146E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6D690019-471C-448C-961F-4F6D386478D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F07C5053-29A5-4329-95FC-5A3027463983}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1BCB4B38-000C-4037-A2ED-E2F1BF551388}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0E30B0B5-CBAD-4357-92E5-D513C7C7576C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7C2695A0-8C9B-437F-8E27-29F969AE79F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{010BA73D-0163-4CA0-AEEE-9B1EDF7376A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E0D3B6BE-9517-45A4-8D91-9BC3510A9095}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AD5C6A9F-A570-410E-89A4-B144B6C2B9C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{642EF558-4E2E-4A81-A3E3-989C1242AB69}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe
FirewallRules: [UDP Query User{4FBAE129-654C-469E-B31D-5F2B1808F654}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe
FirewallRules: [TCP Query User{0872E1DA-B38E-4E70-A3E7-5D1738A0CB69}C:\program files (x86)\icq7.7\icq.exe] => (Allow) C:\program files (x86)\icq7.7\icq.exe
FirewallRules: [UDP Query User{E0B07BF2-E711-4749-B20B-C3E521B8D32E}C:\program files (x86)\icq7.7\icq.exe] => (Allow) C:\program files (x86)\icq7.7\icq.exe
FirewallRules: [TCP Query User{418B447E-E4FB-4F5E-AB50-C8B64CB379EE}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe
FirewallRules: [UDP Query User{6BB3BD3B-C72A-49EE-AFC0-30043AA8674D}C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe] => (Allow) C:\program files (x86)\atmel\avr studio 5.1\avrstudio5.exe
FirewallRules: [{A393008D-2DA9-406A-A7D8-EB21188EEE0C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5D840A0B-404C-41C1-B4A2-000040A4CB3E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1A6DC258-F77B-46D4-BDCF-5486D44C1BDE}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat
FirewallRules: [UDP Query User{5BF82198-ECA5-4A59-820C-594BB8C6D30A}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat
FirewallRules: [{0D494844-8D6E-4142-8282-592ACFB1C796}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A9A5BEF4-28D8-4D07-B35D-3F13FFA4F4E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FA75B347-D548-44C1-8E16-DC6C9DFF2253}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{303EE573-6FC8-4B28-8B8D-A93A625C505E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{8A079D9E-9E18-4231-9156-3B3257C8FF8D}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat
FirewallRules: [UDP Query User{07D8685D-8BC0-47B5-B6E3-9C1DB91FBE19}C:\games\dune-2000\dune 2000\dune2000.dat] => (Block) C:\games\dune-2000\dune 2000\dune2000.dat
FirewallRules: [TCP Query User{559C282C-3770-4269-9C40-56C5ACB297DB}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{13FB9306-FE1C-4F50-B17F-D4FAAB8A2E73}C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\microchip\mplabx\v4.05\sys\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [{4D31415A-9553-42D0-98D2-E56EA9F58A73}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{32F3EDAB-9BCE-4C13-A5C8-7E75187B1C1D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{760FAB95-A4D7-4979-8F9C-E6165AB252D1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
==================== Restore Points =========================