Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-07-2017
Ran by Jiří (administrator) on ASUS-JIRI (31-07-2017 12:02:39)
Running from C:\Users\jirka_000\Desktop
Loaded Profiles: UpdatusUser & Jiří (Available Profiles: UpdatusUser & Jiří & Administrator)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(forum.viry.cz) C:\Users\jirka_000\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493568 2015-12-10] (VŠB-TU Ostrava)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1196467569-3603037678-3961814420-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
HKU\S-1-5-21-1196467569-3603037678-3961814420-1002\...\MountPoints2: {cce006fc-69b2-11e7-bea8-28e34790ccbf} - "G:\HiSuiteDownLoader.exe" 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [186136 2016-04-21] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-04-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5EFA3769-2DB6-4C64-815E-0D5EE1A076CF}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DB786FDF-B608-4C94-8815-E997EED3A5A4}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1196467569-3603037678-3961814420-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-1196467569-3603037678-3961814420-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-1196467569-3603037678-3961814420-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-1196467569-3603037678-3961814420-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1196467569-3603037678-3961814420-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-05-16] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-05-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-05-16] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-05-16] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-05-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 536m0f01.default-1497612207034
FF ProfilePath: C:\Users\jirka_000\AppData\Roaming\Mozilla\Firefox\Profiles\536m0f01.default-1497612207034 [2017-07-31]
FF Homepage: Mozilla\Firefox\Profiles\536m0f01.default-1497612207034 -> google.com
FF Session Restore: Mozilla\Firefox\Profiles\536m0f01.default-1497612207034 -> is enabled.
FF Extension: (Classic Theme Restorer) - C:\Users\jirka_000\AppData\Roaming\Mozilla\Firefox\Profiles\536m0f01.default-1497612207034\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2017-07-09]
FF Extension: (Adblock Plus) - C:\Users\jirka_000\AppData\Roaming\Mozilla\Firefox\Profiles\536m0f01.default-1497612207034\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-05-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default [2017-07-31]
CHR Extension: (Dokumenty Google) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-25]
CHR Extension: (Disk Google) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-25]
CHR Extension: (YouTube) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-25]
CHR Extension: (AdBlock) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-07-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-25]
CHR Extension: (Gmail) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-25]
CHR Extension: (Chrome Media Router) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-16]
CHR Extension: (Abstract Blue) - C:\Users\jirka_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa [2017-07-01]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
S2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2625368 2017-04-26] (ESET)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-05-09] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-05-09] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUS Corporation)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [8462000 2014-04-18] (Broadcom Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132848 2017-05-04] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14880 2017-05-04] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [178056 2017-05-04] (ESET)
R1 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [77224 2017-05-04] (ESET)
S3 ESETCleanersDriver; C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys [181160 2017-06-27] (ESET)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-05-09] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-05-09] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-05-09] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-31 12:02 - 2017-07-31 12:02 - 000015643 _____ C:\Users\jirka_000\Desktop\FRST.txt
2017-07-31 12:02 - 2017-07-31 12:02 - 000000000 ____D C:\FRST
2017-07-31 12:00 - 2017-07-31 12:00 - 000112640 _____ (forum.viry.cz) C:\Users\jirka_000\Desktop\FRSTLauncher.exe
2017-07-31 11:58 - 2017-07-31 11:58 - 002381312 _____ (Farbar) C:\Users\jirka_000\Desktop\FRST64.exe
2017-07-28 14:39 - 2017-07-28 14:39 - 000000000 ____D C:\Users\jirka_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
2017-07-26 18:26 - 2017-07-29 07:48 - 000000000 ____D C:\Program Files\Core Temp
2017-07-18 22:22 - 2017-07-18 22:22 - 000000973 _____ C:\Users\jirka_000\Desktop\Diplomka – zástupce.lnk
2017-07-12 20:47 - 2017-07-26 22:21 - 000000000 ____D C:\Users\jirka_000\AppData\Local\FirestormOS_x64
2017-07-12 20:47 - 2017-07-12 20:49 - 000000000 ____D C:\Users\jirka_000\AppData\Roaming\Firestorm_x64
2017-07-12 20:46 - 2017-07-12 20:46 - 000000750 _____ C:\Users\Public\Desktop\FirestormOS-Releasex64.lnk
2017-07-12 15:05 - 2017-07-12 20:48 - 000000000 ____D C:\Users\jirka_000\AppData\Roaming\SecondLife
2017-07-12 08:03 - 2017-06-29 08:27 - 025734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-12 08:03 - 2017-06-29 07:44 - 005975552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-12 08:02 - 2017-07-06 10:52 - 000119296 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-12 08:02 - 2017-06-29 08:02 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-12 08:02 - 2017-06-29 07:50 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-07-12 08:02 - 2017-06-29 07:23 - 020270592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-12 08:02 - 2017-06-29 07:23 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-12 08:02 - 2017-06-29 07:17 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-07-12 08:02 - 2017-06-29 07:13 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-07-12 08:02 - 2017-06-29 07:09 - 000806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-12 08:02 - 2017-06-29 06:58 - 015253504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-12 08:02 - 2017-06-29 06:53 - 003240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-12 08:02 - 2017-06-29 06:52 - 004549632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-12 08:02 - 2017-06-29 06:51 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-07-12 08:02 - 2017-06-29 06:47 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-12 08:02 - 2017-06-29 06:43 - 013663744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-12 08:02 - 2017-06-29 06:41 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-12 08:02 - 2017-06-29 06:29 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-07-12 08:02 - 2017-06-29 06:28 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-12 08:02 - 2017-06-29 06:24 - 001314816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-12 08:02 - 2017-06-29 06:23 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-07-12 08:02 - 2017-06-27 16:29 - 007796736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-12 08:02 - 2017-06-27 16:29 - 007077376 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2017-07-12 08:02 - 2017-06-27 16:26 - 005274112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2017-07-12 08:02 - 2017-06-27 16:26 - 005268992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 08:02 - 2017-06-22 16:22 - 004169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-07-12 08:02 - 2017-06-17 18:45 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-12 08:02 - 2017-06-17 18:34 - 002749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-12 08:02 - 2017-06-17 18:11 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-12 08:02 - 2017-06-17 18:05 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-12 08:02 - 2017-06-16 00:02 - 000990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-12 08:02 - 2017-06-15 15:45 - 007440728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-12 08:02 - 2017-06-15 15:45 - 001674520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-12 08:02 - 2017-06-15 15:45 - 001534064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-12 08:02 - 2017-06-15 15:45 - 001499920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-12 08:02 - 2017-06-15 15:45 - 001370320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-12 08:02 - 2017-06-15 15:45 - 000086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-12 08:02 - 2017-06-12 02:06 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-12 08:02 - 2017-06-12 00:21 - 000590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2017-07-12 08:02 - 2017-06-11 23:43 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-12 08:02 - 2017-06-11 23:25 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2017-07-12 08:02 - 2017-06-11 23:15 - 001436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-12 08:02 - 2017-06-11 23:08 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-12 08:02 - 2017-06-11 23:07 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2017-07-12 08:02 - 2017-06-11 23:00 - 000962560 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-12 08:02 - 2017-06-11 22:58 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 08:02 - 2017-06-11 22:40 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-12 08:02 - 2017-06-11 22:35 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-12 08:02 - 2017-06-11 22:31 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-12 08:02 - 2017-06-11 17:15 - 002013528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-12 08:02 - 2017-06-06 22:52 - 003120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-12 08:02 - 2017-06-06 22:42 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-07-12 08:02 - 2017-06-06 22:38 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll
2017-07-12 08:02 - 2017-06-06 22:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll
2017-07-12 08:02 - 2017-06-06 22:36 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\convert.exe
2017-07-12 08:02 - 2017-06-06 22:35 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-07-12 08:02 - 2017-06-06 21:13 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2017-07-12 08:02 - 2017-06-06 21:11 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-07-12 08:02 - 2017-06-06 21:11 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2017-07-12 08:02 - 2017-06-06 21:11 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll
2017-07-12 08:02 - 2017-06-06 21:11 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll
2017-07-12 08:02 - 2017-06-06 21:08 - 002712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-12 08:02 - 2017-06-06 21:03 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-07-12 08:02 - 2017-06-06 20:59 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll
2017-07-12 08:02 - 2017-06-06 20:57 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll
2017-07-12 08:02 - 2017-06-06 20:56 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-07-12 08:02 - 2017-06-06 20:03 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2017-07-12 08:02 - 2017-06-06 20:02 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-07-12 08:02 - 2017-06-06 20:02 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2017-07-12 08:02 - 2017-06-06 20:02 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll
2017-07-12 08:02 - 2017-06-06 20:02 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll
2017-07-12 08:02 - 2017-06-03 18:27 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-12 08:02 - 2017-06-03 18:03 - 001549312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-12 08:02 - 2017-05-31 23:20 - 000470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-12 08:02 - 2017-05-16 00:09 - 000057688 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-07-12 08:02 - 2017-05-15 22:03 - 000379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-07-12 08:02 - 2017-05-09 16:37 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2017-07-12 08:02 - 2017-05-09 16:35 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2017-07-12 08:02 - 2017-05-09 16:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2017-07-12 08:02 - 2017-05-09 16:29 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-12 08:02 - 2017-05-09 16:28 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2017-07-12 08:02 - 2017-05-09 16:28 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2017-07-12 08:02 - 2017-05-09 16:12 - 000448576 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-07-12 08:02 - 2017-05-06 18:45 - 001114624 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2017-07-12 08:02 - 2017-05-06 18:41 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2017-07-12 08:02 - 2017-05-02 22:09 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-07-12 08:02 - 2017-05-02 22:08 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-07-12 08:02 - 2017-05-02 22:08 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-07-12 08:02 - 2017-05-02 20:41 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-07-12 08:02 - 2017-05-02 20:31 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-07-12 08:02 - 2017-05-02 20:31 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2017-07-12 08:02 - 2017-05-02 19:35 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-07-12 08:02 - 2017-04-30 18:48 - 000080078 _____ C:\WINDOWS\system32\normidna.nls
2017-07-12 08:02 - 2017-04-28 03:13 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-12 08:02 - 2017-04-28 03:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-12 07:56 - 2017-05-04 01:11 - 000103600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-12 07:56 - 2017-05-03 15:43 - 001555968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-12 07:56 - 2017-05-03 15:43 - 001206272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-12 07:56 - 2017-05-03 15:43 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-12 07:56 - 2017-05-03 15:43 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-12 07:56 - 2017-05-03 15:43 - 000325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-12 07:56 - 2017-05-03 15:43 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2017-07-12 07:56 - 2017-05-03 15:43 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-12 07:56 - 2017-05-03 15:43 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-01 12:31 - 2017-07-01 12:31 - 000000000 ____D C:\Users\jirka_000\AppData\Roaming\Google

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-31 10:15 - 2017-05-09 13:43 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1196467569-3603037678-3961814420-1002
2017-07-31 08:16 - 2016-11-21 00:04 - 000000000 ____D C:\Users\jirka_000\AppData\LocalLow\Mozilla
2017-07-31 00:34 - 2017-05-09 14:46 - 000000000 ____D C:\Users\jirka_000\AppData\Roaming\TS3Client
2017-07-30 08:06 - 2017-05-08 16:00 - 000000061 _____ C:\Users\jirka_000\AppData\Roaming\sp_data.sys
2017-07-29 20:21 - 2017-05-09 14:42 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-07-28 20:51 - 2014-11-21 06:53 - 001748728 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-28 20:51 - 2014-11-21 06:10 - 000740822 _____ C:\WINDOWS\system32\perfh005.dat
2017-07-28 20:51 - 2014-11-21 06:10 - 000151948 _____ C:\WINDOWS\system32\perfc005.dat
2017-07-28 20:51 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2017-07-27 15:45 - 2017-05-31 10:26 - 000000000 ____D C:\AdwCleaner
2017-07-21 02:09 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-07-21 02:09 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-07-18 22:46 - 2017-05-31 11:34 - 000000000 ____D C:\Program Files\trend micro
2017-07-18 22:43 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-16 03:18 - 2017-05-09 12:40 - 000000000 ____D C:\Users\jirka_000
2017-07-14 23:42 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-07-14 23:28 - 2017-05-09 12:40 - 000000000 ____D C:\Users\UpdatusUser
2017-07-13 09:17 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2017-07-13 07:21 - 2017-05-08 20:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-13 07:21 - 2017-05-08 20:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-13 07:21 - 2013-08-22 16:44 - 000483608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-13 01:22 - 2017-05-12 01:40 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-07-12 14:53 - 2017-05-15 08:40 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-12 08:14 - 2017-05-08 19:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-07-12 08:12 - 2017-05-08 19:45 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-12 08:12 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-07-11 12:39 - 2017-05-09 15:35 - 000004408 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-07-11 12:39 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-11 12:39 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-07-01 18:11 - 2013-05-01 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-07-01 18:11 - 2013-05-01 13:16 - 000000000 ____D C:\Program Files (x86)\ASUS
2017-07-01 18:09 - 2017-06-30 14:41 - 000000000 ____D C:\Users\jirka_000\AppData\Local\Facebook

==================== Files in the root of some directories =======

2017-06-08 08:37 - 2017-06-08 08:37 - 000000021 _____ () C:\Users\jirka_000\AppData\Roaming\my_intel.sys
2017-05-08 16:00 - 2017-07-30 08:06 - 000000061 _____ () C:\Users\jirka_000\AppData\Roaming\sp_data.sys
2013-05-01 13:15 - 2012-09-07 13:40 - 000000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 13:15 - 2009-07-22 12:04 - 000024576 _____ () C:\ProgramData\SetStretch.exe

Some files in TEMP:
====================
2017-07-29 20:22 - 2017-07-29 20:22 - 015301888 _____ (Microsoft Corporation) C:\Users\jirka_000\AppData\Local\Temp\vcredist_x64.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-24 10:17

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS SSD) (Fixed) (Total:83.25 GB) (Free:39.59 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA SSD) (Fixed) (Total:118.77 GB) (Free:91.48 GB) NTFS
Drive e: (DATA (OS původní)) (Fixed) (Total:279.01 GB) (Free:226.71 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (DATA HDD) (Fixed) (Total:398.07 GB) (Free:41.52 GB) NTFS

Available physical RAM: 3849.92 MB
Total physical RAM: 6029.62 MB
Percentage of memory in use: 36%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 223.6 GB) (Disk ID: 3EA4E8B4)
Disk: 1 (Size: 698.6 GB) (Disk ID: 038C3AB6)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\jirka_000\Desktop" je 2 MB.
 
 
***** Startup Programs *****
 
 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================
