﻿Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-01-2014
Ran by Jarmila (administrator) on JARIS on 06-01-2014 16:03:42
Running from C:\Users\Jarmila\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimDrivers\SlimDrivers.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe
(Ellora Assets Corp.) C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Brio) C:\Program Files\FolderSize\FolderSize.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 11\Snagit32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 11\TscHelp.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 11\SnagPriv.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TechSmith Corporation) C:\Program Files\TechSmith\Snagit 11\SnagitEditor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\GRETECH\GomPlayer\GOM.EXE
(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe
(forum.viry.cz) C:\Users\Jarmila\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NPSStartup] - [x]
HKLM\...\Run: [USB2Check] - RUNDLL32.EXE "C:\Windows\system32\PCLECoInst.dll",CheckUSBController
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-26] (AVAST Software)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20588704 2013-11-15] (Skype Technologies S.A.)
HKCU\...\Run: [Nektra OEAPI] - [x]
HKCU\...\Run: [OEXPRESS] - [x]
HKCU\...\Run: [WEBTRAN] - [x]
HKCU\...\Run: [Folder Size] - C:\Program Files\FolderSize\FolderSize.exe [126976 2013-02-13] (Brio)
HKCU\...0c966feabec1\InprocServer32: [Default-shell32]  ATTENTION! ====> ZeroAccess?
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {E738541A-4B8C-4A66-9FC0-961D9E7E9895} URL = http://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA;
SearchScopes: HKCU - {BA2D08E5-636B-431D-8942-233EA2D4F49C} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=183666&p={searchTerms}
SearchScopes: HKCU - {E738541A-4B8C-4A66-9FC0-961D9E7E9895} URL = http://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA;
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} -  No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37

FireFox:
========
FF ProfilePath: C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default
FF Homepage: hxxp://www.seznam.cz/
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_39.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\searchplugins\filmova-databaze-fdbcz.xml
FF SearchPlugin: C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\searchplugins\firmycz.xml
FF SearchPlugin: C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\searchplugins\mapycz.xml
FF SearchPlugin: C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml
FF SearchPlugin: C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\searchplugins\wwwslovnik-cizich-slovcz.xml
FF SearchPlugin: C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\searchplugins\zbocz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Default Theme Engine - Personas Interactive - C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\Extensions\btpersonas@brandthunder.com
FF Extension: WebTran - C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\Extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
FF Extension: DownloadHelper - C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: CSHelper - C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473}
FF Extension: YesScript - C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\Extensions\yesscript@userstyles.org.xpi
FF Extension: Session Manager - C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
FF Extension: ImTranslator - C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF Extension: Easy YouTube Video Downloader - C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: Adblock Plus - C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Greasemonkey - C:\Users\Jarmila\AppData\Roaming\Mozilla\Firefox\Profiles\9r7lebi0.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: avast! Ad Blocker - C:\Program Files\Mozilla Firefox\extensions\adblocker@avast.com.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR RestoreOnStartup: "hxxp://www.seznam.cz/"
CHR DefaultSearchKeyword: yahoo.com
CHR DefaultSearchProvider: Yahoo!
CHR DefaultSearchURL: http://search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=183666&p={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (avast! Online Security) - C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Skype Click to Call) - C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR Extension: (Web Navigation) - C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja\1.0_0
CHR Extension: (Google Wallet) - C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [lkemddiljapcmhicklfpcbpfffahfbja] - C:\Users\Jarmila\AppData\Local\Google\Chrome\User Data\Default\extensions\WebNavigation.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-26] (AVAST Software)
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [114688 2013-02-13] (Brio)
R2 FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-11-21] (Ellora Assets Corp.)
S2 gupdate1ca71a0c6a07edb; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-11-30] (Google Inc.)
S3 Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2009-03-15] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S2 TemproMonitoringService; C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [124368 2010-10-26] (Toshiba Europe GmbH)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [24408 2012-02-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2013-12-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2013-12-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-11-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2013-12-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2013-12-26] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-12-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-26] ()
U0 eccpahab; C:\Windows\System32\drivers\fvae.sys [54016 2014-01-06] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
S4 IObitUnlocker; C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys [28016 2011-08-26] ()
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [145152 2013-07-27] (ITE                      )
R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R3 LAN7500; C:\Windows\System32\DRIVERS\lan7500-x86-n60f.sys [73728 2013-11-06] (SMSC)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 OlyCamComm; C:\Windows\System32\DRIVERS\OlyCamComm.sys [21648 2009-09-10] (OLYMPUS IMAGING CORP.)
S3 PinnacleMarvinAVS; C:\Windows\System32\DRIVERS\MarvinAVS.sys [434176 2007-05-09] (Pinnacle a division of Avid Technology, Inc.)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [347648 2000-01-01] (Realtek Semiconductor Corporation                           )
R1 RtlProt; C:\Windows\System32\DRIVERS\rtlprot.sys [25896 2007-04-23] (Windows (R) Codename Longhorn DDK provider)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
S3 SE31bus; C:\Windows\System32\DRIVERS\SE31bus.sys [61600 2006-05-01] (MCCI)
S3 SE31mdfl; C:\Windows\System32\DRIVERS\SE31mdfl.sys [9360 2006-05-01] (MCCI)
S3 SE31mdm; C:\Windows\System32\DRIVERS\SE31mdm.sys [97184 2006-05-01] (MCCI)
S3 SE31mgmt; C:\Windows\System32\DRIVERS\SE31mgmt.sys [88688 2006-05-01] (MCCI)
S3 se31nd5; C:\Windows\System32\DRIVERS\se31nd5.sys [18704 2006-05-01] (MCCI)
S3 SE31obex; C:\Windows\System32\DRIVERS\SE31obex.sys [86560 2006-05-01] (MCCI)
S3 se31unic; C:\Windows\System32\DRIVERS\se31unic.sys [90800 2006-05-01] (MCCI)
R1 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5632 2006-07-24] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-01-06] ()
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [17960 2008-07-15] (Chicony Electronics Co., Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-06 16:03 - 2014-01-06 16:04 - 00021986 _____ C:\Users\Jarmila\Desktop\FRST.txt
2014-01-06 16:03 - 2014-01-06 16:03 - 00000000 ____D C:\FRST
2014-01-06 14:39 - 2014-01-06 14:39 - 00112640 _____ (forum.viry.cz) C:\Users\Jarmila\Desktop\FRSTLauncher.exe
2014-01-06 14:38 - 2014-01-06 14:38 - 01064805 _____ (Farbar) C:\Users\Jarmila\Desktop\FRST.exe
2014-01-06 10:33 - 2014-01-06 12:19 - 00000000 ____D C:\Users\Jarmila\Filmy
2014-01-06 10:23 - 2014-01-06 10:23 - 00054016 _____ C:\Windows\system32\Drivers\fvae.sys
2014-01-05 14:44 - 2014-01-05 14:44 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\streamripper
2014-01-05 11:05 - 2014-01-05 11:20 - 00000000 ____D C:\Program Files\Skins
2014-01-04 12:52 - 2014-01-04 12:53 - 00000000 ____D C:\Users\Jarmila\Desktop\RK_Quarantine
2014-01-04 09:58 - 2014-01-04 09:58 - 00001013 _____ C:\Users\Jarmila\Desktop\Some PDF to Word Converterr.lnk
2014-01-04 09:58 - 2014-01-04 09:58 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\SomePDF
2014-01-04 09:58 - 2014-01-04 09:58 - 00000000 ____D C:\Program Files\SomePDF
2014-01-03 10:38 - 2014-01-03 13:20 - 727558144 _____ C:\Users\Jarmila\Downloads\Nákaza.avi
2014-01-02 09:44 - 2014-01-02 14:04 - 00000000 ____D C:\Users\Jarmila\Downloads\Lone Survivor 2013 DVDSCR x264 AC3-MiLLENiUM
2014-01-02 08:40 - 2014-01-02 08:41 - 00000000 ____D C:\Users\Jarmila\Downloads\30 minut po pulnoci
2014-01-01 16:53 - 2014-01-01 16:53 - 00030760 _____ C:\Users\Jarmila\Documents\3om0Pq
2014-01-01 16:47 - 2014-01-01 16:47 - 00001579 _____ C:\Users\Public\Desktop\Opera.lnk
2014-01-01 16:40 - 2014-01-01 16:43 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\Opera Software
2014-01-01 16:40 - 2014-01-01 16:43 - 00000000 ____D C:\Users\Jarmila\AppData\Local\Opera Software
2013-12-31 16:16 - 2014-01-05 17:19 - 00000000 ____D C:\Users\Jarmila\Desktop\UTILITY
2013-12-31 16:14 - 2011-12-10 13:23 - 00976384 _____ (Quick And Easy Software) C:\Users\Jarmila\Desktop\USB_Disk_Eject.exe
2013-12-31 15:36 - 2013-12-31 16:08 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\USBSafelyRemove
2013-12-29 10:46 - 2014-01-04 16:25 - 00000000 ____D C:\Users\Jarmila\AppData\Local\GHISLER
2013-12-29 10:41 - 2013-12-29 10:41 - 00000589 _____ C:\Users\Jarmila\Desktop\Total Commander.lnk
2013-12-29 10:41 - 2013-12-29 10:41 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2013-12-29 10:17 - 2013-12-29 10:17 - 00001060 _____ C:\Users\Public\Desktop\ArtRage Studio Pro.lnk
2013-12-29 10:16 - 2013-12-29 10:16 - 00000000 ____D C:\Program Files\Ambient Design
2013-12-29 10:14 - 2013-12-29 10:17 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\Ambient Design
2013-12-29 08:52 - 2013-12-29 08:52 - 00000000 _____ C:\Windows\setuperr.log
2013-12-29 08:52 - 2013-12-29 08:52 - 00000000 _____ C:\Windows\setupact.log
2013-12-29 08:43 - 2014-01-06 08:14 - 00070478 _____ C:\Windows\PFRO.log
2013-12-27 18:41 - 2013-12-27 18:53 - 00000000 ____D C:\Users\Jarmila\Downloads\Michael Flatley - Lord Of The Dance 1996 (1997)
2013-12-27 16:36 - 2013-12-27 16:55 - 00000532 _____ C:\Users\Jarmila\Desktop\přečti .bat
2013-12-26 11:40 - 2013-12-26 11:40 - 00000864 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2013-12-26 02:21 - 2013-12-26 02:21 - 00001953 _____ C:\Users\Public\Desktop\FaceFilter Studio 2.lnk
2013-12-26 02:21 - 2013-12-26 02:21 - 00000076 __RSH C:\Windows\FFSSET.BIN
2013-12-26 02:21 - 2013-12-26 02:21 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\Reallusion
2013-12-26 02:20 - 2013-12-26 02:20 - 00000000 ____D C:\Users\Public\Documents\Reallusion
2013-12-26 02:20 - 2013-12-26 02:20 - 00000000 ____D C:\Program Files\Reallusion
2013-12-23 09:56 - 2013-12-23 09:56 - 01233962 _____ C:\Users\Jarmila\Desktop\AdwCleaner(2).exe
2013-12-19 14:52 - 2013-12-19 14:52 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\GetWare
2013-12-19 13:43 - 2013-12-19 13:43 - 00001922 _____ C:\Users\Jarmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebCam Live.lnk
2013-12-19 13:43 - 2013-12-19 13:43 - 00001892 _____ C:\Users\Jarmila\Desktop\WebCam Live.lnk
2013-12-19 13:42 - 2013-12-19 13:42 - 00000000 ____D C:\Program Files\GetWare
2013-12-19 02:56 - 2013-12-19 02:56 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
2013-12-15 15:30 - 2013-12-22 09:00 - 00000920 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2013-12-15 12:17 - 2013-12-15 12:19 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\TeraCopy
2013-12-15 12:17 - 2013-12-15 12:17 - 00000000 ____D C:\Program Files\TeraCopy
2013-12-13 14:12 - 2013-12-13 14:12 - 00001870 _____ C:\Users\Public\Desktop\Xilisoft HD Video Converter.lnk
2013-12-13 14:12 - 2013-12-13 14:12 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\Xilisoft
2013-12-13 14:11 - 2013-12-13 14:11 - 00000000 ____D C:\ProgramData\Xilisoft
2013-12-13 14:11 - 2013-12-13 14:11 - 00000000 ____D C:\Program Files\Xilisoft
2013-12-13 13:32 - 2013-12-13 13:32 - 00000000 ____D C:\Program Files\Xiph.Org
2013-12-13 11:37 - 2013-12-13 11:59 - 00000000 ____D C:\123VideoMagicPro
2013-12-13 11:37 - 2013-12-13 11:50 - 00000000 ____D C:\ProgramData\123VDM
2013-12-12 12:01 - 2013-11-14 23:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 12:01 - 2013-11-14 23:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 12:01 - 2013-11-14 23:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-12 12:01 - 2013-11-14 23:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 12:01 - 2013-11-14 23:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-12 12:01 - 2013-11-14 23:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-12 12:01 - 2013-11-14 23:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 12:01 - 2013-11-14 23:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-12 12:01 - 2013-11-14 23:36 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 12:01 - 2013-11-14 23:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-12 12:01 - 2013-11-14 23:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 12:01 - 2013-11-14 23:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 12:00 - 2013-11-15 00:13 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 12:00 - 2013-11-14 23:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 12:00 - 2013-11-14 23:43 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 12:00 - 2013-11-14 23:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 20:03 - 2013-12-11 20:03 - 00002038 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-11 15:20 - 2013-10-30 03:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-12-11 15:20 - 2013-10-30 02:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 15:20 - 2013-10-30 01:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 15:20 - 2013-10-30 01:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 15:20 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 15:20 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 15:20 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 15:20 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2013-12-11 15:20 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 15:20 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 10:37 - 2013-12-11 10:37 - 00405408 _____ (RealWorld Graphics) C:\Users\Jarmila\Desktop\PhotoResize400.exe

==================== One Month Modified Files and Folders =======

2014-01-06 16:04 - 2014-01-06 16:03 - 00021986 _____ C:\Users\Jarmila\Desktop\FRST.txt
2014-01-06 16:04 - 2010-01-22 17:37 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\Skype
2014-01-06 16:03 - 2014-01-06 16:03 - 00000000 ____D C:\FRST
2014-01-06 16:02 - 2012-07-04 22:29 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-06 16:00 - 2013-10-09 18:49 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-06 15:22 - 2013-08-20 11:50 - 01587123 _____ C:\Windows\WindowsUpdate.log
2014-01-06 14:39 - 2014-01-06 14:39 - 00112640 _____ (forum.viry.cz) C:\Users\Jarmila\Desktop\FRSTLauncher.exe
2014-01-06 14:38 - 2014-01-06 14:38 - 01064805 _____ (Farbar) C:\Users\Jarmila\Desktop\FRST.exe
2014-01-06 14:15 - 2006-11-02 13:47 - 00003216 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-06 14:15 - 2006-11-02 13:47 - 00003216 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-06 13:57 - 2013-10-07 11:23 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\XnViewMP
2014-01-06 12:19 - 2014-01-06 10:33 - 00000000 ____D C:\Users\Jarmila\Filmy
2014-01-06 12:19 - 2013-07-02 17:26 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\uTorrent
2014-01-06 10:33 - 2009-03-15 13:47 - 00000000 ____D C:\Users\Jarmila
2014-01-06 10:23 - 2014-01-06 10:23 - 00054016 _____ C:\Windows\system32\Drivers\fvae.sys
2014-01-06 10:23 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\twain_32
2014-01-06 08:18 - 2013-08-22 10:47 - 00000390 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2014-01-06 08:16 - 2013-08-22 10:46 - 00013464 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2014-01-06 08:15 - 2013-10-09 18:49 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-06 08:15 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-06 08:14 - 2013-12-29 08:43 - 00070478 _____ C:\Windows\PFRO.log
2014-01-06 08:12 - 2013-08-21 12:51 - 00000000 ____D C:\AdwCleaner
2014-01-06 08:12 - 2013-07-15 09:19 - 00000012 _____ C:\Windows\bthservsdp.dat
2014-01-06 08:12 - 2006-11-02 14:01 - 00032576 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-05 17:29 - 2013-08-20 13:00 - 00004630 _____ C:\UsbFix.txt
2014-01-05 17:28 - 2013-08-20 13:00 - 00000000 ____D C:\UsbFix
2014-01-05 17:19 - 2013-12-31 16:16 - 00000000 ____D C:\Users\Jarmila\Desktop\UTILITY
2014-01-05 17:17 - 2008-01-21 07:47 - 01532794 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-05 15:00 - 2013-08-19 11:26 - 00000000 ____D C:\Program Files\trend micro
2014-01-05 14:44 - 2014-01-05 14:44 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\streamripper
2014-01-05 11:20 - 2014-01-05 11:05 - 00000000 ____D C:\Program Files\Skins
2014-01-05 10:23 - 2013-07-01 08:18 - 00000000 ____D C:\Users\Jarmila\TapinRadio
2014-01-04 19:07 - 2013-08-29 11:21 - 00000900 _____ C:\Users\Jarmila\AppData\Roaming\__AvidCloudManager.log
2014-01-04 18:41 - 2009-04-19 10:08 - 00181248 _____ C:\Users\Jarmila\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 17:57 - 2013-08-29 11:20 - 00000000 ____D C:\Users\Jarmila\AppData\Local\Avid
2014-01-04 17:56 - 2013-08-29 11:21 - 00004945 _____ C:\Users\Jarmila\AppData\Roaming\JARIS.MTBF.txt
2014-01-04 17:56 - 2013-07-02 15:15 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2014-01-04 16:29 - 2009-03-15 17:06 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\GHISLER
2014-01-04 16:25 - 2013-12-29 10:46 - 00000000 ____D C:\Users\Jarmila\AppData\Local\GHISLER
2014-01-04 15:39 - 2009-03-15 13:47 - 00000000 ___RD C:\Users\Jarmila\Obrázky
2014-01-04 12:53 - 2014-01-04 12:52 - 00000000 ____D C:\Users\Jarmila\Desktop\RK_Quarantine
2014-01-04 10:26 - 2013-08-20 13:55 - 00000000 ____D C:\Users\Jarmila\Documents\Manuály
2014-01-04 09:58 - 2014-01-04 09:58 - 00001013 _____ C:\Users\Jarmila\Desktop\Some PDF to Word Converterr.lnk
2014-01-04 09:58 - 2014-01-04 09:58 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\SomePDF
2014-01-04 09:58 - 2014-01-04 09:58 - 00000000 ____D C:\Program Files\SomePDF
2014-01-04 09:50 - 2009-07-11 21:53 - 00002635 _____ C:\Users\Jarmila\Desktop\Microsoft Office Word 2007.lnk
2014-01-04 05:01 - 2008-08-25 15:21 - 00000000 ____D C:\Program Files\Google
2014-01-03 13:20 - 2014-01-03 10:38 - 727558144 _____ C:\Users\Jarmila\Downloads\Nákaza.avi
2014-01-02 14:04 - 2014-01-02 09:44 - 00000000 ____D C:\Users\Jarmila\Downloads\Lone Survivor 2013 DVDSCR x264 AC3-MiLLENiUM
2014-01-02 09:19 - 2013-11-19 12:48 - 00000452 _____ C:\Users\Jarmila\Desktop\čti.bat
2014-01-02 08:41 - 2014-01-02 08:40 - 00000000 ____D C:\Users\Jarmila\Downloads\30 minut po pulnoci
2014-01-01 16:53 - 2014-01-01 16:53 - 00030760 _____ C:\Users\Jarmila\Documents\3om0Pq
2014-01-01 16:47 - 2014-01-01 16:47 - 00001579 _____ C:\Users\Public\Desktop\Opera.lnk
2014-01-01 16:47 - 2009-03-15 15:34 - 00000000 ____D C:\Program Files\Opera
2014-01-01 16:43 - 2014-01-01 16:40 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\Opera Software
2014-01-01 16:43 - 2014-01-01 16:40 - 00000000 ____D C:\Users\Jarmila\AppData\Local\Opera Software
2014-01-01 16:43 - 2009-03-15 13:53 - 00000914 _____ C:\Users\Jarmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-31 16:08 - 2013-12-31 15:36 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\USBSafelyRemove
2013-12-31 06:06 - 2013-07-03 13:15 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\XnView
2013-12-30 14:46 - 2013-07-02 15:17 - 00000000 ____D C:\Users\Jarmila\AppData\Local\CrashDumps
2013-12-29 10:41 - 2013-12-29 10:41 - 00000589 _____ C:\Users\Jarmila\Desktop\Total Commander.lnk
2013-12-29 10:41 - 2013-12-29 10:41 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2013-12-29 10:41 - 2009-03-15 17:06 - 00000000 ____D C:\totalcmd
2013-12-29 10:17 - 2013-12-29 10:17 - 00001060 _____ C:\Users\Public\Desktop\ArtRage Studio Pro.lnk
2013-12-29 10:17 - 2013-12-29 10:14 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\Ambient Design
2013-12-29 10:16 - 2013-12-29 10:16 - 00000000 ____D C:\Program Files\Ambient Design
2013-12-29 08:52 - 2013-12-29 08:52 - 00000000 _____ C:\Windows\setuperr.log
2013-12-29 08:52 - 2013-12-29 08:52 - 00000000 _____ C:\Windows\setupact.log
2013-12-29 08:46 - 2010-12-05 22:13 - 00001356 _____ C:\Users\Jarmila\AppData\Local\d3d9caps.dat
2013-12-28 10:44 - 2013-09-01 21:09 - 00000000 ____D C:\Users\Jarmila\maily
2013-12-28 08:20 - 2013-08-20 13:34 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\Audacity
2013-12-27 18:53 - 2013-12-27 18:41 - 00000000 ____D C:\Users\Jarmila\Downloads\Michael Flatley - Lord Of The Dance 1996 (1997)
2013-12-27 16:55 - 2013-12-27 16:36 - 00000532 _____ C:\Users\Jarmila\Desktop\přečti .bat
2013-12-26 13:06 - 2012-10-18 08:46 - 00000769 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-26 13:06 - 2012-10-18 08:46 - 00000000 ____D C:\Program Files\CCleaner
2013-12-26 12:02 - 2012-07-04 22:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-26 12:02 - 2011-05-26 06:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-26 11:50 - 2012-03-05 15:25 - 00001838 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-26 11:49 - 2013-03-11 17:27 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-26 11:49 - 2012-03-05 15:25 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-12-26 11:49 - 2012-03-05 15:25 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-26 11:49 - 2012-03-05 15:25 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-12-26 11:49 - 2012-03-05 15:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-26 11:49 - 2011-09-26 16:48 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-26 11:49 - 2009-03-15 15:19 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-26 11:49 - 2009-03-15 15:19 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-12-26 11:40 - 2013-12-26 11:40 - 00000864 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2013-12-26 02:21 - 2013-12-26 02:21 - 00001953 _____ C:\Users\Public\Desktop\FaceFilter Studio 2.lnk
2013-12-26 02:21 - 2013-12-26 02:21 - 00000076 __RSH C:\Windows\FFSSET.BIN
2013-12-26 02:21 - 2013-12-26 02:21 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\Reallusion
2013-12-26 02:20 - 2013-12-26 02:20 - 00000000 ____D C:\Users\Public\Documents\Reallusion
2013-12-26 02:20 - 2013-12-26 02:20 - 00000000 ____D C:\Program Files\Reallusion
2013-12-26 02:20 - 2008-08-25 14:43 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-23 16:43 - 2013-09-03 09:24 - 00000000 ____D C:\Users\Jarmila\Documents\web
2013-12-23 16:34 - 2013-08-29 11:21 - 00000964 _____ C:\Users\Jarmila\AppData\Roaming\__AvidCloudManagerPrevious.log
2013-12-23 09:56 - 2013-12-23 09:56 - 01233962 _____ C:\Users\Jarmila\Desktop\AdwCleaner(2).exe
2013-12-22 09:00 - 2013-12-15 15:30 - 00000920 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2013-12-22 07:37 - 2006-11-02 13:47 - 00402096 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-20 10:17 - 2013-11-16 13:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 14:52 - 2013-12-19 14:52 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\GetWare
2013-12-19 13:43 - 2013-12-19 13:43 - 00001922 _____ C:\Users\Jarmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebCam Live.lnk
2013-12-19 13:43 - 2013-12-19 13:43 - 00001892 _____ C:\Users\Jarmila\Desktop\WebCam Live.lnk
2013-12-19 13:42 - 2013-12-19 13:42 - 00000000 ____D C:\Program Files\GetWare
2013-12-19 02:56 - 2013-12-19 02:56 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
2013-12-16 02:24 - 2009-03-15 13:48 - 00120808 _____ C:\Users\Jarmila\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-15 15:31 - 2013-04-02 20:08 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\TeamViewer
2013-12-15 15:30 - 2013-10-23 14:15 - 00000000 ____D C:\Program Files\TeamViewer
2013-12-15 12:19 - 2013-12-15 12:17 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\TeraCopy
2013-12-15 12:17 - 2013-12-15 12:17 - 00000000 ____D C:\Program Files\TeraCopy
2013-12-13 14:12 - 2013-12-13 14:12 - 00001870 _____ C:\Users\Public\Desktop\Xilisoft HD Video Converter.lnk
2013-12-13 14:12 - 2013-12-13 14:12 - 00000000 ____D C:\Users\Jarmila\AppData\Roaming\Xilisoft
2013-12-13 14:11 - 2013-12-13 14:11 - 00000000 ____D C:\ProgramData\Xilisoft
2013-12-13 14:11 - 2013-12-13 14:11 - 00000000 ____D C:\Program Files\Xilisoft
2013-12-13 13:32 - 2013-12-13 13:32 - 00000000 ____D C:\Program Files\Xiph.Org
2013-12-13 11:59 - 2013-12-13 11:37 - 00000000 ____D C:\123VideoMagicPro
2013-12-13 11:50 - 2013-12-13 11:37 - 00000000 ____D C:\ProgramData\123VDM
2013-12-13 10:38 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-12 12:25 - 2013-11-28 13:08 - 00000000 ____D C:\Windows\system32\RTCOM
2013-12-12 12:07 - 2013-07-12 02:15 - 00000000 ____D C:\Windows\system32\MRT
2013-12-12 12:03 - 2006-11-02 11:24 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-12-11 20:03 - 2013-12-11 20:03 - 00002038 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-11 10:37 - 2013-12-11 10:37 - 00405408 _____ (RealWorld Graphics) C:\Users\Jarmila\Desktop\PhotoResize400.exe
2013-12-09 15:56 - 2009-03-15 14:50 - 00000000 ____D C:\Users\Jarmila\AppData\Local\Adobe

Files to move or delete:
====================
C:\Users\Jarmila\AppData\Roaming\CamLayout.ini
C:\Users\Jarmila\AppData\Roaming\CamShapes.ini
C:\Users\Jarmila\winmail.dat


Some content of TEMP:
====================
C:\Users\Jarmila\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-06 08:26




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Vista) (Fixed) (Total:116.29 GB) (Free:18.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Data) (Fixed) (Total:115.13 GB) (Free:3.63 GB) NTFS

Available physical RAM: 934.17 MB
Total physical RAM: 2939.25 MB
Percentage of memory in use: 68%

==================== MBR and Partition Table ==================

Folder Size (Version: 2.6 - Brio)
Error: (01/02/2014 09:06:49 AM) (Source: FolderSize) (User: )
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: EFBD26ED)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=115 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files\SlimDrivers\SlimDrivers.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:DDF13E9F

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jarmila\Desktop" je 30 MB.
 
 
***** Startup Programs *****
 
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\00TCrdMain
%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe  [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool
"C:\Program Files\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe" 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software
"C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cfFncEnabler.exe
"C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Jarmila\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Jarmila\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe
C:\Windows\ehome\ehTray.exe  

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX110 Series (kopie 1)
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE /FU "C:\Windows\TEMP\E_SA16D.tmp" /EF "HKCU" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileHippo.com
"C:\Program Files\FileHippo.com\UpdateChecker.exe" /background [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry
C:\Program Files\SmartTweak Software\FixMyRegistry\FixMyRegistry.exe /ot /as [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FPVProTrialInfo
"C:\Program Files\FastPictureViewer\FPVTrialInfo.exe" 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GIGABYTEMOUSE
C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google EULA Launcher
c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Jarmila\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
C:\Windows\system32\hkcmd.exe  

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HSON
%ProgramFiles%\TOSHIBA\TBS\HSON.exe  [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
C:\Windows\system32\igfxtray.exe  

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe
"C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OV3_Monitor
"C:\Program Files\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe" -NoStart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\Windows\system32\igfxpers.exe  

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
"C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr
C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files\Windows Sidebar\SideBar.exe /autoRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView
%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe  [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite
"C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe" 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPO
C:\Program Files\Toshiba TEMPRO\TemproTray.exe 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO
%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPwrMain
"C:\Program Files\Unlocker\UnlockerAssistant.exe" 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant
D:\ochrana\USB Disk Security\USBGuard.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Security
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe  

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip
%ProgramFiles%\Windows Defender\MSASCui.exe -hide [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender
C:\Program Files\Windows Media Player\WMPNSCFG.exe 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16
Reim ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\30D80A~1.285\SSSCHE~1.EXE  [x]

 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================
