Zde máte požadovaný log a Addition
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Karlos (administrator) on RADEMANER on 20-01-2015 11:53:29
Running from C:\Users\Karlos\Desktop
Loaded Profiles: Karlos (Available profiles: Karlos)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(TuneUp Software) D:\Programy\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVG) D:\Programy\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Actual Tools) C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe
(Actual Tools) C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter64.exe
(Actual Tools) C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsShellCenter64.exe
(Valve Corporation) D:\Programy\Steam\Steam.exe
(Valve Corporation) D:\Programy\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Programy\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Karlos\Desktop\FRSTLauncher (3).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BCSSync] => D:\Programy\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [899680 2013-02-04] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2014-07-15] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6199128 2014-07-15] (Lenovo(beijing) Limited)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [1023104 2012-10-15] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3050736 2013-04-04] (Synaptics Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-609816593-2029407241-4199411759-1000\...\Run: [GoogleChromeAutoLaunch_FE5EE8F378CB352EC496614D3C291DA8] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2015-01-09] (Google Inc.)
HKU\S-1-5-21-609816593-2029407241-4199411759-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-609816593-2029407241-4199411759-1000\...\MountPoints2: {25f5f654-5cf6-11e4-91b6-201a069a0e32} - F:\HTC_Sync_Manager_PC.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-609816593-2029407241-4199411759-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Karlos\AppData\Roaming\Mozilla\Firefox\Profiles\3awd22z6.default
FF NetworkProxy: "type",
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Programy\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Programy\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Programy\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Programy\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Programy\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> D:\Programy\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-609816593-2029407241-4199411759-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Programy\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-609816593-2029407241-4199411759-1000: @screenleap.com/ScreenleapPlugin,version=1.1 -> C:\Users\Karlos\AppData\Local\Screenleap\npscreenleap1.1.dll (ScreenLeap, Inc.)
FF Plugin HKU\S-1-5-21-609816593-2029407241-4199411759-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Karlos\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR StartupUrls: Default -> "
https://www.google.cz/"
CHR Profile: C:\Users\Karlos\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Karlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-20]
CHR Extension: (Dokumenty Google) - C:\Users\Karlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-20]
CHR Extension: (Disk Google) - C:\Users\Karlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-20]
CHR Extension: (YouTube) - C:\Users\Karlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-20]
CHR Extension: (Adblock Plus) - C:\Users\Karlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-20]
CHR Extension: (Vyhledávání Google) - C:\Users\Karlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-20]
CHR Extension: (Tabulky Google) - C:\Users\Karlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-20]
CHR Extension: (Twitch Now) - C:\Users\Karlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2015-01-20]
CHR Extension: (Peněženka Google) - C:\Users\Karlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-20]
CHR Extension: (Gmail) - C:\Users\Karlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-20]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-08-22] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-08-22] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-08-22] (BlueStack Systems, Inc.)
R2 MyPublicWiFiService; C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe [756224 2013-04-03] () [File not signed]
S4 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S4 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-06-23] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; D:\Programy\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2140984 2014-04-15] (TuneUp Software)
S3 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [26048 2014-08-12] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-10-15] (Atheros)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36520 2012-09-14] (Advanced Micro Devices, Inc.)
S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16877 2002-07-17] (Adaptec) [File not signed]
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-08-22] (BlueStack Systems)
S3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
S3 DroidCam; C:\Windows\System32\drivers\droidcam.sys [25216 2014-07-28] (Dev47Apps)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-30] (Disc Soft Ltd)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-07-13] (Sony Mobile Communications)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [117912 2012-11-19] (Qualcomm Atheros Co., Ltd.)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0059.sys [28768 2014-11-05] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-09-18] (The OpenVPN Project)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2013-04-04] (Synaptics Incorporated)
R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2014-08-12] (The OpenVPN Project)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-08-03] (The OpenVPN Project)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2014-04-05] (Spotflux, Inc.)
R3 TuneUpUtilitiesDrv; D:\Programy\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-03-26] (TuneUp Software)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1045248 2013-03-01] (Vimicro Corporation)
S3 wovad_micarray; C:\Windows\System32\drivers\womic.sys [59856 2014-05-06] (Windows (R) Win 7 DDK provider) [File not signed]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-20 11:53 - 2015-01-20 11:54 - 00015652 _____ () C:\Users\Karlos\Desktop\FRST.txt
2015-01-20 11:53 - 2015-01-20 11:53 - 00000000 ____D () C:\FRST
2015-01-20 11:51 - 2015-01-20 11:51 - 00112640 _____ (forum.viry.cz) C:\Users\Karlos\Desktop\FRSTLauncher (3).exe
2015-01-20 11:50 - 2015-01-20 11:50 - 00112640 _____ (forum.viry.cz) C:\Users\Karlos\Downloads\Nepotvrzeno 81351.crdownload
2015-01-20 11:49 - 2015-01-20 11:49 - 02126848 _____ (Farbar) C:\Users\Karlos\Desktop\FRST64.exe
2015-01-20 11:49 - 2015-01-20 11:49 - 00112640 _____ (forum.viry.cz) C:\Users\Karlos\Downloads\Nepotvrzeno 652548.crdownload
2015-01-20 11:49 - 2015-01-20 11:49 - 00112640 _____ (forum.viry.cz) C:\Users\Karlos\Downloads\Nepotvrzeno 486852.crdownload
2015-01-20 11:42 - 2015-01-20 11:42 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-20 11:42 - 2015-01-20 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-20 11:41 - 2015-01-20 11:46 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-20 11:41 - 2015-01-20 11:46 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-20 11:41 - 2015-01-20 11:42 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-20 11:41 - 2015-01-20 11:41 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-20 11:41 - 2015-01-20 11:41 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-20 11:37 - 2015-01-20 11:37 - 00029654 _____ () C:\Users\Karlos\Documents\záložky_20.01.15.html
2015-01-20 11:09 - 2015-01-20 11:13 - 00000000 ____D () C:\Users\Karlos\Downloads\backups
2015-01-20 11:09 - 2015-01-20 11:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Karlos\Downloads\hijackthis.exe
2015-01-20 11:01 - 2015-01-20 11:01 - 00000000 ____D () C:\Users\Karlos\AppData\Local\Mixesoft
2015-01-20 11:00 - 2015-01-20 11:01 - 00282624 _____ () C:\Users\Karlos\Downloads\appnhost.msi
2015-01-16 20:06 - 2015-01-16 20:06 - 00000000 ____D () C:\Users\Karlos\AppData\Local\Logitech
2015-01-16 20:05 - 2015-01-16 20:05 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\Logitech
2015-01-16 20:05 - 2015-01-16 20:05 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\Logishrd
2015-01-16 20:03 - 2015-01-16 20:05 - 67350808 _____ (Logitech Inc.) C:\Users\Karlos\Downloads\LGS_8.57.145_x64_Logitech.exe
2015-01-16 19:15 - 2014-03-22 15:36 - 50175486 _____ (Majkumi) C:\Users\Karlos\Desktop\Rayman-Legends-čeština.exe
2015-01-16 19:14 - 2015-01-16 19:14 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\Majkumi
2015-01-16 19:10 - 2015-01-16 19:12 - 45383260 _____ () C:\Users\Karlos\Downloads\Rayman-Legends-CZ.zip
2015-01-16 19:07 - 2015-01-16 19:07 - 00000503 _____ () C:\Users\Public\Desktop\Rayman Legends.lnk
2015-01-16 19:07 - 2015-01-16 19:07 - 00000503 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rayman Legends.lnk
2015-01-16 10:25 - 2015-01-16 10:26 - 00000000 ____D () C:\Users\Karlos\Documents\Rayman Legends
2015-01-16 09:51 - 2015-01-16 09:51 - 00262144 ____N () C:\Windows\Minidump\011615-46301-01.dmp
2015-01-13 16:46 - 2015-01-13 16:46 - 00116678 _____ () C:\Users\Karlos\Downloads\D0426F9E1EE2D17954AEFE14FC3A46835A76DBDA.torrent
2015-01-13 13:23 - 2015-01-13 13:23 - 00004138 _____ () C:\Windows\system32\.crusader
2015-01-13 13:10 - 2015-01-13 13:23 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-13 13:10 - 2015-01-13 13:10 - 00000000 ____D () C:\Program Files\HitmanPro
2015-01-13 13:08 - 2015-01-13 13:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-13 13:02 - 2015-01-13 13:03 - 00000000 ____D () C:\AdwCleaner
2015-01-13 13:00 - 2015-01-13 13:00 - 00000000 ____D () C:\Program Files (x86)\coinsAvee
2015-01-12 21:45 - 2015-01-12 21:45 - 00011528 _____ () C:\Users\Karlos\Downloads\[kickass.so]the.simpsons.s26e11.hdtv.x264.killers.ettv.torrent
2015-01-12 17:14 - 2015-01-13 13:04 - 00000000 ____D () C:\ProgramData\coinsAvee
2015-01-12 17:13 - 2015-01-12 21:14 - 00000000 ____D () C:\ProgramData\shoppI
2015-01-12 01:15 - 2015-01-12 01:15 - 00020066 _____ () C:\Users\Karlos\Downloads\[kickass.so]rayman.legends.2013.pc.eng.rus.multi9.repack.torrent
2015-01-11 21:44 - 2015-01-11 21:44 - 00033532 _____ () C:\Users\Karlos\Downloads\isaac-ng (2).CT
2015-01-11 21:40 - 2015-01-11 21:40 - 00108886 _____ () C:\Users\Karlos\Downloads\isaac-ng (1).CT
2015-01-11 21:38 - 2015-01-11 21:38 - 00007299 _____ () C:\Users\Karlos\Downloads\isaac-ng.CT
2015-01-11 18:54 - 2015-01-11 19:01 - 00000000 ____D () C:\Program Files (x86)\ShellfireVPN
2015-01-11 16:41 - 2015-01-11 16:41 - 00001851 _____ () C:\Users\Public\Desktop\Kepard.lnk
2015-01-11 16:41 - 2015-01-11 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kepard
2015-01-10 10:52 - 2015-01-11 16:26 - 00000000 ____D () C:\ProgramData\takeshoop
2015-01-10 10:52 - 2015-01-11 16:26 - 00000000 ____D () C:\ProgramData\adSy
2015-01-09 21:48 - 2015-01-09 21:52 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\PACE Anti-Piracy
2015-01-09 21:48 - 2015-01-09 21:52 - 00000000 ____D () C:\ProgramData\PACE Anti-Piracy
2015-01-09 21:48 - 2015-01-09 21:48 - 00000000 ____D () C:\Users\Karlos\AppData\Local\PACE Anti-Piracy
2015-01-09 21:46 - 2015-01-09 21:46 - 00000000 ____D () C:\Program Files (x86)\InterLok
2015-01-09 21:44 - 2015-01-09 21:44 - 00000000 ____D () C:\Users\Karlos\Documents\Mixcraft Projects
2015-01-09 21:42 - 2015-01-09 21:42 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\SynthMaker
2015-01-09 21:42 - 2015-01-09 21:42 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\Acoustica
2015-01-09 21:41 - 2015-01-19 21:13 - 00000000 ____D () C:\Program Files (x86)\VST
2015-01-09 21:40 - 2015-01-09 21:41 - 00000000 ____D () C:\ProgramData\Acoustica
2015-01-09 21:23 - 2015-01-09 21:23 - 00900015 _____ () C:\Windows\SysWOW64\TmpA39519124
2015-01-09 21:23 - 2015-01-09 21:23 - 00900015 _____ () C:\Windows\SysWOW64\TmpA39483166
2015-01-08 19:56 - 2015-01-08 19:56 - 00007305 _____ () C:\Users\Karlos\Downloads\MONOVA.ORG The_Simpsons_S26E10_HDTV_x264-ASAP_(eztv).torrent
2015-01-08 00:14 - 2015-01-20 10:52 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\glitz
2015-01-07 20:47 - 2015-01-07 20:47 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\Unity
2015-01-04 00:41 - 2015-01-04 00:42 - 00000000 ____D () C:\Users\Karlos\Documents\AirDroid
2015-01-04 00:41 - 2015-01-04 00:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2015-01-04 00:40 - 2015-01-04 00:40 - 08510089 _____ () C:\Users\Karlos\Downloads\AirDroid_Desktop_Client_3.0.2.exe
2015-01-03 22:21 - 2015-01-03 22:21 - 00003855 _____ () C:\Users\Karlos\Downloads\[TorrentDownloads.me]_Fraps 3 5 99 Build 15618[A4] zip.torrent
2014-12-30 13:29 - 2014-12-30 13:29 - 00013986 _____ () C:\Users\Karlos\Downloads\The.Binding.of.Isaac.Rebirth.torrent
2014-12-29 19:59 - 2014-12-29 19:59 - 00880784 _____ (Google Inc.) C:\Users\Karlos\Downloads\ChromeSetup.exe
2014-12-29 19:59 - 2014-12-29 19:59 - 00029916 _____ () C:\Users\Karlos\Documents\záložky_29.12.14.html
2014-12-25 16:54 - 2014-12-25 16:54 - 00117248 _____ (Jaex) C:\Users\Karlos\Desktop\HearthstoneResizer.exe
2014-12-25 16:27 - 2014-12-25 16:27 - 04132226 _____ () C:\Users\Karlos\Downloads\CSGO-MOVIEMAKING-BY-nmL.zip
2014-12-25 16:17 - 2014-12-25 16:17 - 01908225 _____ () C:\Users\Karlos\Downloads\VirtualDub-1.10.4.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-20 11:42 - 2014-06-26 12:56 - 00000000 ____D () C:\Users\Karlos\AppData\Local\Google
2015-01-20 11:41 - 2014-06-26 12:56 - 00000000 ____D () C:\Users\Karlos\AppData\Local\Deployment
2015-01-20 11:19 - 2009-07-14 05:45 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-20 11:19 - 2009-07-14 05:45 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-20 11:17 - 2009-07-14 16:18 - 00668792 _____ () C:\Windows\system32\perfh005.dat
2015-01-20 11:17 - 2009-07-14 16:18 - 00141420 _____ () C:\Windows\system32\perfc005.dat
2015-01-20 11:17 - 2009-07-14 06:13 - 01583226 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-20 11:15 - 2014-05-30 11:30 - 01082776 _____ () C:\Windows\WindowsUpdate.log
2015-01-20 11:14 - 2014-05-30 11:36 - 00001393 _____ () C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-20 11:12 - 2014-11-10 16:20 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-01-20 11:12 - 2014-05-30 13:33 - 00000202 _____ () C:\Windows\Tasks\AutoKMS.job
2015-01-20 11:12 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-20 11:12 - 2009-07-14 05:51 - 00129145 _____ () C:\Windows\setupact.log
2015-01-20 11:11 - 2014-05-31 21:42 - 27228040 _____ () C:\Users\Public\CAFADEBUG.log
2015-01-20 10:42 - 2009-07-14 05:45 - 04964168 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-20 10:41 - 2014-06-01 03:20 - 00069290 _____ () C:\Windows\PFRO.log
2015-01-20 00:48 - 2014-05-30 12:06 - 00084576 _____ () C:\Users\Karlos\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-20 00:12 - 2014-05-30 13:03 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\Skype
2015-01-19 19:47 - 2014-05-30 13:10 - 00000000 ____D () C:\Users\Karlos\AppData\Local\Battle.net
2015-01-19 13:05 - 2014-05-30 13:33 - 00000202 _____ () C:\Windows\Tasks\AutoKMSDaily.job
2015-01-18 13:29 - 2014-05-30 12:35 - 00000000 ____D () C:\Users\Karlos\Desktop\Obrázky
2015-01-17 19:34 - 2014-08-06 15:41 - 00000000 ____D () C:\Users\Karlos\Documents\Bluetooth Folder
2015-01-16 20:07 - 2014-08-12 08:11 - 00000000 ____D () C:\Users\Karlos\AppData\Local\CrashDumps
2015-01-16 20:06 - 2014-06-06 07:16 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-16 19:08 - 2014-06-01 16:47 - 00314284 _____ () C:\Windows\DirectX.log
2015-01-16 10:24 - 2014-06-01 16:53 - 00000000 ____D () C:\ProgramData\Orbit
2015-01-16 09:51 - 2014-07-19 12:36 - 00000000 ____D () C:\Windows\Minidump
2015-01-14 13:52 - 2014-05-31 01:01 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\uTorrent
2015-01-14 10:22 - 2014-05-30 14:59 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\vlc
2015-01-13 13:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Branding
2015-01-13 13:05 - 2014-05-30 21:10 - 00116646 _____ () C:\Windows\AutoKMS.log
2015-01-13 13:05 - 2014-05-30 13:33 - 00002740 _____ () C:\Windows\System32\Tasks\AutoKMSDaily
2015-01-13 12:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-01-12 21:15 - 2014-10-06 18:48 - 00000000 ____D () C:\Program Files (x86)\TunnelBear
2015-01-12 16:07 - 2014-10-06 18:50 - 00000000 ____D () C:\Users\Karlos\AppData\Local\HockeyCrashes
2015-01-12 01:50 - 2014-07-20 00:09 - 00000000 ____D () C:\ProgramData\Origin
2015-01-12 01:33 - 2014-11-11 15:26 - 00000000 ____D () C:\Program Files\TAP-Windows
2015-01-12 01:33 - 2014-09-29 21:17 - 00000000 ____D () C:\Program Files\OpenVPN
2015-01-11 16:41 - 2014-11-18 14:49 - 00000000 ____D () C:\Program Files (x86)\Kepard
2015-01-11 16:35 - 2014-05-30 11:36 - 00000000 ____D () C:\Users\Karlos
2015-01-11 16:34 - 2014-08-06 15:45 - 00000000 ____D () C:\ProgramData\Atheros
2015-01-11 16:34 - 2014-07-15 13:17 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-01-11 16:34 - 2014-07-09 11:45 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\Winamp
2015-01-11 16:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-06 04:36 - 2014-05-30 12:29 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-04 00:45 - 2014-05-30 13:23 - 00000000 ___RD () C:\Users\Karlos\Desktop\Programy
2015-01-03 00:31 - 2014-05-30 13:10 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\Battle.net
2015-01-03 00:31 - 2014-05-30 12:58 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-01-03 00:31 - 2009-07-14 16:36 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-29 16:25 - 2014-07-13 13:14 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-27 14:18 - 2014-05-31 17:52 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Actual Multiple Monitors
2014-12-27 14:18 - 2014-05-31 17:52 - 00000000 ____D () C:\Program Files (x86)\Actual Multiple Monitors
2014-12-23 20:55 - 2014-06-11 16:36 - 00000000 ____D () C:\Users\Karlos\AppData\Roaming\TS3Client
2014-12-23 14:19 - 2014-08-12 02:02 - 00000000 ____D () C:\Users\Karlos\Documents\TrackMania
2014-12-23 14:08 - 2014-08-12 02:02 - 00000000 ____D () C:\ProgramData\TrackMania
2014-12-21 13:19 - 2014-10-10 14:10 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-21 13:19 - 2014-05-30 13:03 - 00000000 ____D () C:\ProgramData\Skype
==================== Files in the root of some directories =======
2014-09-21 21:04 - 2014-09-25 20:48 - 0000600 _____ () C:\Users\Karlos\AppData\Roaming\winscp.rnd
2014-09-28 01:05 - 2014-09-28 01:05 - 0000000 ___SH () C:\Users\Karlos\AppData\Local\LumaEmu
2014-05-31 19:34 - 2014-05-31 19:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-07-28 23:00 - 2014-07-28 23:11 - 0000032 _____ () C:\ProgramData\droidcam-settings
Some content of TEMP:
====================
C:\Users\Karlos\AppData\Local\Temp\ammemb.dll
C:\Users\Karlos\AppData\Local\Temp\ammemb64.dll
C:\Users\Karlos\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Karlos\AppData\Local\Temp\optprosetup.exe
C:\Users\Karlos\AppData\Local\Temp\Quarantine.exe
C:\Users\Karlos\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Karlos\AppData\Local\Temp\sqlite-3.8.2-amd64-sqlitejdbc.dll
C:\Users\Karlos\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-14 01:10
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:244.04 GB) (Free:164.17 GB) NTFS
Drive d: () (Fixed) (Total:687.37 GB) (Free:243.2 GB) NTFS
Available physical RAM: 5309.37 MB
Total physical RAM: 8108.36 MB
Percentage of memory in use: 34%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=687.4 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Microsoft:HF9qGGr3ApQoWrt2Gq3sxmF4IwW
AlternateDataStreams: C:\ProgramData\Microsoft:V5oukbGzMdOgiOSklbgs87
AlternateDataStreams: C:\Users\Karlos\Local Settings:T156dFca8uo2SFgdkUzAwOv
AlternateDataStreams: C:\Users\Karlos\AppData\Local:T156dFca8uo2SFgdkUzAwOv
AlternateDataStreams: C:\Users\Karlos\AppData\Local\Data aplikací:T156dFca8uo2SFgdkUzAwOv
AlternateDataStreams: C:\Users\Karlos\AppData\Local\Temporary Internet Files:kM4gkOw3GlYyq7mniW7BZcSo9
==================== Security Center ==================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Karlos\Desktop" je 4097 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\331BigDog
C:\Program Files (x86)\USB Camera\VM331STI.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirDroid 3
D:\Programy\AirDroid\AirDroid.exe /start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray
"C:\Program Files (x86)\Bluetooth Suite\athbttray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GSplay.exe
C:\Users\Karlos\AppData\Local\Temp\Rar$EXa0.786\GSplay.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"D:\Programy\Hamachi\hamachi-2-ui.exe" --auto-start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyPublicWiFi
C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProxyCap
D:\Programy\ProxyCap\pcapui.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PrivateTunnel.lnk
C:\PROGRA~2\OPENVP~1\PRIVAT~1\PRIVAT~1.EXE [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Remote PC Server.lnk
D:\Programy\REMOTE~1.4\REMOTE~1.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Dejte na uvod log z FRST