Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-09-2016
Ran by Reichlovi (administrator) on REICHLOVI-PC (02-10-2016 12:09:13)
Running from C:\Users\Reichlovi\Desktop
Loaded Profiles: Reichlovi (Available Profiles: Reichlovi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(BitTorrent Inc.) C:\Users\Reichlovi\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc.) C:\Users\Reichlovi\AppData\Roaming\BitTorrent\updates\7.9.8_42577\utorrentie.exe
(BitTorrent Inc.) C:\Users\Reichlovi\AppData\Roaming\BitTorrent\updates\7.9.8_42577\utorrentie.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(VoyagerSoft, LLC) C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(forum.viry.cz) C:\Users\Reichlovi\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-01] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-08-11] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-04] (Realtek Semiconductor)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-15] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Run: [BitTorrent] => C:\Users\Reichlovi\AppData\Roaming\BitTorrent\BitTorrent.exe [2142920 2016-09-11] (BitTorrent Inc.)
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-04-02] (ZONER software)
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\MountPoints2: {acb2e8f6-8403-11e1-9c1c-742f68f79091} - G:\LaunchU3.exe -a
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-15] (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
GroupPolicy: Restriction - Windows Degender <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.1 mssplus.mcafee.com127.0.0.1 clients2.google.com
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{075C9805-CA72-4677-80AC-4106DD951ED9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4FC55DA9-B0FF-4039-9D81-D9C409799856}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{58D541B3-2804-490A-B5B5-07C609DC4120}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{5D9CCA1D-2EC4-45EB-A794-39E9E4FC95CC}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130951195758167415&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130951195759557495&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130951195759667501&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://
www.seznam.cz/?clid=22668
URLSearchHook: HKLM-x32 -> Default = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://
www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://
www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://
www.google.com/search?sourceid=ie7&q={s ... lz=1I7ASUT
SearchScopes: HKU\S-1-5-21-4126292724-816047313-1187439271-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4126292724-816047313-1187439271-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: No Name -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> No File
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: Solid Converter PDF -> {259F616C-A300-44F5-B04A-ED001A26C85C} -> C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll [2006-11-02] (VoyagerSoft, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2016-01-09] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-09] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\x98b9xdi.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-21] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in -> C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [2012-09-04] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-06-28] (VideoLAN)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-4126292724-816047313-1187439271-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Reichlovi\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-4126292724-816047313-1187439271-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Reichlovi\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-12-09] (Nullsoft, Inc.)
FF Extension: (Firefox Hotfix) - C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\x98b9xdi.default\Extensions\
firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF HKLM\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-02]
FF HKLM\...\Firefox\Extensions: [
sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-02]
FF HKLM\...\Thunderbird\Extensions: [
eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [
sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Thunderbird\Extensions: [
eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
Chrome:
=======
CHR HomePage: Default -> hxxps://
www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "hxxps://
www.seznam.cz/?clid=22668"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Plugin: (Native Client) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => No File
CHR Plugin: (Skype Toolbars) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll => No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Desktop) - C:\Users\Reichlovi\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll => No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Reichlovi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File
CHR Plugin: (Google Update) - C:\Users\Reichlovi\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default [2016-08-02]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-04-07]
CHR Extension: (Avast Online Security) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-07]
CHR Profile: C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-05-21]
CHR Extension: (Prezentace Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-08]
CHR Extension: (Quick Searcher) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\acoiihnnfofnpbnofdcgcapbjlcopifa [2016-05-09]
CHR Extension: (Dokumenty Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-08]
CHR Extension: (Disk Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-18]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-07-09]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-07-09]
CHR Extension: (YouTube) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-08]
CHR Extension: (Tabulky Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-08]
CHR Extension: (Avast Online Security) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-07-09]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR Extension: (Gmail) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-08]
CHR Profile: C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-05-21]
CHR Extension: (Prezentace Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-27]
CHR Extension: (Quick Searcher) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\acoiihnnfofnpbnofdcgcapbjlcopifa [2016-05-09]
CHR Extension: (Dokumenty Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-27]
CHR Extension: (Disk Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-27]
CHR Extension: (YouTube) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-28]
CHR Extension: (Tabulky Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-27]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-09-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-15]
CHR Extension: (Avast Online Security) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-28]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR Extension: (Gmail) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-27]
CHR Profile: C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3 [2016-05-21]
CHR Extension: (Prezentace Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-15]
CHR Extension: (Quick Searcher) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\acoiihnnfofnpbnofdcgcapbjlcopifa [2016-05-09]
CHR Extension: (Dokumenty Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-15]
CHR Extension: (Disk Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-15]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-09-15]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-09-15]
CHR Extension: (YouTube) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-15]
CHR Extension: (Tabulky Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-15]
CHR Extension: (Avast Online Security) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-15]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-09-15]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR Extension: (Gmail) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-15]
CHR Profile: C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\System Profile [2016-05-21]
CHR Extension: (Quick Searcher) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\acoiihnnfofnpbnofdcgcapbjlcopifa [2016-05-09]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-13]
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\REICHL~1\AppData\Local\Temp\ccex.crx <not found>
StartMenuInternet: Google Chrome - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-15] (AVAST Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-04-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-08] (BlueStack Systems, Inc.)
S2 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [433688 2016-04-08] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [921112 2016-04-08] (BlueStack Systems, Inc.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe [76616 2016-06-20] (Google Inc.)
S2 Crypkey License; C:\Windows\SysWOW64\crypserv.exe [52224 2000-06-29] (Kenonic Controls Ltd.) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-06-07] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2015-06-07] ()
R2 ScReadSpool; C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe [184320 2006-11-02] (VoyagerSoft, LLC) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-10-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-10-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-10-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-10-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-10-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-10-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-10-02] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-10-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-10-02] (AVAST Software)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-04-08] (BlueStack Systems)
R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-04-06] (Bluestack System Inc. )
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-07-21] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2014-12-24] (ITE )
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-02] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S1 NetworkX; C:\Windows\SysWOW64\ckldrv.sys [24608 2000-02-03] () [File not signed]
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [28624 2016-07-08] () [File not signed]
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-02 12:09 - 2016-10-02 12:13 - 00036048 _____ C:\Users\Reichlovi\Desktop\FRST.txt
2016-10-02 12:03 - 2016-10-02 12:06 - 00112640 _____ (forum.viry.cz) C:\Users\Reichlovi\Desktop\FRSTLauncher.exe
2016-10-02 12:01 - 2016-10-02 12:01 - 02404352 _____ (Farbar) C:\Users\Reichlovi\Desktop\FRST64.exe
2016-10-02 10:21 - 2016-08-13 00:48 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswAD21.tmp
2016-10-02 10:21 - 2016-03-09 21:25 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9132.tmp
2016-10-02 10:21 - 2016-03-09 21:25 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA023.tmp
2016-10-02 10:21 - 2016-02-23 19:22 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswAB1D.tmp
2016-10-02 10:21 - 2016-02-13 09:24 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswB0E9.tmp
2016-10-02 10:21 - 2016-02-13 09:24 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9900.tmp
2016-10-02 10:21 - 2016-02-13 09:24 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA5FE.tmp
2016-10-02 10:21 - 2016-02-13 09:24 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9D55.tmp
2016-10-02 10:21 - 2013-03-07 01:33 - 00022600 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8A10.tmp
2016-10-02 10:16 - 2016-10-02 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-10-02 10:16 - 2016-10-02 10:16 - 00000000 ____D C:\Program Files\7-Zip
2016-10-02 10:15 - 2016-10-02 10:16 - 01381179 _____ (Igor Pavlov) C:\Users\Reichlovi\Downloads\7z1603-x64.exe
2016-10-02 10:11 - 2016-10-02 10:11 - 01381179 _____ (Igor Pavlov) C:\Users\Reichlovi\Downloads\7z1603-x64.exe.part
2016-10-02 10:00 - 2016-10-02 09:54 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-10-02 09:56 - 2016-10-02 10:08 - 3004727059 _____ C:\Users\Reichlovi\Downloads\zasilka-KZXS7HUIAXA5H5FP.zip
2016-10-02 09:45 - 2016-10-02 09:45 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-09-08 07:21 - 2016-10-02 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-02 12:13 - 2011-12-25 17:18 - 00000000 ____D C:\Users\Reichlovi\AppData\Roaming\BitTorrent
2016-10-02 12:09 - 2014-07-09 19:31 - 00000000 ____D C:\FRST
2016-10-02 10:44 - 2016-09-01 20:16 - 00000000 ____D C:\Users\Reichlovi\AppData\LocalLow\BitTorrent
2016-10-02 10:34 - 2011-12-24 20:44 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-10-02 10:34 - 2011-12-24 20:44 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-10-02 10:33 - 2012-07-04 21:18 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-10-02 09:54 - 2014-04-22 17:43 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-10-02 09:54 - 2014-01-01 15:27 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-10-02 09:54 - 2013-03-02 20:31 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-10-02 09:54 - 2013-03-02 20:31 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-10-02 09:54 - 2011-12-24 20:44 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.147539729794410
2016-10-02 09:54 - 2011-12-24 20:44 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-10-02 09:54 - 2011-12-24 20:44 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-02 09:53 - 2012-02-25 11:36 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-10-02 09:43 - 2013-03-02 20:31 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-10-02 09:43 - 2011-12-24 20:44 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.147539729156307
2016-10-02 09:43 - 2011-12-24 20:44 - 00000000 ____D C:\Program Files\AVAST Software
2016-10-02 09:30 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-02 09:30 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-02 09:14 - 2016-08-14 21:21 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-02 09:13 - 2012-05-05 13:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-02 09:12 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-11 13:19 - 2015-09-20 20:16 - 00000000 ____D C:\Users\Reichlovi\AppData\Roaming\ViberPC
2016-09-08 06:13 - 2012-02-29 19:24 - 00000000 ____D C:\ProgramData\Skype
2016-09-08 06:02 - 2011-02-19 07:36 - 00684126 _____ C:\Windows\system32\perfh005.dat
2016-09-08 06:02 - 2011-02-19 07:36 - 00147216 _____ C:\Windows\system32\perfc005.dat
2016-09-08 06:02 - 2009-07-14 07:13 - 01623974 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-08 06:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-08 06:00 - 2012-02-29 19:25 - 00000000 ____D C:\Users\Reichlovi\AppData\Roaming\Skype
==================== Files in the root of some directories =======
2012-07-13 11:50 - 2012-07-13 11:50 - 4024320 _____ () C:\Program Files (x86)\GUT70AD.tmp
2012-01-03 21:15 - 2012-01-03 21:15 - 0000132 _____ () C:\Users\Reichlovi\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2012-02-15 20:47 - 2015-11-17 12:28 - 0000132 _____ () C:\Users\Reichlovi\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2012-07-20 20:02 - 2012-08-25 23:56 - 0000000 _____ () C:\Users\Reichlovi\AppData\Roaming\FileIn.cns
2012-07-20 20:02 - 2012-08-25 23:56 - 0000000 _____ () C:\Users\Reichlovi\AppData\Roaming\FileOut.cns
2014-10-07 21:27 - 2014-10-07 21:27 - 0000048 _____ () C:\Users\Reichlovi\AppData\Roaming\guid.ini
2014-06-26 09:05 - 2014-06-26 09:05 - 0000268 ___RH () C:\Users\Reichlovi\AppData\Roaming\Guides
2014-06-26 09:07 - 2014-06-26 09:07 - 0000268 ___RH () C:\Users\Reichlovi\AppData\Roaming\Guitar
2014-06-26 09:05 - 2014-06-26 09:05 - 0000268 ___RH () C:\Users\Reichlovi\AppData\Roaming\Guitars
2014-06-26 09:02 - 2014-06-26 09:02 - 0000268 ___RH () C:\Users\Reichlovi\AppData\Roaming\Hybrid Chords
2014-02-13 11:05 - 2014-02-13 11:42 - 0099384 _____ () C:\Users\Reichlovi\AppData\Roaming\inst.exe
2015-06-25 01:13 - 2015-06-25 01:13 - 0000343 _____ () C:\Users\Reichlovi\AppData\Roaming\mplex-log.log
2014-02-13 11:05 - 2014-02-13 11:42 - 0007859 _____ () C:\Users\Reichlovi\AppData\Roaming\pcouffin.cat
2014-02-13 11:05 - 2014-02-13 11:42 - 0001167 _____ () C:\Users\Reichlovi\AppData\Roaming\pcouffin.inf
2014-02-13 11:05 - 2014-02-13 11:42 - 0000055 _____ () C:\Users\Reichlovi\AppData\Roaming\pcouffin.log
2014-02-13 11:05 - 2014-02-13 11:42 - 0082816 _____ (VSO Software) C:\Users\Reichlovi\AppData\Roaming\pcouffin.sys
2012-04-27 22:50 - 2012-04-27 22:53 - 0000272 _____ () C:\Users\Reichlovi\AppData\Local\custom_colors.cfg
2012-09-11 16:29 - 2015-10-18 14:56 - 0009216 _____ () C:\Users\Reichlovi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-25 21:26 - 2016-06-05 12:24 - 0007596 _____ () C:\Users\Reichlovi\AppData\Local\Resmon.ResmonCfg
2014-07-31 12:34 - 2014-07-31 12:34 - 0000000 _____ () C:\Users\Reichlovi\AppData\Local\{C3AB7AE0-D472-42BB-AFD2-55554DEE0BBC}
2015-06-23 18:40 - 2015-06-23 18:40 - 0004128 _____ () C:\ProgramData\bqeojehc.wbx
2011-04-01 11:21 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2014-06-26 09:05 - 2014-06-26 09:05 - 0000268 ___RH () C:\ProgramData\Halftone
2014-06-26 09:07 - 2014-06-26 09:07 - 0000268 ___RH () C:\ProgramData\Help
2014-06-26 09:05 - 2014-06-26 09:05 - 0000268 ___RH () C:\ProgramData\Helper Scripts
2014-06-26 09:02 - 2014-06-26 09:02 - 0000268 ___RH () C:\ProgramData\Image Capture
2014-01-28 23:04 - 2016-07-31 09:05 - 0019873 _____ () C:\ProgramData\LmeUSB.log
2014-01-28 23:04 - 2016-07-31 09:05 - 0019479 _____ () C:\ProgramData\LmeZJSW.log
2014-01-29 16:12 - 2016-07-31 09:05 - 0019428 _____ () C:\ProgramData\LSDmbTH.log
2014-06-26 09:02 - 2014-06-26 09:02 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-06-26 09:07 - 2014-06-26 09:07 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-06-26 09:05 - 2014-06-26 09:17 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-06-26 09:05 - 2014-06-26 09:05 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2011-10-23 06:59 - 2011-10-23 07:00 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-10-23 06:59 - 2011-10-23 06:59 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
Multiple Image Resizer .NET 4 (HKLM-x32\...\Multiple Image Resizer .NET 4) (Version: 4.0.0.3 - Acumen Business Systems Ltd)
Multiple Image Resizer .NET 4 (x32 Version: 4.0.0.3 - Acumen Business Systems Ltd) Hidden
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Reichlovi\Desktop" je 2375 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool
"C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON S22 Series
C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGEE.EXE /FU "C:\Windows\TEMP\E_S3F50.tmp" /EF "HKCU" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl
%ProgramFiles%\Elantech\ETDCtrl.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GetGoDM
C:\Users\Reichlovi\GetGo Download Manager\GetGo.exe /minimized: [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Photos Backup
"C:\Users\Reichlovi\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Reichlovi\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_4F20997116D7B4318C66A8D21250CAD8
"C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nuance PDF Reader-reminder
"C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE -startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trend Micro Titanium
C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut
"C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut
"C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber
"C:\Users\Reichlovi\AppData\Local\Viber\Viber.exe" StartMinimized [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VizorHtmlDialog.exe
"C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun
"C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxMoniter
"C:\Program Files (x86)\WebcamMax\wcmmon.exe" /a [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
"C:\Program Files (x86)\Winamp\winampa.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
"C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk
C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE /start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe -d [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MobileGo Service.lnk
C:\PROGRA~2\WONDER~1\MOBILE~1\MOBILE~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================