log FRST, (addition v prílohe):
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Alternativa (administrator) on PC-PC (28-03-2018 14:15:14)
Running from C:\Users\Alternativa\Desktop
Loaded Profiles: Alternativa (Available Profiles: PC & Alternativa)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\Alternativa\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2015-01-14] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ShadowPlay] => "C:\windows\system32\rundll32.exe" C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [ASUS TP Center (x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe [235488 2012-07-14] (AsusTek)
HKLM\...\Run: [ASUS Quick Gesture (x86)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [17376 2012-07-14] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUS Quick Gesture (x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [19424 2012-07-14] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-19] (ASUS)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2014-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-02-23] (ASUSTek Computer Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-720473701-4286339666-290851041-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3198752 2018-03-27] (Valve Corporation)
HKU\S-1-5-21-720473701-4286339666-290851041-1002\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-05-20] (NVIDIA Corporation)
AppInit_DLLs: ,C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177952 2016-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155768 2016-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [155768 2016-05-20] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{1C2FA7DC-D0A1-419A-89B8-A04D279CF579}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{580F81EA-D1D4-42B1-A5E4-DB4FB76F1B37}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-720473701-4286339666-290851041-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-720473701-4286339666-290851041-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-720473701-4286339666-290851041-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://
www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll [2012-07-14] (ASUSTeK Computer Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-18] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll [2012-07-14] (ASUSTeK Computer Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-18] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
FireFox:
========
FF DefaultProfile: l0i5civt.default-1452523124673-1515193756700
FF ProfilePath: C:\Users\Alternativa\AppData\Roaming\Mozilla\Firefox\Profiles\l0i5civt.default-1452523124673-1515193756700 [2018-03-28]
FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\Alternativa\AppData\Roaming\Mozilla\Firefox\Profiles\l0i5civt.default-1452523124673-1515193756700\features\{a49d678c-d9e0-4e0b-b409-4d58b897d48b}\
tls13-rollout-bug1442042@mozilla.org.xpi [2018-03-28] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [
smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-03-02] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [
msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKU\S-1-5-21-720473701-4286339666-290851041-1002\...\Firefox\Extensions: [
smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-13] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
Chrome:
=======
CHR HKU\S-1-5-21-720473701-4286339666-290851041-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [409128 2017-03-01] (EasyAntiCheat Ltd)
S3 GSService; C:\windows\SysWOW64\GSService.exe [444640 2014-07-28] ()
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-02-19] (Hi-Rez Studios) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-05-10] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-11] (Intel Corporation)
S3 mracsvc; C:\windows\System32\mracsvc.exe [8010968 2018-01-18] (LLC Mail.Ru)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [521064 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [521064 2018-01-10] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S3 NvStreamNetworkSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" [X]
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-01-31] (ASUSTek Computer Inc.)
U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 AsusVBus; C:\windows\System32\DRIVERS\AsusVBus.sys [35968 2012-07-14] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\windows\System32\DRIVERS\AsusVTouch.sys [19104 2012-07-14] (ASUS)
R3 ATP; C:\windows\System32\DRIVERS\AsusTP.sys [49824 2012-07-14] (ASUS Corporation)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R1 MpKsl21fdb3f4; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2F58C5C7-888A-4F83-8606-FDAF20380B64}\MpKsl21fdb3f4.sys [58120 2018-03-28] (Microsoft Corporation)
S3 mracdrv; C:\windows\System32\drivers\mracdrv.sys [7238880 2018-01-18] (LLC Mail.Ru)
S3 NisDrv; C:\windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [32104 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\System32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\DRIVERS\nvvhci.sys [59752 2018-01-10] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-28 14:15 - 2018-03-28 14:15 - 000020613 _____ C:\Users\Alternativa\Desktop\FRST.txt
2018-03-28 14:14 - 2018-03-28 14:15 - 000000000 ____D C:\FRST
2018-03-28 14:12 - 2018-03-28 14:12 - 000112640 _____ (forum.viry.cz) C:\Users\Alternativa\Desktop\FRSTLauncher.exe
2018-03-28 14:07 - 2018-03-28 14:07 - 002403328 _____ (Farbar) C:\Users\Alternativa\Desktop\FRST64.exe
2018-03-26 11:47 - 2018-03-26 12:15 - 000000451 _____ C:\Users\Alternativa\Desktop\bardon-chyby.txt
2018-03-22 13:44 - 2018-03-22 13:44 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\The Creative Assembly
2018-03-22 12:43 - 2018-03-22 12:43 - 000000000 ____D C:\ProgramData\Wargaming.net
2018-03-17 14:10 - 2018-03-17 14:10 - 000478078 _____ C:\Users\Alternativa\Documents\RD_Ilcik_dispozice.pdf
2018-03-13 18:36 - 2018-03-13 18:36 - 000004534 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-08 11:24 - 2018-03-08 11:24 - 000003814 _____ C:\windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:24 - 2018-03-08 11:24 - 000003798 _____ C:\windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:23 - 2018-03-08 11:23 - 000004146 _____ C:\windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-03-08 11:22 - 000003738 _____ C:\windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-03-08 11:22 - 000003738 _____ C:\windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-03-08 11:22 - 000003730 _____ C:\windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-03-08 11:22 - 000003554 _____ C:\windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-03-08 11:22 - 000003494 _____ C:\windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-08 11:22 - 2018-01-10 16:05 - 000059752 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvhci.sys
2018-03-08 11:22 - 2018-01-10 11:41 - 000001951 _____ C:\windows\NvTelemetryContainerRecovery.bat
2018-03-08 11:22 - 2017-12-15 04:03 - 000059240 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2018-03-08 11:22 - 2017-12-13 21:25 - 000001951 _____ C:\windows\NvContainerRecovery.bat
2018-03-06 22:30 - 2018-03-06 22:30 - 000000000 ____D C:\Users\Alternativa\ansel
2018-03-05 21:18 - 2018-03-07 23:51 - 000000000 ____D C:\ProgramData\ASUS
2018-03-05 21:18 - 2018-03-05 21:18 - 000000000 ____D C:\Users\Alternativa\Documents\ASUS
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-28 13:07 - 2016-11-16 17:16 - 000000000 ____D C:\Users\Alternativa\AppData\LocalLow\Mozilla
2018-03-28 12:48 - 2009-07-14 06:45 - 000018512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-28 12:48 - 2009-07-14 06:45 - 000018512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-28 12:40 - 2016-10-07 18:12 - 000000000 ____D C:\Program Files (x86)\Steam
2018-03-28 12:40 - 2009-07-14 04:34 - 000000545 _____ C:\windows\win.ini
2018-03-28 12:39 - 2015-06-27 14:31 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-28 12:39 - 2015-03-06 22:28 - 000000380 _____ C:\Users\Alternativa\AppData\Roaming\sp_data.sys
2018-03-28 09:51 - 2011-02-19 07:36 - 000668792 _____ C:\windows\system32\perfh005.dat
2018-03-28 09:51 - 2011-02-19 07:36 - 000141420 _____ C:\windows\system32\perfc005.dat
2018-03-28 09:51 - 2009-07-14 07:13 - 001583226 _____ C:\windows\system32\PerfStringBackup.INI
2018-03-28 09:51 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2018-03-28 09:46 - 2016-10-07 21:31 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-03-28 09:45 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-03-26 23:18 - 2016-11-16 16:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-26 23:18 - 2015-01-14 15:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-26 23:16 - 2017-09-03 16:50 - 000000000 ____D C:\AdwCleaner
2018-03-25 22:01 - 2015-06-06 19:38 - 000000000 ____D C:\Users\Alternativa\AppData\Local\NVIDIA
2018-03-25 21:59 - 2015-03-06 22:28 - 000000000 ____D C:\Users\Alternativa
2018-03-25 21:14 - 2016-12-10 17:05 - 000007597 _____ C:\Users\Alternativa\AppData\Local\resmon.resmoncfg
2018-03-25 20:58 - 2016-05-28 12:02 - 000000000 ____D C:\windows\SysWOW64\NV
2018-03-25 20:58 - 2016-05-28 12:02 - 000000000 ____D C:\windows\system32\NV
2018-03-25 20:58 - 2015-01-07 20:57 - 000000000 ___HD C:\windows\system32\WLANProfiles
2018-03-25 20:58 - 2015-01-07 13:02 - 000000000 ____D C:\Users\PC
2018-03-25 20:57 - 2015-06-06 19:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-03-25 20:57 - 2015-01-07 21:01 - 000000000 ____D C:\ProgramData\P4G
2018-03-25 20:57 - 2015-01-07 20:49 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-03-25 20:57 - 2015-01-07 20:49 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-03-25 20:57 - 2009-07-14 05:20 - 000000000 ____D C:\windows\Help
2018-03-25 20:57 - 2009-07-14 05:20 - 000000000 ____D C:\windows\AppCompat
2018-03-25 20:55 - 2009-07-14 05:20 - 000000000 ____D C:\windows\registration
2018-03-25 20:53 - 2015-01-07 20:49 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-25 20:33 - 2017-10-13 20:05 - 000000000 ____D C:\Users\Alternativa\AppData\Local\CrashDumps
2018-03-23 12:32 - 2016-11-19 19:08 - 000000000 ____D C:\Users\Alternativa\Documents\Elder Scrolls Online
2018-03-23 10:58 - 2016-03-02 16:50 - 000000000 ____D C:\Users\Alternativa\Documents\Moje naskenované obrázky
2018-03-22 13:44 - 2017-08-01 20:48 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\EasyAntiCheat
2018-03-22 12:46 - 2015-06-06 19:21 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-03-22 12:45 - 2015-11-16 18:20 - 000000000 ____D C:\Games
2018-03-21 12:05 - 2017-12-09 23:19 - 000044984 _____ C:\Users\Alternativa\Desktop\epd.xlsx
2018-03-20 16:12 - 2016-11-26 12:22 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla
2018-03-19 17:40 - 2015-01-07 13:02 - 000000380 _____ C:\Users\PC\AppData\Roaming\sp_data.sys
2018-03-16 15:29 - 2009-07-14 05:20 - 000000000 ____D C:\windows\system32\NDF
2018-03-15 22:20 - 2016-04-12 22:55 - 000000000 ____D C:\Users\Alternativa\Desktop\Favi
2018-03-13 19:28 - 2015-03-07 11:34 - 000004087 _____ C:\Users\Alternativa\Desktop\citaty.txt
2018-03-13 18:36 - 2013-02-23 09:37 - 000804352 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-03-13 18:36 - 2013-02-23 09:37 - 000144896 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-13 18:36 - 2013-02-23 09:37 - 000004312 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-03-13 18:36 - 2013-02-23 09:37 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-03-13 18:36 - 2013-02-23 09:37 - 000000000 ____D C:\windows\system32\Macromed
2018-03-10 06:30 - 2015-06-11 10:00 - 000000000 ____D C:\Users\PC\AppData\Local\NVIDIA Corporation
2018-03-08 19:22 - 2013-02-23 09:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2018-03-08 19:22 - 2013-02-23 09:45 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-03-08 18:16 - 2015-01-07 21:01 - 000002075 _____ C:\windows\system32\ServiceFilter.ini
2018-03-08 00:04 - 2015-01-14 18:13 - 000000000 ____D C:\Program Files\Elantech
2018-03-08 00:02 - 2016-11-19 18:30 - 000000000 ____D C:\windows\jre
2018-03-08 00:01 - 2016-11-19 18:30 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online
2018-03-08 00:01 - 2015-05-09 22:28 - 000000000 ____D C:\Users\Alternativa\AppData\Local\Activision
2018-03-08 00:00 - 2015-01-07 20:45 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-03-08 00:00 - 2015-01-07 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2018-03-08 00:00 - 2015-01-07 12:15 - 000000000 ____D C:\Program Files (x86)\CyberLink
2018-03-08 00:00 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-03-07 23:51 - 2015-03-06 22:28 - 000000000 ____D C:\Users\Alternativa\AppData\Local\ASUS
2018-03-07 23:50 - 2016-05-28 12:02 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-03-07 23:19 - 2015-01-07 12:15 - 000000000 ____D C:\ProgramData\Temp
2018-03-07 22:17 - 2015-06-06 19:38 - 000000000 ____D C:\Users\Alternativa\AppData\Local\NVIDIA Corporation
2018-03-07 11:30 - 2017-09-20 21:07 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\MPC-HC
2018-03-06 22:47 - 2017-09-03 12:14 - 000000000 ____D C:\Users\Alternativa\AppData\Local\Google
2018-03-06 22:45 - 2017-09-03 12:14 - 000000000 ____D C:\Program Files (x86)\Google
2018-03-06 18:51 - 2015-12-20 19:01 - 000000000 ____D C:\Users\Alternativa\AppData\Roaming\NVIDIA
2018-02-27 09:43 - 2015-06-23 09:43 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
==================== Files in the root of some directories =======
2009-07-29 07:21 - 2009-07-28 20:31 - 000000223 _____ () C:\ProgramData\setwallpaper.cmd
2017-03-19 02:28 - 2017-09-03 08:50 - 000000097 _____ () C:\Users\Alternativa\AppData\Roaming\LauncherSettings_live.cfg
2015-03-06 22:28 - 2018-03-28 12:39 - 000000380 _____ () C:\Users\Alternativa\AppData\Roaming\sp_data.sys
2017-03-19 02:43 - 2017-08-06 08:35 - 000000042 _____ () C:\Users\Alternativa\AppData\Roaming\TheHunterSettings_steam_live.cfg
2016-12-10 17:05 - 2018-03-25 21:14 - 000007597 _____ () C:\Users\Alternativa\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
2004-11-18 23:25 - 2004-11-18 23:25 - 000684032 _____ (Electronic Arts Inc.) C:\Users\Alternativa\AppData\Local\Temp\AutoRun.exe
2018-01-20 16:45 - 2004-11-14 17:08 - 000929792 _____ (Electronic Arts Inc.) C:\Users\Alternativa\AppData\Local\Temp\AutoRunGUI.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-03-20 12:45
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:300 GB) (Free:38.18 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:373.54 GB) (Free:91.31 GB) NTFS
\\?\Volume{1d57df01-969c-11e4-810e-806e6f6e6963}\ (System) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
Available physical RAM: 2809.62 MB
Total physical RAM: 6029.48 MB
Percentage of memory in use: 53%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 74963475)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=100 MB) - (Type=27)
Partition 3: (Not Active) - (Size=300 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=373.5 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Alternativa\Desktop" je 97161 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Alternativa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GTProtector.asi.upk
C:\Users\Alternativa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GTProtector.asi.upk [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Alternativa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GTProtector.dll.upk
C:\Users\Alternativa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GTProtector.dll.upk [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Alternativa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^reload.vbs
C:\Users\Alternativa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\reload.vbs [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Vyskusaj spustit kontrolu integrity systemovych suborov: