Po reštarte nechce nabehnúť OS

Zpráva

kroenen2 · #1 Příspěvek od **kroenen2** » 14 bře 2014 09:41

Ahoj,

NB po reštarte hneď pýtal Startup Repair (vraj "Windows sa nesprávne vypol", ale pritom vypol sa bez problémov), dal som Normálne spustiť, Win dlho nabiehal a nakoniec sa opäť reštartol pc a znova to isté. Ak som dal Repair, tak sa mu nepodarilo opraviť. Potom ale zrazu nabehol, ako keby sa nič nestalo a ani žiadnu hlášku nevypísal.
Myslel by som, že sa chyba sama opravila, lenže toto sa mi stalo už asi 4x za posledných 12h, raz dokonca aj bluescreen.

Neviete mi poradiť? Mám ho preskenovať niečím?
Ďakujem

#2 Příspěvek od **Rudy** » 14 bře 2014 17:42

Zdravím!
Otevřte adresář windows\minidump, jeho obsah zabalte do raru a přiložte k vašemu příštímu postu.

kroenen2 · #3 Příspěvek od **kroenen2** » 17 bře 2014 00:56

Adresár minidump je prázdny

#4 Příspěvek od **Rudy** » 17 bře 2014 17:14

Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes úpravy>kopírovat sem dejte log.

kroenen2 · #5 Příspěvek od **kroenen2** » 18 bře 2014 09:00

----------------------------------------------------------------------------
CrystalDiskInfo 6.1.0 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2014/03/18 9:03:15

-- Controller Map ----------------------------------------------------------
+ Intel(R) 5 Series 4 Port SATA AHCI Controller [ATA]
- WDC WD6400BEVT-22A0RT0
- TSSTcorp CDDVDW TS-U633F
+ A2QVGTXI IDE Controller [SCSI]
- BQR XIN8TAR8D SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD6400BEVT-22A0RT0 : 640,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD6400BEVT-22A0RT0
----------------------------------------------------------------------------
Model : WDC WD6400BEVT-22A0RT0
Firmware : 01.01A01
Serial Number : WD-WXA1A20J3491
Disk Size : 640,1 GB (8,4/137,4/640,1/640,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1250263728
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 14250 hours
Power On Count : 3859 count
Temparature : 32 C (89 F)
Health Status : Good
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Read Error Rate
03 187 150 _21 000000000669 Spin-Up Time
04 _22 _22 __0 000000013396 Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 100 253 __0 000000000000 Seek Error Rate
09 _81 _81 __0 0000000037AA Power-On Hours
0A 100 100 _51 000000000000 Spin Retry Count
0B 100 100 __0 000000000000 Recalibration Retries
0C _97 _97 __0 000000000F13 Power Cycle Count
BF __1 __1 __0 000000000AE7 G-Sense Error Rate
C0 200 200 __0 000000000087 Power-off Retract Count
C1 __1 __1 __0 0000001D1A92 Load/Unload Cycle Count
C2 115 _97 __0 000000000020 Temperature
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 100 253 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 253 _51 000000000000 Write Error Rate

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4131 4132 304A 3334 3931
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3634 3030 4245 5654 2D32 3241 3052 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 004C
080: 01FE 0000 746B 7F09 6163 7469 BC09 6163 407F 0051
090: 0051 0060 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 82B0 4A85 0000 0000 0000 0000 0000 0000 5001 4EE6
110: AAAE A3C4 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 16D3 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 BCA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 BB 96 69 06 00 00 00 00 00 04 32 00 16 16 96
020: 33 01 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 51 51 AA 37 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 61 61 13 0F 00 00 00 00 00 BF 32
070: 00 01 01 E7 0A 00 00 00 00 00 C0 32 00 C8 C8 87
080: 00 00 00 00 00 00 C1 32 00 01 01 92 1A 1D 00 00
090: 00 00 C2 22 00 73 61 20 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 58 3E 01 7B
170: 03 00 01 00 02 B9 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 57

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 33
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E8

#6 Příspěvek od **Rudy** » 18 bře 2014 18:47

Disk je OK. Zkuste otestovat RAM: http://forum.viry.cz/viewtopic.php?f=53&t=106788 .

kroenen2 · #7 Příspěvek od **kroenen2** » 19 bře 2014 11:44

Píše, že RAM je v poriadku.
Zatial mi ten pôvodný problém síce nenastal, ale veľmi dlho sa spúšťa do Login obrazovky - čierna obrazovka niekedy aj minutu - ako keby sa to malo stať, ale teda Windows tentoraz nabehne.

#8 Příspěvek od **Rudy** » 19 bře 2014 17:29

Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

kroenen2 · #9 Příspěvek od **kroenen2** » 23 bře 2014 10:41

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by kroenen2 (administrator) on KROENEN-X on 23-03-2014 10:41:33
Running from C:\Users\kroenen2\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: 041B
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EMP NS Connection V2\EMP_NSWLSV.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
() C:\Program Files (x86)\RDM+\rdmpserv.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(SHAPE) C:\Program Files (x86)\RDM+\rdmpserv_cpanel.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Thomas Ascher) C:\Program Files (x86)\ATnotes\ATnotes.exe
(Banamalon) C:\Program Files (x86)\Banamalon\Windows Remote Service\WindowsRemoteService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IntelliBreeze Software) C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(forum.viry.cz) C:\Users\kroenen2\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10081312 2010-02-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [877600 2010-02-22] (Realtek Semiconductor)
HKLM\...\Run: [ODDPwr] - C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [222240 2010-02-05] (Acer Incorporated)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-01-13] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2010-02-03] (Acer Incorporated)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2735400 2011-03-31] (Synaptics Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1289296 2010-02-25] (Dritek System Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [384800 2012-10-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-3442384890-2106110916-969474727-1000\...\Run: [RocketDock] - C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3442384890-2106110916-969474727-1000\...\Run: [ATnotes.exe] - C:\Program Files (x86)\ATnotes\ATnotes.exe [1015808 2005-01-05] (Thomas Ascher)
HKU\S-1-5-21-3442384890-2106110916-969474727-1000\...\Run: [Windows Remote Service] - C:\Program Files (x86)\Banamalon\Windows Remote Service\WindowsRemoteService.exe [145920 2012-11-12] (Banamalon)
HKU\S-1-5-21-3442384890-2106110916-969474727-1000\...\Run: [GmailNotifierPro] - C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe [2827072 2014-01-18] (IntelliBreeze Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mhotspot.com/search.html
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {94492ADC-026A-46B3-AAF2-E8E22103496A} URL = http://www.tangosearch.com/?q={searchTerms}&a=SEARCH
SearchScopes: HKCU - {1B302FEF-4F0F-4AC1-8C23-8A96D79F4A53} URL = http://www.queryscan.com/?prt=QryscanNN ... earchTerms}
SearchScopes: HKCU - {94492ADC-026A-46B3-AAF2-E8E22103496A} URL = http://www.tangosearch.com/?q={searchTerms}&a=SEARCH
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {13A02CD8-3F9E-4833-A3EE-5852B5E7B717} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

FireFox:
========
FF ProfilePath: C:\Users\kroenen2\AppData\Roaming\Mozilla\Firefox\Profiles\sbr4t8rr.default
FF Homepage: google.sk
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 - C:\Users\kroenen2\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Users\kroenen2\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Adblock Plus - C:\Users\kroenen2\AppData\Roaming\Mozilla\Firefox\Profiles\sbr4t8rr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-06]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Octoshape Streaming Services) - C:\Users\kroenen2\AppData\Roaming\Mozilla\plugins\npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\kroenen2\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (QR kód) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm [2013-11-30]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2013-06-07]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2013-06-07]
CHR Extension: (Angry Birds) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-06-07]
CHR Extension: (Dokumenty Google) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-07]
CHR Extension: (Disk Google) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-07]
CHR Extension: (Turn Off the Lights) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-06-07]
CHR Extension: (Browser To Phone) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgmhcfmipjjciolmfonkjnhpbnfniahh [2014-02-07]
CHR Extension: (YouTube) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-07]
CHR Extension: (Hľadať v Google) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-07]
CHR Extension: (Marlies Dekkers) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm [2013-06-07]
CHR Extension: (AdBlock) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-06-07]
CHR Extension: (Wolfram|Alpha (Official)) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\icncamkooinmbehmkeilcccmoljfkdhp [2013-06-07]
CHR Extension: (The Great Suspender) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2013-10-01]
CHR Extension: (Google Play) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2013-06-07]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2013-06-07]
CHR Extension: (ImageShack-Clickberry Extension) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoheopifiepihlmifonnknocnlfapgc [2013-12-12]
CHR Extension: (Plants vs Zombies) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2013-06-07]
CHR Extension: (ClipConverter) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\njjjgjlocdhecpgdcfjblcnfebfnmhpp [2013-06-08]
CHR Extension: (Edge: The Web Ruler) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\njlkegdphefeellhaongiopcfgcinikh [2013-11-30]
CHR Extension: (Peňaženka Google) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (CSFD Vyhľadávanie & Rozšírenia) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhejngpnlkejplknjeligcfnegimip [2013-06-07]
CHR Extension: (Psykopaint) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2013-06-07]
CHR Extension: (Facebook Themes (Facebook Theme Gallery)) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\phejagnmddcjhjblnacgmejghffmhjfp [2013-06-07]
CHR Extension: (Gmail) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-08-14]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84256 2012-10-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108320 2012-10-16] (Avira Operations GmbH & Co. KG)
R2 EMP_NSWLSV; C:\Program Files (x86)\EPSON Projector\EMP NS Connection V2\EMP_NSWLSV.exe [98304 2008-11-10] (SEIKO EPSON CORPORATION)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-02-03] (Acer Incorporated)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [171040 2010-02-05] (Acer Incorporated)
R2 RDMPLocalService; C:\Program Files (x86)\RDM+\rdmpserv.exe [1083904 2012-06-24] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
S3 wxpSvc; C:\Program Files (x86)\webcamXP 5\wService.exe [5404472 2012-03-26] (Moonware Studios)
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [99248 2012-09-13] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [129216 2012-10-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27800 2012-09-24] (Avira Operations GmbH & Co. KG)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [35352 2013-09-28] (Connectify)
R3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [36432 2009-05-29] (DemoForge, LLC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2010-09-27] ()
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () <===== ATTENTION Necurs Rootkit?
S3 ZSMC211; C:\Windows\System32\Drivers\ZS211.sys [1493120 2007-06-13] (ZSMC.Corporation)
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [146928 2010-04-02] (CyberLink Corp.)
U3 ad8z8mle; C:\Windows\System32\Drivers\ad8z8mle.sys [0 ] (Microsoft Corporation)
S2 AODDriver4.1; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-23 10:41 - 2014-03-23 10:41 - 00022045 _____ () C:\Users\kroenen2\Desktop\FRST.txt
2014-03-23 10:41 - 2014-03-23 10:41 - 00000000 ____D () C:\FRST
2014-03-22 08:41 - 2014-03-22 08:41 - 00000058 _____ () C:\Users\kroenen2\Desktop\Ečka.txt
2014-03-21 09:25 - 2014-03-21 09:27 - 00112640 _____ (forum.viry.cz) C:\Users\kroenen2\Desktop\FRSTLauncher.exe
2014-03-21 09:25 - 2014-03-21 09:25 - 02157056 _____ (Farbar) C:\Users\kroenen2\Desktop\FRST64.exe
2014-03-18 23:10 - 2013-08-23 14:57 - 00147334 _____ () C:\Users\kroenen2\Desktop\Memtest86+ USB Installer.exe
2014-03-18 23:06 - 2014-03-18 23:06 - 00121069 _____ () C:\Users\kroenen2\Desktop\memtest86+-5.01.usb.installer.zip
2014-03-18 23:04 - 2014-03-18 23:04 - 00059435 _____ () C:\Users\kroenen2\Desktop\memtest86+-5.01.iso.zip
2014-03-18 08:44 - 2014-03-18 08:56 - 00000000 ____D () C:\Program Files (x86)\CrystalDiskInfo
2014-03-18 08:44 - 2014-03-18 08:44 - 00001187 _____ () C:\Users\kroenen2\Desktop\CrystalDiskInfo.lnk
2014-03-16 21:52 - 2014-03-23 10:31 - 00000000 ____D () C:\Users\kroenen2\AppData\Roaming\GmailNotifierPro
2014-03-16 21:52 - 2014-03-16 21:52 - 00000000 ____D () C:\Users\kroenen2\AppData\Local\GmailNotifierPro
2014-03-16 21:51 - 2014-03-21 17:09 - 00000000 ____D () C:\Program Files (x86)\Gmail Notifier Pro
2014-03-16 21:51 - 2014-03-16 21:51 - 00000000 ____D () C:\Users\kroenen2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gmail Notifier Pro
2014-03-16 19:21 - 2014-03-16 19:21 - 00001654 _____ () C:\Users\kroenen2\Desktop\rozvrh_v6.png - odkaz.lnk
2014-03-14 09:51 - 2014-03-14 09:51 - 07696384 _____ () C:\Users\kroenen2\Desktop\GmailNotifierPro.msi
2014-03-13 09:15 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 09:15 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 09:15 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 09:15 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 09:15 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 09:15 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 09:15 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 09:15 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 09:15 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 09:15 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 09:15 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 09:15 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 09:15 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 09:15 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 09:15 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 09:15 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 09:15 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 09:15 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 09:15 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 09:15 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 09:15 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 09:15 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 09:15 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 09:15 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 09:15 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 09:15 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 09:15 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 09:15 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 09:15 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 09:15 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 09:15 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 09:15 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 09:15 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 09:15 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 09:15 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 09:15 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 09:15 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 09:15 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 09:15 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 09:15 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 09:15 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 09:15 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 09:15 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 09:15 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 09:15 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 16:42 - 2014-03-15 02:54 - 00013826 _____ () C:\Users\kroenen2\Documents\TombRaider.log
2014-03-12 16:36 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-03-12 16:36 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-03-12 16:36 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-03-12 16:36 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-03-12 16:36 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-03-12 16:36 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-03-12 16:29 - 2014-03-12 16:29 - 00002094 _____ () C:\Users\Public\Desktop\Tombraider.lnk
2014-03-12 16:07 - 2014-03-12 16:07 - 00000000 ____D () C:\Program Files (x86)\SQUARE ENIX
2014-03-09 20:34 - 2014-03-09 20:34 - 00000000 ____D () C:\Users\kroenen2\Desktop\cvika
2014-03-07 20:14 - 2014-03-07 20:14 - 00138056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl100.dll
2014-03-07 20:13 - 2014-02-13 17:56 - 00019392 _____ (Dll-Files.com) C:\Windows\system32\roboot64.exe
2014-03-07 20:11 - 2014-03-07 20:11 - 00000000 ____D () C:\Users\kroenen2\Documents\Nero
2014-03-07 20:09 - 2009-09-14 19:05 - 01762608 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagx7.dll
2014-03-07 20:09 - 2009-09-14 19:05 - 00808240 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagxra7.dll
2014-03-07 20:09 - 2009-09-14 19:05 - 00263472 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagxr7.dll
2014-03-07 20:09 - 2009-09-14 19:04 - 00497296 ____R (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagxpr7.dll
2014-03-07 11:40 - 2014-03-07 11:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-06 20:53 - 2014-03-06 20:34 - 00000124 _____ () C:\Users\kroenen2\Documents\indexfile.txt
2014-03-06 20:51 - 2014-03-09 20:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-27 23:59 - 2014-02-27 23:59 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-26 22:46 - 2014-02-26 22:46 - 00000655 _____ () C:\Users\kroenen2\Desktop\XAMPP Control Panel.lnk
2014-02-26 22:46 - 2014-02-26 22:46 - 00000000 ____D () C:\Users\kroenen2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends
2014-02-23 13:10 - 2014-02-23 13:10 - 00000069 _____ () C:\Users\kroenen2\Desktop\Turbo 2013 Soundtrack - Турбо 2013 музыка, саундтрек! - YouTube.url
2014-02-21 19:48 - 2014-02-21 20:39 - 00000000 ____D () C:\Users\kroenen2\Desktop\old_music cold_war

==================== One Month Modified Files and Folders =======

2014-03-23 10:41 - 2014-03-23 10:41 - 00022045 _____ () C:\Users\kroenen2\Desktop\FRST.txt
2014-03-23 10:41 - 2014-03-23 10:41 - 00000000 ____D () C:\FRST
2014-03-23 10:31 - 2014-03-16 21:52 - 00000000 ____D () C:\Users\kroenen2\AppData\Roaming\GmailNotifierPro
2014-03-23 10:31 - 2013-02-11 12:43 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-23 10:31 - 2012-04-16 08:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-23 10:31 - 2010-04-26 23:09 - 01860662 _____ () C:\Windows\WindowsUpdate.log
2014-03-23 08:39 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-23 08:39 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-23 08:25 - 2014-02-10 16:52 - 00014898 _____ () C:\Windows\setupact.log
2014-03-22 23:57 - 2011-12-09 23:13 - 00000000 ____D () C:\Users\kroenen2\AppData\Roaming\vlc
2014-03-22 21:11 - 2010-10-08 10:57 - 00000000 ____D () C:\Users\kroenen2\AppData\Roaming\uTorrent
2014-03-22 08:41 - 2014-03-22 08:41 - 00000058 _____ () C:\Users\kroenen2\Desktop\Ečka.txt
2014-03-21 17:37 - 2013-03-07 10:25 - 00000000 ____D () C:\Users\kroenen2\Desktop\inspiration
2014-03-21 17:10 - 2009-07-14 06:13 - 00799560 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-21 17:09 - 2014-03-16 21:51 - 00000000 ____D () C:\Program Files (x86)\Gmail Notifier Pro
2014-03-21 17:09 - 2010-09-29 14:33 - 00000505 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-03-21 17:07 - 2012-09-02 13:34 - 00000000 ____D () C:\Users\kroenen2\AppData\Local\LogMeIn Hamachi
2014-03-21 17:06 - 2013-02-11 12:43 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-21 17:06 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-21 09:27 - 2014-03-21 09:25 - 00112640 _____ (forum.viry.cz) C:\Users\kroenen2\Desktop\FRSTLauncher.exe
2014-03-21 09:25 - 2014-03-21 09:25 - 02157056 _____ (Farbar) C:\Users\kroenen2\Desktop\FRST64.exe
2014-03-20 10:07 - 2013-08-11 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-20 03:00 - 2010-09-26 06:17 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-19 10:05 - 2013-03-12 23:20 - 00000000 ___RD () C:\Users\kroenen2\Disk Google
2014-03-18 23:06 - 2014-03-18 23:06 - 00121069 _____ () C:\Users\kroenen2\Desktop\memtest86+-5.01.usb.installer.zip
2014-03-18 23:04 - 2014-03-18 23:04 - 00059435 _____ () C:\Users\kroenen2\Desktop\memtest86+-5.01.iso.zip
2014-03-18 08:56 - 2014-03-18 08:44 - 00000000 ____D () C:\Program Files (x86)\CrystalDiskInfo
2014-03-18 08:44 - 2014-03-18 08:44 - 00001187 _____ () C:\Users\kroenen2\Desktop\CrystalDiskInfo.lnk
2014-03-16 22:05 - 2014-02-19 10:08 - 00000000 ____D () C:\Program Files\NetBeans 7.4
2014-03-16 21:52 - 2014-03-16 21:52 - 00000000 ____D () C:\Users\kroenen2\AppData\Local\GmailNotifierPro
2014-03-16 21:51 - 2014-03-16 21:51 - 00000000 ____D () C:\Users\kroenen2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gmail Notifier Pro
2014-03-16 19:21 - 2014-03-16 19:21 - 00001654 _____ () C:\Users\kroenen2\Desktop\rozvrh_v6.png - odkaz.lnk
2014-03-16 19:21 - 2013-09-06 22:42 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-03-16 19:21 - 2012-01-14 16:01 - 08355328 ___SH () C:\Users\kroenen2\Desktop\Thumbs.db
2014-03-16 01:34 - 2011-01-31 12:36 - 00000132 _____ () C:\Users\kroenen2\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2014-03-15 02:54 - 2014-03-12 16:42 - 00013826 _____ () C:\Users\kroenen2\Documents\TombRaider.log
2014-03-14 09:51 - 2014-03-14 09:51 - 07696384 _____ () C:\Users\kroenen2\Desktop\GmailNotifierPro.msi
2014-03-14 09:49 - 2010-03-17 11:27 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-14 09:26 - 2009-07-14 05:45 - 05065080 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 09:20 - 2014-02-16 23:56 - 00435746 _____ () C:\Windows\PFRO.log
2014-03-14 08:36 - 2010-09-29 18:21 - 00000000 ____D () C:\Program Files (x86)\DC++
2014-03-14 03:03 - 2010-03-17 11:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-14 03:01 - 2012-10-20 21:27 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 03:01 - 2012-10-20 21:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 23:17 - 2013-10-23 18:48 - 00012096 _____ () C:\Users\kroenen2\Desktop\spotrebiče.xlsx
2014-03-12 19:13 - 2014-02-16 17:55 - 00000000 ____D () C:\Users\kroenen2\AppData\Local\CrashDumps
2014-03-12 16:42 - 2011-02-07 21:05 - 00000000 ____D () C:\Users\kroenen2\AppData\Local\SKIDROW
2014-03-12 16:42 - 2010-10-01 08:44 - 00000000 ____D () C:\+DOWNLOADS+
2014-03-12 16:29 - 2014-03-12 16:29 - 00002094 _____ () C:\Users\Public\Desktop\Tombraider.lnk
2014-03-12 16:10 - 2013-06-12 02:11 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 16:10 - 2013-06-12 02:11 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 16:10 - 2012-04-16 08:53 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 16:07 - 2014-03-12 16:07 - 00000000 ____D () C:\Program Files (x86)\SQUARE ENIX
2014-03-09 20:34 - 2014-03-09 20:34 - 00000000 ____D () C:\Users\kroenen2\Desktop\cvika
2014-03-09 20:21 - 2014-03-06 20:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-07 20:16 - 2010-10-08 16:35 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-03-07 20:16 - 2010-10-08 16:34 - 00000000 ____D () C:\ProgramData\Nero
2014-03-07 20:15 - 2010-10-08 17:01 - 00000000 ____D () C:\Users\kroenen2\AppData\Roaming\Nero
2014-03-07 20:14 - 2014-03-07 20:14 - 00138056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl100.dll
2014-03-07 20:14 - 2011-02-19 22:51 - 00158536 _____ (Microsoft Corporation) C:\Windows\system32\atl100.dll
2014-03-07 20:11 - 2014-03-07 20:11 - 00000000 ____D () C:\Users\kroenen2\Documents\Nero
2014-03-07 11:40 - 2014-03-07 11:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-06 20:52 - 2010-09-25 21:09 - 00000000 ____D () C:\Users\kroenen2\AppData\Roaming\Mozilla
2014-03-06 20:34 - 2014-03-06 20:53 - 00000124 _____ () C:\Users\kroenen2\Documents\indexfile.txt
2014-03-01 07:05 - 2014-03-13 09:15 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 09:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 09:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 09:15 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 09:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 09:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 09:15 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 09:15 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 09:15 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 09:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 09:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 09:15 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 09:15 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 09:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 09:15 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 09:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 09:15 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 09:15 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 09:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 09:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 09:15 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 09:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 09:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 09:15 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 09:15 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 09:15 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 09:15 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 09:15 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 09:15 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 09:15 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 09:15 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 09:15 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 09:15 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 09:15 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 09:15 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 09:15 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 09:15 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 09:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 09:15 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 09:15 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 23:59 - 2014-02-27 23:59 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-26 23:08 - 2014-02-19 09:35 - 00000000 ____D () C:\xampp
2014-02-26 22:46 - 2014-02-26 22:46 - 00000655 _____ () C:\Users\kroenen2\Desktop\XAMPP Control Panel.lnk
2014-02-26 22:46 - 2014-02-26 22:46 - 00000000 ____D () C:\Users\kroenen2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends
2014-02-23 13:10 - 2014-02-23 13:10 - 00000069 _____ () C:\Users\kroenen2\Desktop\Turbo 2013 Soundtrack - Турбо 2013 музыка, саундтрек! - YouTube.url
2014-02-21 20:39 - 2014-02-21 19:48 - 00000000 ____D () C:\Users\kroenen2\Desktop\old_music cold_war

Some content of TEMP:
====================
C:\Users\kroenen2\AppData\Local\Temp\7-zip.dll
C:\Users\kroenen2\AppData\Local\Temp\7z.dll
C:\Users\kroenen2\AppData\Local\Temp\7z.exe
C:\Users\kroenen2\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:0A4A3F5A
AlternateDataStreams: C:\ProgramData\Temp:48626D4C
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:9D1B94FD
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57

==================== Security Center ==================

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\kroenen2\Desktop" je 549 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService
"C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Dispatch
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate
"C:\Users\kroenen2\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\kroenen2\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon
"C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
"C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
C:\Program Files (x86)\mHotspot\mHotspot.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MDS_Menu
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mHotspot.exe
"C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer
C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\RocketDock\RocketDock.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray
"C:\Program Files (x86)\Winamp\winampa.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard
"C:\Program Files (x86)\webcamXP 5\wLite.exe" -auto [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wLite
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk
C:\PROGRA~2\Acer\ACERVC~1\AcerVCM.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^fchubupd.lnk
C:\PROGRA~2\FASTCODE\FASTCO~1\fchubupd.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Launch FASTCODE Mobile Hub V1.1.exe.lnk
C:\PROGRA~2\FASTCODE\FASTCO~1\FASTCO~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.0.lnk
C:\PROGRA~2\COMMON~1\PANASO~1\PHOTOF~1\AUTOST~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk
C:\Windows\INSTAL~1\{147DF~1\NEWSHO~2.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^kroenen2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^RDM+ Desktop.lnk
C:\PROGRA~2\RDM_~1\RDMPSE~2.EXE /STARTSERVICE [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Addition.rar: (13.74 KiB) Staženo 56 x

#10 Příspěvek od **Rudy** » 23 bře 2014 11:08

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mhotspot.com/search.html
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {94492ADC-026A-46B3-AAF2-E8E22103496A} URL = http://www.tangosearch.com/?q={searchTerms}&a=SEARCH
SearchScopes: HKCU - {1B302FEF-4F0F-4AC1-8C23-8A96D79F4A53} URL = http://www.queryscan.com/?prt=QryscanNN ... earchTerms}
SearchScopes: HKCU - {94492ADC-026A-46B3-AAF2-E8E22103496A} URL = http://www.tangosearch.com/?q={searchTerms}&a=SEARCH
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
c:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKCU - No Name - {13A02CD8-3F9E-4833-A3EE-5852B5E7B717} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
FF ProfilePath: C:\Users\kroenen2\AppData\Roaming\Mozilla\Firefox\Profiles\sbr4t8rr.default
FF Plugin: @microsoft.com/GENUINE - disabled No File
CHR Extension: (Facebook Themes (Facebook Theme Gallery)) - C:\Users\kroenen2\AppData\Local\Google\Chrome\User Data\Default\Extensions\phejagnmddcjhjblnacgmejghffmhjfp [2013-06-07]
C:\Windows\system32\roboot64.exe
C:\Users\kroenen2\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Temp:0A4A3F5A
AlternateDataStreams: C:\ProgramData\Temp:48626D4C
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:9D1B94FD
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
Task: {009248B1-8F25-4505-A5B1-7F190DABDEFC} - System32\Tasks\{1EB27AAB-BEA7-4B98-80B2-698558C137FB} => F:\Startme.exe
Task: {0AB2C509-3DFC-424B-A604-98D88597571D} - System32\Tasks\{8E0BE962-49F5-4847-B8CD-C40132450DF5} => F:\Startme.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B6D458E8-1C92-4301-B197-1F4D31605A70} - System32\Tasks\{E7897C94-2EA8-4AEB-B3B6-135C30FE4952} => C:\Users\kroenen2\Desktop\mac2006g.exe
Task: {8C473830-813B-47F3-943D-04D40BE86075} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\kroenen2\AppData\Local\FilesFrog Update Checker\update_checker.exe <==== ATTENTION
Task: {75F1EF4B-096E-4B39-85B6-769C170FD428} - \BrowserDefendert No Task File
End

Uložte na plochu jako fixlist.txt. Pak znovu spusťte FRST a klikněte na >Fix<. Zkopírujte sem pak log, který se na závěr vytvoří.

Dále stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:commands
[Purity]
[Emptytemp]
[Emptyflash]
[Resethosts]

a klikněte na >MoveIt!<. Po skenu restartujte PC.

kroenen2 · #11 Příspěvek od **kroenen2** » 24 bře 2014 21:32

Log sa mi zdal príliš veľký, je v prílohe. Ďakujem.

Fixlog.rar: (13.85 KiB) Staženo 56 x

#12 Příspěvek od **Rudy** » 24 bře 2014 22:18

Smazáno. Nastala nějaká změna?

kroenen2 · #13 Příspěvek od **kroenen2** » 24 bře 2014 22:55

No zatial beží ako má. To skorej z dlhodobého hladiska by sa dalo. Zatial Ďakujem

#14 Příspěvek od **Rudy** » 24 bře 2014 22:56

OK. Zatím nemáte zač!

VIRY.CZ

Po reštarte nechce nabehnúť OS

Po reštarte nechce nabehnúť OS

Re: Po reštarte nechce nabehnúť OS

Re: Po reštarte nechce nabehnúť OS

Re: Po reštarte nechce nabehnúť OS

Re: Po reštarte nechce nabehnúť OS

Re: Po reštarte nechce nabehnúť OS

Re: Po reštarte nechce nabehnúť OS

Re: Po reštarte nechce nabehnúť OS

Re: Po reštarte nechce nabehnúť OS

Re: Po reštarte nechce nabehnúť OS

Re: Po reštarte nechce nabehnúť OS

Re: Po reštarte nechce nabehnúť OS

Re: Po reštarte nechce nabehnúť OS

Re: Po reštarte nechce nabehnúť OS