BSOD na pc 2

[Kikos]

Minidump.rar

(19.34 KiB) Staženo 94 x

Zdravím po vyčištění PC CCleaner a SpyHunter 2 za sebou BSOD prosím o pomoc - děkuji.

Podpis problému:
Název události problému: BlueScreen
Verze operačního systému: 6.1.7601.2.1.0.768.3
ID národního prostředí: 1029

Další informace o problému:
BCCode: 1000008e
BCP1: C0000005
BCP2: 82ED5F57
BCP3: A5687B7C
BCP4: 00000000
OS Version: 6_1_7601
Service Pack: 1_0
Product: 768_1

Soubory, které popisují problém:
C:\Windows\Minidump\102414-68968-01.dmp
C:\Users\Kancelar\AppData\Local\Temp\WER-82078-0.sysdata.xml

[vyosek]

Zdravim

Maly dotaz: BSOD na dalším pc v práci = jde o nejaky pracovni\firemni PC???

[Kikos]

No je to můj druhy pracovní PC pokud se ptáte na licenci mám řádně zakoupeno jak 32 tak pro 64 bit.

[vyosek]

S pracovnim PC bych se radeji obratil na placene servisy, kde je pomoc a pripadna ochrana firemnich dat osetrena obchodnimi podminkami...My zde nemuzeme zarucit, ze nedojde ke ztrate ci znefunkcneni pracovniho PC s pracovnimi daty...

Navic PC pouzivate pro vydelecne udely (usuzuji z "pracovni") a my pomahame domacim uzivatelum = PC pro domaci ucely.

[Kikos]

V placeném servisu maximálně udělají reinstal, což si můžu udělat sám, důležitá data mám na druhém HDD takže znefunkčnění nemůže dojít, pokud mi nechcete pomoci nedá se nic dělat, příště nebudu psát do popisu raději nic, jak to tady dělá x lidí. Počkám jestli se nenajde jiná dobrá duše a pokud ne vrhnu se na reinstal. Děkuji za vaši odpověď.

[vyosek]

Mlaskave si uvedomte, ze my pomoci MUZEME, nikoli MUSIME... A svym stylem - nebudu nic psat - se taky muze stat, ze Vam bude priste pomoc odmitnuta, jelikoz budem mit obavy, ze tu resite pracovni PC. A co delaji ostatni, to si pouze myslet muzete, nebo si jste zcela jist ze to tak delaji a dokazal byste to u soudniho jednani

Ja myslel na Vase dobro

Pouzijte WhoCrash dle kolegy

použij WhoCrashed

po spuštění klikni na Analyze,

aplikace po chvilce vytvoří zprávu o příčině pádu, kterou mi sem nakopíruj.

[Kikos]

Já si velice dobře uvědomuji, že pomoc zde od vás je vaše pouze dobrá vůle a věřte mi, že si toho moc cením, děkuji za pomoc provedu dle návodu.

[vyosek]

Pockame co nam ukaze WhoCrash

[Kikos]

Zasílám report :

System Information (local)
--------------------------------------------------------------------------------

computer name: MK-PC
windows version: Windows 7 Service Pack 1, 6.1, build: 7601
windows dir: C:\Windows
Hardware: GBT___, Gigabyte Technology Co., Ltd., 8I915P Duo
CPU: GenuineIntel Intel(R) Pentium(R) 4 CPU 3.00GHz Intel586, level: 15
2 logical processors, active mask: 3
RAM: 3489185792 total




--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.

On Fri 24.10.2014 14:12:56 GMT your computer crashed
crash dump file: C:\Windows\Minidump\102414-68968-01.dmp
This was probably caused by the following module: esgiguard.sys (esgiguard+0x143C)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFF82ED5F57, 0xFFFFFFFFA5687B7C, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: esgiguard.sys .
Google query: esgiguard.sys KERNEL_MODE_EXCEPTION_NOT_HANDLED_M



On Fri 24.10.2014 14:12:56 GMT your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: hal.sys (hal!KfLowerIrql+0x61)
Bugcheck code: 0x8E (0xFFFFFFFFC0000005, 0xFFFFFFFF82ED5F57, 0xFFFFFFFFA5687B7C, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug check description: This bug check indicates that a kernel-mode application generated an exception that the error handler did not catch.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: hal.sys .
Google query: hal.sys KERNEL_MODE_EXCEPTION_NOT_HANDLED




--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

2 crash dumps have been found and analyzed. 2 third party drivers have been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:

esgiguard.sys
hal.sys

If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems.


Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

[vyosek]

Odinstalujte SpyHunter, pokud mate (problem zpusobuje jeho driver)

Pak dejte log z FRST http://forum.viry.cz/viewtopic.php?f=24&t=132509

[Kikos]

Provedeno přikládám :

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-10-2014 01
Ran by Kancelar (administrator) on MK-PC on 29-10-2014 08:47:23
Running from C:\Users\Kancelar\Desktop
Loaded Profile: Kancelar (Available profiles: Kancelar)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Genius\ioCentre\GMouseService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\Program Files\VIA\RAID\vialogsv.exe
(Monet+, a.s.) C:\Windows\System32\xmesrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_15_0_0_189_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cmaudio] => RunDll32 cmicnfg.cpl,CMICtrlWnd
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-22] (AVAST Software)
HKU\S-1-5-21-680322526-2380909262-1830953266-1001\...\Run: [Nezapomen] => C:\Program Files\Programy\Pamatuj\nezapomen.exe [458240 2000-12-11] ()
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-02-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/webhp?sourceid=na ... gws_rd=ssl
SearchScopes: HKCU - {140cee3c-26df-4385-94b3-bc948a0037d4} URL =
SearchScopes: HKCU - {1551C3CB-5B90-4524-9F55-66DFAF1F894F} URL = https://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 acdid.acdsystems.com
Tcpip\Parameters: [DhcpNameServer] 172.19.3.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @servis24.cz/PKIComponent -> C:\Users\Kancelar\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll (Česká spořitelna, a.s.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-18]
FF HKCU\...\Firefox\Extensions: [speedtest211@BestOffers] - C:\Users\Kancelar\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers
FF Extension: Speed Test - C:\Users\Kancelar\AppData\Roaming\Mozilla\Extensions\speedtest211@BestOffers [2014-10-22]

Chrome:
=======
CHR Profile: C:\Users\Kancelar\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Kancelar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-20]
CHR Extension: (Google Drive) - C:\Users\Kancelar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-20]
CHR Extension: (YouTube) - C:\Users\Kancelar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-20]
CHR Extension: (Google Search) - C:\Users\Kancelar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-20]
CHR Extension: (Google Wallet) - C:\Users\Kancelar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-20]
CHR Extension: (Gmail) - C:\Users\Kancelar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-20]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-22]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-22] (AVAST Software)
R2 GeniusMouseService; C:\Genius\ioCentre\GMouseService.exe [12288 2010-03-11] () [File not signed]
S3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-18] (Hewlett-Packard Co.) [File not signed]
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [55920 2011-03-15] ()
R2 xmengine service; C:\Windows\system32\xmesrv.exe [34696 2013-12-10] (Monet+, a.s.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-09-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-09-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-09-22] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-09-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-09-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-09-22] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-09-22] ()
R3 cmudax; C:\Windows\System32\drivers\cmudax.sys [1287296 2005-05-12] (C-Media Inc.)
R3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [99840 2014-03-14] (Gemalto)
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [20992 2006-11-02] (Microsoft Corporation)
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [4428160 2006-10-09] (NVIDIA Corporation) [File not signed]
R0 viamraid; C:\Windows\System32\DRIVERS\viamraid.sys [142448 2011-03-15] (VIA Technologies Inc.,Ltd)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
U5 viadsk; C:\Windows\System32\Drivers\viadsk.sys [50304 2003-04-15] (VIA Technologies, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 08:47 - 2014-10-29 08:47 - 00009563 _____ () C:\Users\Kancelar\Desktop\FRST.txt
2014-10-29 08:47 - 2014-10-29 08:47 - 00000000 ____D () C:\FRST
2014-10-29 08:44 - 2014-10-29 08:44 - 01104896 _____ (Farbar) C:\Users\Kancelar\Desktop\FRST.exe
2014-10-29 08:44 - 2014-10-29 08:44 - 00112640 _____ (forum.viry.cz) C:\Users\Kancelar\Desktop\FRSTLauncher.exe
2014-10-29 08:34 - 2014-10-29 08:34 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-10-24 15:14 - 2014-10-29 07:40 - 00000168 _____ () C:\Windows\setupact.log
2014-10-24 15:14 - 2014-10-24 15:14 - 00142888 _____ () C:\Windows\Minidump\102414-68968-01.dmp
2014-10-24 15:14 - 2014-10-24 15:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-24 15:13 - 2014-10-24 15:13 - 358484554 _____ () C:\Windows\MEMORY.DMP
2014-10-24 13:23 - 2014-10-24 15:14 - 00000000 ____D () C:\Windows\Minidump
2014-10-24 12:06 - 2014-10-24 12:06 - 00002789 _____ () C:\spyhunter.log
2014-10-24 12:03 - 2014-10-24 12:03 - 00172544 ____H () C:\Users\Kancelar\Desktop\~WRL0002.tmp
2014-10-24 10:07 - 2014-10-24 10:07 - 00001108 _____ () C:\sh4_service.log
2014-10-24 10:05 - 2013-10-18 14:01 - 00285747 _____ () C:\shldr
2014-10-24 10:05 - 2013-10-18 14:01 - 00008192 _____ () C:\shldr.mbr
2014-10-22 15:00 - 2014-10-22 15:00 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-10-22 14:59 - 2014-10-22 14:59 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-10-22 14:29 - 2014-10-22 14:29 - 00000000 ____D () C:\Users\Kancelar\AppData\Roaming\Mozilla
2014-10-22 14:27 - 2014-10-22 14:29 - 00000000 ____D () C:\Users\Kancelar\AppData\Local\speedtest211
2014-10-16 13:58 - 2014-10-16 13:58 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-10-16 13:58 - 2012-03-14 04:00 - 00311296 _____ (CANON INC.) C:\Windows\system32\CNMLMA4.DLL
2014-10-16 07:01 - 2014-10-10 02:44 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 07:01 - 2014-10-10 02:44 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 07:01 - 2014-10-10 02:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 07:01 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 07:01 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 07:01 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 07:01 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 07:01 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 07:01 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 07:01 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 07:01 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 07:01 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 07:01 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 07:01 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 07:01 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 07:01 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 07:01 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 07:01 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 07:01 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 07:01 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 07:01 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 07:01 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 07:01 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 07:01 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 07:01 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 07:01 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 07:01 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 07:01 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 07:01 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 07:01 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 07:01 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 07:01 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 07:01 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 07:01 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 07:01 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 06:59 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 06:59 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 06:59 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 06:59 - 2014-08-29 02:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 06:59 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 06:59 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 06:59 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 06:59 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 06:59 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 06:59 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 06:59 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 06:59 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 06:59 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 06:59 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 06:59 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-08 07:35 - 2014-10-13 14:57 - 00000000 ____D () C:\Users\Kancelar\Desktop\RD Sokolovi
2014-10-06 09:34 - 2014-10-06 09:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genius
2014-10-06 09:32 - 2014-10-06 09:32 - 00000000 ____D () C:\Genius
2014-10-06 09:31 - 2014-10-06 09:31 - 00000000 ____D () C:\Users\Kancelar\AppData\Roaming\InstallShield
2014-10-06 08:32 - 2014-10-06 09:05 - 00000442 _____ () C:\Windows\Tasks\DriverNavigator Scheduled Scan.job
2014-10-06 08:32 - 2014-10-06 08:32 - 00000000 ____D () C:\Users\Kancelar\AppData\Roaming\Easeware
2014-10-06 08:32 - 2014-10-06 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverNavigator
2014-10-06 08:32 - 2014-10-06 08:32 - 00000000 ____D () C:\Program Files\Easeware
2014-10-01 06:39 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 13:50 - 2014-10-15 14:13 - 00000000 ___HD () C:\Users\Kancelar\Desktop\[Originály]

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 08:46 - 2009-07-14 05:34 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-29 08:46 - 2009-07-14 05:34 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-29 08:40 - 2014-02-18 13:11 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-29 08:38 - 2014-03-10 10:12 - 00000000 ____D () C:\Users\Kancelar\Documents\CCleaner záloha
2014-10-29 08:20 - 2014-02-20 11:46 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-29 08:09 - 2014-05-22 06:43 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-29 07:49 - 2014-02-21 14:53 - 00014413 _____ () C:\Users\Kancelar\intlname.ols
2014-10-29 07:46 - 2014-02-18 12:56 - 01171545 _____ () C:\Windows\WindowsUpdate.log
2014-10-29 07:40 - 2014-02-20 11:46 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-29 07:40 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-27 15:50 - 2014-02-21 16:05 - 00000000 ____D () C:\Users\Kancelar\AppData\Roaming\Skype
2014-10-27 11:34 - 2014-02-20 11:40 - 00000000 ____D () C:\Users\Kancelar\AppData\Roaming\uTorrent
2014-10-27 08:59 - 2014-02-20 15:53 - 00000000 ____D () C:\Users\Kancelar\AppData\Roaming\PrimoPDF
2014-10-24 09:47 - 2014-09-17 10:21 - 00001252 _____ () C:\Users\Kancelar\Desktop\Auto.txt
2014-10-22 15:39 - 2014-08-20 10:01 - 00000000 ____D () C:\ProgramData\Systweak
2014-10-22 15:39 - 2014-08-20 10:00 - 00000000 ____D () C:\Users\Kancelar\AppData\Roaming\systweak
2014-10-21 14:15 - 2014-09-23 14:26 - 00000000 ____D () C:\Users\Kancelar\Desktop\Lakovací a sušící kabina – Přerov SŠT
2014-10-21 08:04 - 2014-08-15 11:47 - 00000000 ____D () C:\Users\Kancelar\AppData\Local\Adobe
2014-10-21 08:04 - 2014-03-25 07:58 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-21 08:04 - 2014-03-25 07:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-20 15:16 - 2014-07-30 15:17 - 00000000 ____D () C:\Users\Kancelar\Desktop\MyFiles
2014-10-17 09:15 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-10-16 15:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-16 13:22 - 2009-07-14 05:33 - 03693760 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 13:20 - 2014-05-06 15:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 11:42 - 2014-02-18 13:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 11:39 - 2014-02-18 13:37 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-06 09:32 - 2014-02-20 15:00 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-06 09:29 - 2014-02-20 11:36 - 00000000 ____D () C:\Users\Kancelar\AppData\Local\Downloaded Installations
2014-10-06 09:26 - 2014-02-20 12:13 - 00000702 _____ () C:\ProgramData\hpzinstall.log
2014-10-02 14:53 - 2014-02-18 13:22 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-27 12:53

==================== End Of Log ============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  
  HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-02-20] (Microsoft Corporation)
  
  SearchScopes: HKCU - {140cee3c-26df-4385-94b3-bc948a0037d4} URL = 
  
  S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
  
  C:\Program Files\RegClean Pro
  2014-10-29 08:44 - 2014-10-29 08:44 - 00112640 _____ (forum.viry.cz) C:\Users\Kancelar\Desktop\FRSTLauncher.exe
  2014-10-24 12:06 - 2014-10-24 12:06 - 00002789 _____ () C:\spyhunter.log
  2014-10-24 12:03 - 2014-10-24 12:03 - 00172544 ____H () C:\Users\Kancelar\Desktop\~WRL0002.tmp
  2014-10-24 10:07 - 2014-10-24 10:07 - 00001108 _____ () C:\sh4_service.log
  2014-10-24 10:05 - 2013-10-18 14:01 - 00285747 _____ () C:\shldr
  2014-10-24 10:05 - 2013-10-18 14:01 - 00008192 _____ () C:\shldr.mbr
  
  2014-10-29 08:20 - 2014-02-20 11:46 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  2014-10-29 08:09 - 2014-05-22 06:43 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
  2014-10-29 07:40 - 2014-02-20 11:46 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  Task: {87FF8D2A-5E6B-458C-B746-67390B2C3043} - System32\Tasks\ASP => C:\Program Files\RegClean Pro\SystweakASP.exe <==== ATTENTION
  Task: {A3B698B4-B516-4278-A7BB-A362EA5482E9} - \LaunchSignup No Task File <==== ATTENTION
  2014-10-22 15:00 - 2014-10-22 15:00 - 00000000 ____D () C:\Program Files\Enigma Software Group
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[Kikos]

Tak velmi děkuji za vaši ochotu a pomoc, žel-bohu dnes ráno PC naběhl do černé obrazovky jen kurzor myši zůstal a nešlo s tím hnout, tudíž musím udělat kompletní reinstal.

[vyosek]

Zkuste jeste obnovu k datu kdy fungoval bez problemu nebo opravou instalaci z media (ne format, ale opravna)

[Kikos]

Děkuji za radu, již jsem nic nechtěl riskovat a svěřil PC odborníkovi, ten mi volal, že je nutný reinstal, že to nejde ani do stavu nouze no bohužel