Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

modrá obrazovka

V tomto fóru se řeší problematika modré smrti - BSOD

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zpráva
Autor
maxino
Návštěvník
Návštěvník
Příspěvky: 205
Registrován: 20 bře 2013 09:50

modrá obrazovka

#1 Příspěvek od maxino »

Zdravím a prosím o pomoc, po zapnutí počítače se objeví modrá obrazovka, počítač se dá otevřít jen v nouzovém režimu.

Podpis problému:
Název události problému: BlueScreen
Verze operačního systému: 6.1.7601.2.1.0.768.3
ID národního prostředí: 1029

Další informace o problému:
BCCode: 116
BCP1: FFFFFA80073484E0
BCP2: FFFFF8800F36B568
BCP3: 0000000000000000
BCP4: 0000000000000002
OS Version: 6_1_7601
Service Pack: 1_0
Product: 768_1

Soubory, které popisují problém:
C:\Windows\Minidump\090317-16723-01.dmp
C:\Users\Veronika\AppData\Local\Temp\WER-34772-0.sysdata.xml

Přečtěte si prohlášení o zásadách ochrany osobních údajů online:
http://go.microsoft.com/fwlink/?linkid= ... cid=0x0405

Pokud není k dispozici Prohlášení o zásadách ochrany osobních údajů online, přečtěte si toto prohlášení offline:
C:\Windows\system32\cs-CZ\erofflps.txt

maxino
Návštěvník
Návštěvník
Příspěvky: 205
Registrován: 20 bře 2013 09:50

Re: modrá obrazovka

#2 Příspěvek od maxino »

Logfile of random's system information tool 1.16 (written by random/random)
Run by Veronika at 2017-09-03 10:34:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 181 GB (72%) free of 250 GB
Total RAM: 3965 MB (74% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:34:14, on 3.9.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Veronika_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10123 bytes

====== Enumerating Processes ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\System32\WerFault.exe -k -q
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2028.0.234094886\1968199602" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|33:20|34:10|43:128|44:10000|49:0|51:400|52:1|53:0|54:0|59:0|60:120|61:120|91:2|92:1|106:5000|117:0|119:0|130:10000|142:-1|147:128|148:10000|149:0|155:24|156:32768|158:0|159:0|167:5|171:1048576|172:100|173:5000|175:600|177:1|186:1|190:0|200:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|35:1|36:0|37:0|38:0|41:1|42:1|45:0|46:0|47:0|48:0|50:0|55:1|56:1|57:0|58:1|62:1|63:1|64:0|65:1|66:1|67:0|68:1|71:0|72:0|75:1|76:1|80:1|81:1|82:1|83:0|85:0|86:0|87:1|88:0|93:1|94:0|100:0|105:0|108:1|109:1|112:1|114:1|118:0|121:1|124:1|125:1|131:0|132:0|133:1|135:0|141:0|143:1|144:0|145:1|146:0|153:0|154:0|157:1|160:0|162:1|164:1|165:0|170:0|174:1|179:0|180:0|181:0|182:1|183:0|184:0|185:1|188:0|192:0|193:0|194:1|195:1|196:0|197:1|198:1|199:1|201:0|202:0|204:0|212:1|213:1|214:0|215:0|216:0| -stringPrefs "3:7;release|134:3;1.0|151:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|152:8;moderate|187:38;{534b5ae2-6edd-4af7-8533-444a7626f81d}|" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 2028 "\\.\pipe\gecko-crash-server-pipe.2028" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2028.12.937960218\763722399" -childID 3 -isForBrowser -intPrefs 5:50|6:-1|28:1000|33:20|34:10|43:128|44:10000|49:0|51:400|52:1|53:0|54:0|59:0|60:120|61:120|91:2|92:1|106:5000|117:0|119:0|130:10000|142:-1|147:128|148:10000|149:0|155:24|156:32768|158:0|159:0|167:5|171:1048576|172:100|173:5000|175:600|177:1|186:1|190:0|200:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|35:1|36:0|37:0|38:0|41:1|42:1|45:0|46:0|47:0|48:0|50:0|55:1|56:1|57:0|58:1|62:1|63:1|64:0|65:1|66:1|67:0|68:1|71:0|72:0|75:1|76:1|80:1|81:1|82:1|83:0|85:0|86:0|87:1|88:0|93:1|94:0|100:0|105:0|108:1|109:1|112:1|114:1|118:0|121:1|124:1|125:1|131:0|132:0|133:1|135:0|141:0|143:1|144:0|145:1|146:0|153:0|154:0|157:1|160:0|162:1|164:1|165:0|170:0|174:1|179:0|180:0|181:0|182:1|183:0|184:0|185:1|188:0|192:0|193:0|194:1|195:1|196:0|197:1|198:1|199:1|201:0|202:0|204:0|212:1|213:1|214:0|215:0|216:0| -stringPrefs "3:7;release|134:3;1.0|151:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|152:8;moderate|187:38;{534b5ae2-6edd-4af7-8533-444a7626f81d}|" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 2028 "\\.\pipe\gecko-crash-server-pipe.2028" tab
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\Veronika\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

====== Scheduled tasks folder ======

C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
C:\Windows\system32\tasks\{31C712D1-B5A4-4B75-93F0-BF04C4BC6C19} - C:\Windows\system32\pcalua.exe -a E:\DIRECTX\DX80CZE.EXE -d E:\DIRECTX
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2973147430-3371197934-2794310822-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\Windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\Windows\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\Windows\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\Windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880
C:\Windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload

maxino
Návštěvník
Návštěvník
Příspěvky: 205
Registrován: 20 bře 2013 09:50

Re: modrá obrazovka

#3 Příspěvek od maxino »

=========Mozilla firefox=========

ProfilePath - C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\7ztpvrig.default-1480181233495

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.151 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.151 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll


C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\7ztpvrig.default-1480181233495\addons.json

C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\7ztpvrig.default-1480181233495\extensions.json
Application Update Service Helper - extension - aushelper@mozilla.org -
Multi-process staged rollout - extension - e10srollout@mozilla.org -
Pocket - extension - firefox@getpocket.com -
Web Compat - extension - webcompat@mozilla.org -
Firefox Screenshots - extension - screenshots@mozilla.org -
Click-to-Play staged rollout - extension - clicktoplay-rollout@mozilla.org -
Follow-on Search Telemetry - extension - followonsearch@mozilla.com -
Shield Recipe Client - extension - shield-recipe-client@mozilla.org -
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} -
Firefox Screenshots - extension - screenshots@mozilla.org -

C:\Users\Veronika\AppData\Roaming\Mozilla\Firefox\Profiles\7ztpvrig.default-1480181233495\pluginreg.dat
Plugin - Shockwave Flash - 26.0.0.151 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-08-25 210120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-30 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-08-25 1060040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-08-25 3226824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-30 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-08-25 149696]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-08-25 660168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-08-25 2178248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-14 13671792]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-04-11 36352]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2012-12-19 241152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-03-28 1421736]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]

C:\Users\Veronika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2017-08-09 18:00:48 ----A---- C:\Windows\SYSWOW64\msrepl40.dll
2017-08-09 18:00:48 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2017-08-09 18:00:48 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2017-08-09 18:00:48 ----A---- C:\Windows\SYSWOW64\msjtes40.dll
2017-08-09 18:00:48 ----A---- C:\Windows\SYSWOW64\msjetoledb40.dll
2017-08-09 18:00:48 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2017-08-09 18:00:48 ----A---- C:\Windows\system32\win32k.sys
2017-08-09 18:00:47 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-08-09 18:00:46 ----A---- C:\Windows\SYSWOW64\msxbde40.dll
2017-08-09 18:00:46 ----A---- C:\Windows\SYSWOW64\mspbde40.dll
2017-08-09 18:00:46 ----A---- C:\Windows\SYSWOW64\msltus40.dll
2017-08-09 18:00:46 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-08-09 18:00:45 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-08-09 18:00:45 ----A---- C:\Windows\system32\tquery.dll
2017-08-09 18:00:44 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-08-09 18:00:44 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-08-09 18:00:44 ----A---- C:\Windows\SYSWOW64\mswdat10.dll
2017-08-09 18:00:44 ----A---- C:\Windows\SYSWOW64\msjter40.dll
2017-08-09 18:00:44 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-08-09 18:00:44 ----A---- C:\Windows\system32\wer.dll
2017-08-09 18:00:44 ----A---- C:\Windows\system32\Query.dll
2017-08-09 18:00:43 ----A---- C:\Windows\SYSWOW64\wer.dll
2017-08-09 18:00:43 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-08-09 18:00:43 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-08-09 18:00:43 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2017-08-09 18:00:43 ----A---- C:\Windows\system32\clfs.sys
2017-08-09 18:00:42 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-08-09 18:00:42 ----A---- C:\Windows\system32\t2embed.dll
2017-08-09 18:00:42 ----A---- C:\Windows\system32\drivers\tdx.sys
2017-08-09 18:00:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-08-09 18:00:41 ----A---- C:\Windows\system32\ntdll.dll
2017-08-09 18:00:40 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-08-09 18:00:40 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-08-09 18:00:37 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2017-08-09 18:00:37 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2017-08-09 18:00:37 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-08-09 18:00:37 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-08-09 18:00:37 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-08-09 18:00:37 ----A---- C:\Windows\system32\wermgr.exe
2017-08-09 18:00:37 ----A---- C:\Windows\system32\werdiagcontroller.dll
2017-08-09 18:00:37 ----A---- C:\Windows\system32\smss.exe
2017-08-09 18:00:37 ----A---- C:\Windows\system32\rpcrt4.dll
2017-08-09 18:00:37 ----A---- C:\Windows\system32\mssvp.dll
2017-08-09 18:00:37 ----A---- C:\Windows\system32\mssrch.dll
2017-08-09 18:00:37 ----A---- C:\Windows\system32\mssph.dll
2017-08-09 18:00:37 ----A---- C:\Windows\system32\lsasrv.dll
2017-08-09 18:00:37 ----A---- C:\Windows\system32\kerberos.dll
2017-08-09 18:00:37 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-08-09 18:00:37 ----A---- C:\Windows\system32\certcli.dll
2017-08-09 18:00:36 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-08-09 18:00:36 ----A---- C:\Windows\system32\schannel.dll
2017-08-09 18:00:36 ----A---- C:\Windows\system32\mssprxy.dll
2017-08-09 18:00:36 ----A---- C:\Windows\system32\mssphtb.dll
2017-08-09 18:00:36 ----A---- C:\Windows\system32\mssitlb.dll
2017-08-09 18:00:36 ----A---- C:\Windows\system32\kernel32.dll
2017-08-09 18:00:36 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-08-09 18:00:36 ----A---- C:\Windows\system32\advapi32.dll
2017-08-09 18:00:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-08-09 18:00:34 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-08-09 18:00:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-08-09 18:00:34 ----A---- C:\Windows\system32\TSpkg.dll
2017-08-09 18:00:34 ----A---- C:\Windows\system32\ncrypt.dll
2017-08-09 18:00:34 ----A---- C:\Windows\system32\msv1_0.dll
2017-08-09 18:00:33 ----A---- C:\Windows\system32\wdigest.dll
2017-08-09 18:00:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-08-09 18:00:32 ----A---- C:\Windows\system32\winsrv.dll
2017-08-09 18:00:32 ----A---- C:\Windows\system32\sspicli.dll
2017-08-09 18:00:32 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-08-09 18:00:32 ----A---- C:\Windows\system32\KernelBase.dll
2017-08-09 18:00:29 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-08-09 18:00:29 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-08-09 18:00:29 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-08-09 18:00:29 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-08-09 18:00:29 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-08-09 18:00:29 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-08-09 18:00:29 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-08-09 18:00:29 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-08-09 18:00:29 ----A---- C:\Windows\system32\wow64win.dll
2017-08-09 18:00:29 ----A---- C:\Windows\system32\sspisrv.dll
2017-08-09 18:00:29 ----A---- C:\Windows\system32\srcore.dll
2017-08-09 18:00:29 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-08-09 18:00:29 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-08-09 18:00:29 ----A---- C:\Windows\system32\rpchttp.dll
2017-08-09 18:00:29 ----A---- C:\Windows\system32\msshooks.dll
2017-08-09 18:00:29 ----A---- C:\Windows\system32\msscntrs.dll
2017-08-09 18:00:29 ----A---- C:\Windows\system32\lsass.exe
2017-08-09 18:00:29 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-08-09 18:00:29 ----A---- C:\Windows\system32\cryptbase.dll
2017-08-09 18:00:29 ----A---- C:\Windows\system32\conhost.exe
2017-08-09 18:00:29 ----A---- C:\Windows\system32\bcrypt.dll
2017-08-09 18:00:28 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-08-09 18:00:28 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-08-09 18:00:28 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-08-09 18:00:28 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-08-09 18:00:28 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-08-09 18:00:28 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-08-09 18:00:28 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-08-09 18:00:28 ----A---- C:\Windows\system32\wow64.dll
2017-08-09 18:00:28 ----A---- C:\Windows\system32\secur32.dll
2017-08-09 18:00:28 ----A---- C:\Windows\system32\drivers\appid.sys
2017-08-09 18:00:28 ----A---- C:\Windows\system32\csrsrv.dll
2017-08-09 18:00:28 ----A---- C:\Windows\system32\credssp.dll
2017-08-09 18:00:27 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-08-09 18:00:27 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-08-09 18:00:27 ----A---- C:\Windows\system32\wow64cpu.dll
2017-08-09 18:00:27 ----A---- C:\Windows\system32\srclient.dll
2017-08-09 18:00:27 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-08-09 18:00:27 ----A---- C:\Windows\system32\rstrui.exe
2017-08-09 18:00:27 ----A---- C:\Windows\system32\appidapi.dll
2017-08-09 18:00:26 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-08-09 18:00:26 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-08-09 18:00:26 ----A---- C:\Windows\system32\auditpol.exe
2017-08-09 18:00:26 ----A---- C:\Windows\system32\appidsvc.dll
2017-08-09 18:00:24 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-08-09 18:00:24 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-08-09 18:00:24 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-08-09 18:00:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-08-09 18:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-08-09 18:00:22 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-08-09 18:00:22 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-08-09 18:00:22 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-08-09 18:00:22 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-08-09 18:00:22 ----A---- C:\Windows\system32\ntvdm64.dll
2017-08-09 18:00:22 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-08-09 18:00:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-08-09 18:00:18 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-08-09 18:00:18 ----A---- C:\Windows\SYSWOW64\user.exe
2017-08-09 18:00:18 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-08-09 18:00:18 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-08-09 18:00:18 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-08-09 18:00:18 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-08-09 18:00:18 ----A---- C:\Windows\system32\apisetschema.dll
2017-08-09 18:00:18 ----A---- C:\Windows\system32\adtschema.dll
2017-08-09 18:00:17 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-08-09 18:00:17 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-08-09 18:00:17 ----A---- C:\Windows\system32\msaudite.dll
2017-08-09 18:00:16 ----A---- C:\Windows\system32\msobjs.dll
2017-08-09 18:00:14 ----A---- C:\Windows\SYSWOW64\mstext40.dll
2017-08-09 18:00:14 ----A---- C:\Windows\SYSWOW64\msexch40.dll

maxino
Návštěvník
Návštěvník
Příspěvky: 205
Registrován: 20 bře 2013 09:50

Re: modrá obrazovka

#4 Příspěvek od maxino »

====== List of files/folders modified in the last 1 month ======

2017-09-03 10:57:34 ----D---- C:\Windows\system32\config
2017-09-03 10:57:31 ----D---- C:\Windows\Tasks
2017-09-03 10:57:31 ----D---- C:\Windows\system32\wfp
2017-09-03 10:57:31 ----D---- C:\Windows\system32\DriverStore
2017-09-03 10:57:31 ----D---- C:\Windows\system32\catroot2
2017-09-03 10:57:31 ----D---- C:\Windows\System32
2017-09-03 10:57:30 ----SHD---- C:\Windows\Installer
2017-09-03 10:57:30 ----D---- C:\Windows\system32\wbem
2017-09-03 10:57:29 ----D---- C:\Windows\inf
2017-09-03 10:57:16 ----D---- C:\Windows\registration
2017-09-03 10:57:15 ----D---- C:\Windows\SysWOW64
2017-09-03 10:55:27 ----D---- C:\Windows\system32\LogFiles
2017-09-03 10:34:13 ----D---- C:\Program Files\trend micro
2017-09-03 10:31:36 ----D---- C:\Windows\Temp
2017-09-03 10:31:21 ----A---- C:\Windows\ntbtlog.txt
2017-09-03 10:31:18 ----D---- C:\Windows\Minidump
2017-09-03 10:31:12 ----D---- C:\Windows
2017-09-03 08:02:53 ----D---- C:\Windows\Prefetch
2017-08-30 05:22:27 ----SHD---- C:\System Volume Information
2017-08-27 09:46:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-08-27 09:40:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-27 09:20:07 ----SHD---- C:\Config.Msi
2017-08-27 09:18:10 ----D---- C:\Program Files (x86)\Microsoft Office
2017-08-27 09:04:44 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-08-27 09:04:31 ----RD---- C:\Program Files (x86)
2017-08-26 08:25:44 ----D---- C:\Windows\Microsoft.NET
2017-08-26 07:50:33 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-08-26 07:50:11 ----D---- C:\Program Files (x86)\Common Files
2017-08-25 23:33:15 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-08-11 11:45:55 ----D---- C:\Windows\rescache
2017-08-11 10:58:18 ----D---- C:\Windows\system32\Tasks
2017-08-11 10:17:47 ----D---- C:\Windows\system32\NDF
2017-08-11 09:55:21 ----D---- C:\Windows\winsxs
2017-08-11 09:53:16 ----D---- C:\Windows\SYSWOW64\migration
2017-08-11 09:53:16 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-08-11 09:53:15 ----D---- C:\Windows\system32\migration
2017-08-11 09:53:15 ----D---- C:\Windows\system32\drivers
2017-08-11 09:53:15 ----D---- C:\Windows\system32\cs-CZ
2017-08-11 09:53:14 ----D---- C:\Windows\system32\en-US
2017-08-11 09:53:14 ----D---- C:\Windows\AppPatch
2017-08-11 09:53:13 ----D---- C:\Windows\system32\Boot
2017-08-09 22:13:03 ----D---- C:\Windows\system32\MRT
2017-08-09 22:10:49 ----AC---- C:\Windows\system32\MRT.exe
2017-08-09 18:01:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-08-09 18:00:58 ----D---- C:\Windows\system32\Macromed
2017-08-09 18:00:48 ----D---- C:\Windows\SYSWOW64\Macromed

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2017-01-17 106768]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-04-11 645480]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-04-11 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-02-21 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2017-01-17 77616]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2017-01-17 60536]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-02-21 370672]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-02-21 791024]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-18 906968]
S1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-01-17 132272]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-01-17 180544]
S1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-01-17 96856]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-03-19 4888368]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-03-14 3896920]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-31 450520]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 6144]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2016-11-19 153216]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
S2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-08-12 4424392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-12-14 2836296]
S2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-03-28 1099280]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-04-11 16232]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-03-19 345864]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-01-31 878400]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2015-02-18 1258312]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-09 272384]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-03-19 280840]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-29 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-08-27 175568]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-08-12 213704]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-07-02 5132888]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-30 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

maxino
Návštěvník
Návštěvník
Příspěvky: 205
Registrován: 20 bře 2013 09:50

Re: modrá obrazovka

#5 Příspěvek od maxino »

Prosím je tu někdo?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: modrá obrazovka

#6 Příspěvek od Rudy »

Zdravím!
Tento soubor: C:\Windows\Minidump\090317-16723-01.dmp prosím, zabalte do raru a přiložte k vašemu příštímu postu. Zároveň přesouvám vaše vlákno do správné sekce.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

maxino
Návštěvník
Návštěvník
Příspěvky: 205
Registrován: 20 bře 2013 09:50

Re: modrá obrazovka

#7 Příspěvek od maxino »

přikládám soubor a omlouvám se za komplikace

díky
Přílohy
090517-15537-01.rar
(29.23 KiB) Staženo 133 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: modrá obrazovka

#8 Příspěvek od Rudy »

Systém shodil ovladač gr. karty. Zkuste ho přeinstalovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

maxino
Návštěvník
Návštěvník
Příspěvky: 205
Registrován: 20 bře 2013 09:50

Re: modrá obrazovka

#9 Příspěvek od maxino »

netuším jak

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: modrá obrazovka

#10 Příspěvek od Rudy »

Stáhnete instalační soubor z webu výrobce graf. karty (pokud je to NB, z webu jeho výrobce), někam uložíte a spustíte instalaci.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

maxino
Návštěvník
Návštěvník
Příspěvky: 205
Registrován: 20 bře 2013 09:50

Re: modrá obrazovka

#11 Příspěvek od maxino »

jak zjistím jakou grafickou kartu mám v pc (ntb nemám) ? krabičku nebo něco od ní nemám

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: modrá obrazovka

#12 Příspěvek od Rudy »

Buď ve správci zařízení v systému, nebo (pokud to tam nebude), otevřete PC a na kartě je štítek, příp. nápis. Drtivá většina grefik je dnes buď nVidia, nebo AMD.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

maxino
Návštěvník
Návštěvník
Příspěvky: 205
Registrován: 20 bře 2013 09:50

Re: modrá obrazovka

#13 Příspěvek od maxino »

tak frafika je nvidia geforece 6600, verze ovladače 9.18.13.908, datum ovladače 30.1.2015. Na stránkách nvida se snažím najít ovladač, ale nedaří se mi to. Pokus omyl se snažím ovladač stáhnout a nainstalovat, ale hlásí mi to nekompatibilitu.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: modrá obrazovka

#14 Příspěvek od Rudy »

Měl by to být tento ovladač: https://www.geforce.com/drivers/results/82758 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

maxino
Návštěvník
Návštěvník
Příspěvky: 205
Registrován: 20 bře 2013 09:50

Re: modrá obrazovka

#15 Příspěvek od maxino »

děkuju, nainstalováno, proveden restart, provedena obnova, modrá obrazovka, nouzový režim

Zamčeno