Prosím o kontrolu logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

jakubpolo
Level 2
Level 2
Příspěvky: 217
Registrován: červen 10
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod jakubpolo » 05 říj 2017 07:47

  • FRST (2. část)
    C:\WINDOWS\system32\TpmCoreProvisioning.dll
    2017-09-14 16:15 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2017-09-14 16:15 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
    2017-09-14 16:15 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2017-09-14 16:15 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2017-09-14 16:15 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
    2017-09-14 16:15 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2017-09-14 16:15 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
    2017-09-14 16:15 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
    2017-09-14 16:15 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
    2017-09-14 16:15 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
    2017-09-14 16:15 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
    2017-09-14 16:15 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2017-09-14 16:15 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2017-09-14 16:15 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
    2017-09-14 16:15 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
    2017-09-14 16:15 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
    2017-09-14 16:15 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
    2017-09-14 16:15 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
    2017-09-14 16:15 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
    2017-09-14 16:15 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2017-09-14 16:15 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
    2017-09-14 16:15 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
    2017-09-14 16:15 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
    2017-09-14 16:15 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
    2017-09-14 16:15 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2017-09-14 16:15 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2017-09-14 16:15 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2017-09-14 16:15 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2017-09-14 16:15 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2017-09-14 16:15 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2017-09-14 16:15 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2017-09-14 16:15 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2017-09-14 16:15 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
    2017-09-14 16:15 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2017-09-14 16:15 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
    2017-09-14 16:15 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
    2017-09-14 16:15 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
    2017-09-14 16:15 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
    2017-09-14 16:15 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2017-09-14 16:15 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
    2017-09-14 16:15 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2017-09-14 16:15 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
    2017-09-14 16:15 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
    2017-09-14 16:15 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
    2017-09-14 16:15 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
    2017-09-14 16:15 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2017-09-14 16:15 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2017-09-14 16:15 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2017-09-14 16:15 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2017-09-14 16:15 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
    2017-09-14 16:15 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2017-09-14 16:15 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2017-09-14 16:15 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
    2017-09-14 16:15 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
    2017-09-14 16:15 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2017-09-14 16:15 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
    2017-09-14 16:15 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2017-09-14 16:15 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
    2017-09-14 16:15 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2017-09-14 16:15 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
    2017-09-14 16:15 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
    2017-09-14 16:15 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2017-09-14 16:15 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
    2017-09-14 16:15 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2017-09-14 16:15 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2017-09-14 16:15 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2017-09-14 16:15 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2017-09-14 16:15 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2017-09-14 16:15 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
    2017-09-14 16:15 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
    2017-09-14 16:15 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
    2017-09-14 16:15 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
    2017-09-11 18:50 - 2017-09-11 19:00 - 000000000 ____D C:\Users\PoLo\Desktop\Markowitz
    2017-09-10 18:43 - 2017-09-10 18:43 - 000000000 ____D C:\Users\PoLo\Desktop\SSZ - okruhy
    2017-09-09 20:46 - 2017-09-09 20:46 - 000000000 ___RD C:\Program Files (x86)\Skype
    2017-09-09 20:46 - 2017-09-09 20:46 - 000000000 ____D C:\Users\PoLo\Tracing
    2017-09-09 20:46 - 2017-09-09 20:46 - 000000000 ____D C:\ProgramData\Skype
    2017-09-09 20:46 - 2017-09-09 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-10-05 07:38 - 2017-08-12 13:52 - 000000000 ____D C:\ProgramData\NVIDIA
    2017-10-03 15:23 - 2017-08-12 13:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2017-10-03 13:39 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2017-10-02 22:44 - 2017-08-12 13:53 - 000000000 ____D C:\Users\PoLo
    2017-10-02 21:48 - 2017-08-06 11:31 - 000000000 ____D C:\Program Files (x86)\Steam
    2017-10-02 18:33 - 2017-08-19 17:41 - 000000000 ____D C:\Users\PoLo\AppData\Roaming\CPUCores
    2017-10-02 12:58 - 2017-08-06 10:15 - 002293340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2017-10-02 12:58 - 2017-03-20 07:00 - 001013660 _____ C:\WINDOWS\system32\perfh005.dat
    2017-10-02 12:58 - 2017-03-20 07:00 - 000231078 _____ C:\WINDOWS\system32\perfc005.dat
    2017-10-02 12:51 - 2017-08-12 13:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2017-10-02 12:47 - 2017-03-18 13:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2017-10-02 12:45 - 2015-10-30 09:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
    2017-09-30 09:46 - 2017-08-06 10:02 - 000000000 ____D C:\Users\PoLo\AppData\Local\VirtualStore
    2017-09-29 09:38 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
    2017-09-29 09:38 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
    2017-09-29 00:24 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
    2017-09-28 18:00 - 2017-08-12 13:52 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-09-28 18:00 - 2017-08-07 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2017-09-27 14:17 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
    2017-09-25 22:07 - 2017-08-06 11:05 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-09-25 20:56 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
    2017-09-25 09:42 - 2017-08-12 13:52 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-09-25 09:36 - 2017-08-12 13:52 - 000000000 ____D C:\Program Files\NVIDIA Corporation
    2017-09-25 09:36 - 2017-08-06 10:15 - 000000000 ____D C:\temp
    2017-09-25 09:36 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Help
    2017-09-25 09:15 - 2017-08-12 13:58 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-09-25 09:15 - 2017-08-12 13:58 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-09-25 09:15 - 2017-08-12 13:58 - 000003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-09-25 09:15 - 2017-08-12 13:58 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-09-25 09:15 - 2017-08-12 13:58 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-09-25 09:15 - 2017-08-12 13:58 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-09-25 09:15 - 2017-08-12 13:58 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-09-25 09:15 - 2017-08-12 13:58 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2017-09-19 10:42 - 2017-08-06 11:09 - 000000000 ____D C:\Program Files\Microsoft Office
    2017-09-19 09:23 - 2017-08-07 22:46 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
    2017-09-19 09:23 - 2017-08-07 22:46 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
    2017-09-19 09:23 - 2017-08-07 22:46 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
    2017-09-19 09:23 - 2017-08-07 22:43 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
    2017-09-19 09:23 - 2017-08-07 22:43 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
    2017-09-19 09:23 - 2017-08-07 22:05 - 001923008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
    2017-09-19 09:23 - 2017-08-07 22:05 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
    2017-09-19 09:12 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2017-09-19 09:11 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
    2017-09-18 23:29 - 2017-08-07 09:43 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
    2017-09-18 08:57 - 2017-08-06 10:02 - 000000000 ____D C:\Users\PoLo\AppData\Local\Packages
    2017-09-18 08:56 - 2017-08-07 02:09 - 000000000 ____D C:\Users\PoLo\Heaven
    2017-09-14 16:29 - 2017-08-12 13:51 - 000383768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2017-09-14 16:29 - 2017-08-06 10:02 - 000000000 __RHD C:\Users\Public\AccountPictures
    2017-09-14 16:28 - 2017-03-20 07:00 - 000000000 ____D C:\WINDOWS\system32\cs
    2017-09-14 16:28 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
    2017-09-14 16:28 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12
    2017-09-14 16:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
    2017-09-14 16:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2017-09-14 16:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\setup
    2017-09-14 16:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2017-09-14 16:28 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
    2017-09-14 16:28 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2017-09-14 16:20 - 2017-08-06 10:28 - 000000000 ____D C:\WINDOWS\system32\MRT
    2017-09-14 16:19 - 2017-08-06 10:28 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2017-09-10 07:56 - 2017-08-06 10:06 - 000000000 ___RD C:\Users\PoLo\OneDrive
    2017-09-10 07:55 - 2017-08-12 14:02 - 000000000 ____D C:\Users\PoLo\AppData\Roaming\Skype
    2017-09-09 16:53 - 2017-08-06 11:34 - 000000000 ____D C:\Users\PoLo\AppData\Local\Steam
    2017-09-05 13:14 - 2017-08-12 13:58 - 000000000 ____D C:\WINDOWS\System32\Tasks\Games

    ==================== Files in the root of some directories =======

    2017-08-07 02:08 - 2017-08-07 20:51 - 000728064 _____ () C:\Users\PoLo\AppData\Local\file__0.localstorage
    2017-08-07 22:47 - 2017-08-07 22:47 - 000000017 _____ () C:\Users\PoLo\AppData\Local\resmon.resmoncfg

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2017-10-02 15:31

    ==================== End of FRST.txt ============================



Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 36920
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 05 říj 2017 10:12

(1) SAMSUNG HD103SJ
00000000239A Čas na roztočení ploten
Čas potřebný k roztočení ploten. S časem se zhoršuje, avšak poměrně pomalu. Náhlá změna značí poškození motorku otáčejícího plotny.

(2) KINGSTON SV300S37A240G
00000000000053 Unexpected Power Loss Count -- K tomuto problému může dojít z několika důvodů, jako jsou nekompatibilní nebo zastaralé ovladače, chybějící aktualizace, nesprávné nastavení plánu napájení apod.
https://answers.microsoft.com/en-us/win ... 48a?auth=1

00000000000001 Wear Range Delta
http://www.tomshardware.co.uk/answers/i ... delta.html
zadej si téma do sekce problém s HW.


Stáhni si a nainstaluj WhoCrashed
otevři ho a klikni na Analyze.
Program vytvoří zprávu , zkopíruj celou a vlož prosím sem.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
Task: {9024C307-2BAE-4CA7-8483-706642BD1D73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-06] (Google Inc.)
Task: {CC6E1787-0296-4DAD-A0EE-C1F5CF1A42E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-06] (Google Inc.)
Shortcut: C:\Users\PoLo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeX Live 2017\Uninstall TeX Live.lnk -> C:\texlive\2017\tlpkg\installer\uninst.bat (No File)
SearchScopes: HKU\S-1-5-21-3229655998-2220489892-3251086895-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

jakubpolo
Level 2
Level 2
Příspěvky: 217
Registrován: červen 10
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod jakubpolo » 05 říj 2017 12:17

  • Vytvořil jsem téma v sekci problém s HW. Od této chvíle mám ten disk řešit jen s nimi? Z těch odkazů, které jsi k daným problémům přiložil, nejsem schopen si sám s problémem poradit. Proto jsi mi poradil vložit to téma do problémů s HW?


  • Crash Dump Analysis
    --------------------------------------------------------------------------------

    Crash dump directory: C:\WINDOWS\Minidump

    Crash dumps are enabled on your computer.

    On Mon 02.10.2017 12:33:29 your computer crashed
    crash dump file: C:\WINDOWS\Minidump\100217-6359-01.dmp
    This was probably caused by the following module: aswmbr.sys (0xFFFFF801DA7295AE)
    Bugcheck code: 0xD1 (0xFFFFF801DD851010, 0xFF, 0x0, 0xFFFFF801DA7295AE)
    Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
    Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
    This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
    A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: aswmbr.sys .
    Google query: aswmbr.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL



    On Mon 02.10.2017 12:33:29 your computer crashed
    crash dump file: C:\WINDOWS\memory.dmp
    This was probably caused by the following module: aswmbr.sys (aswMBR+0x95AE)
    Bugcheck code: 0xD1 (0xFFFFF801DD851010, 0xFF, 0x0, 0xFFFFF801DA7295AE)
    Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
    Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
    This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
    A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: aswmbr.sys .
    Google query: aswmbr.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL



    On Mon 02.10.2017 12:32:16 your computer crashed
    crash dump file: C:\WINDOWS\Minidump\100217-7343-01.dmp
    This was probably caused by the following module: aswmbr.sys (0xFFFFF802F1CA95AE)
    Bugcheck code: 0xD1 (0xFFFFF802F1A51010, 0xFF, 0x0, 0xFFFFF802F1CA95AE)
    Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
    Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
    This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
    A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: aswmbr.sys .
    Google query: aswmbr.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL



    On Mon 02.10.2017 12:30:48 your computer crashed
    crash dump file: C:\WINDOWS\Minidump\100217-19046-01.dmp
    This was probably caused by the following module: aswmbr.sys (0xFFFFF80A31D895AE)
    Bugcheck code: 0xD1 (0xFFFFE280EB08E010, 0xFF, 0x0, 0xFFFFF80A31D895AE)
    Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
    Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
    This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
    A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: aswmbr.sys .
    Google query: aswmbr.sys DRIVER_IRQL_NOT_LESS_OR_EQUAL

    Pokud si dobře pamatuji, jedná se o ty crashe, které byly způsobeny použitím programu aswMBR, jinak mi PC nepadá. Problém s restartováním a vypínáním PC se zpožděním stále trvá.

  • FRST - fixlog
    Fix result of Farbar Recovery Scan Tool (x64) Version: 03-10-2017 01
    Ran by PoLo (05-10-2017 12:05:15) Run:1
    Running from C:\Users\PoLo\Desktop
    Loaded Profiles: PoLo (Available Profiles: PoLo)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    Start
    CloseProcesses:
    Task: {9024C307-2BAE-4CA7-8483-706642BD1D73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-06] (Google Inc.)
    Task: {CC6E1787-0296-4DAD-A0EE-C1F5CF1A42E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-06] (Google Inc.)
    Shortcut: C:\Users\PoLo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeX Live 2017\Uninstall TeX Live.lnk -> C:\texlive\2017\tlpkg\installer\uninst.bat (No File)
    SearchScopes: HKU\S-1-5-21-3229655998-2220489892-3251086895-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

    EmptyTemp:
    End
    *****************

    Processes closed successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9024C307-2BAE-4CA7-8483-706642BD1D73} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9024C307-2BAE-4CA7-8483-706642BD1D73} => key removed successfully
    C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC6E1787-0296-4DAD-A0EE-C1F5CF1A42E6} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC6E1787-0296-4DAD-A0EE-C1F5CF1A42E6} => key removed successfully
    C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
    C:\Users\PoLo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeX Live 2017\Uninstall TeX Live.lnk => moved successfully
    HKU\S-1-5-21-3229655998-2220489892-3251086895-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key removed successfully
    HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.

    =========== EmptyTemp: ==========

    BITS transfer queue => 7364608 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 35200350 B
    Java, Flash, Steam htmlcache => 174714751 B
    Windows/system/drivers => 728560 B
    Edge => 0 B
    Chrome => 806906364 B
    Firefox => 0 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Default => 0 B
    Users => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 128 B
    systemprofile32 => 0 B
    LocalService => 0 B
    NetworkService => 18468 B
    PoLo => 124000225 B

    RecycleBin => 4970975 B
    EmptyTemp: => 1.1 GB temporary data Removed.

    ================================


    The system needed a reboot.

    ==== End of Fixlog 12:05:30 ====

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 36920
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 05 říj 2017 19:04

Ano , proto sis zalořžil téma v té sekci.
aswMBR-- ten progam má evidentně problémy , nejsi sám.

Problém asi nebude s viry , pořeš to tam , pokud to nezabere , tak se sem vrať.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

jakubpolo
Level 2
Level 2
Příspěvky: 217
Registrován: červen 10
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod jakubpolo » 05 říj 2017 19:06

Dobře.
Zatím velmi děkuji za pomoc.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 36920
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 05 říj 2017 20:09

Zatím není zač!
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot], ransik a 6 hostů