satman
-
Postów
4 -
Dołączył
-
Ostatnia wizyta
Odpowiedzi opublikowane przez satman
-
-
Mam nadzieje ze nie popsulem, bo zmienilem tylko literki dysku, ale potem wpisalem tak samo jak bylo przed zmianą.
Z wierszem polecen jest to samo: system przetwarza kolejno i zatrzymuje sie w tym samym miejscu, zostaje ciemny ekran i strzalka myszki.
Raport frst, sorry jesli zle to wkleilem ale nie wiem jak to zrobic inaczej
System uruchomilem z pendriva, a nastepnie z wiersza polecen uruchomilem frst, mam nadzieje ze to poprawnie?
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-10-2014 01
Ran by SYSTEM on MININT-79IHHRB on 31-10-2014 21:04:41
Running from H:\
Platform: Windows 7 Ultimate (X86) OS Language: Polski (Polska)
Internet Explorer Version 11
Boot Mode: Recovery
The current controlset is ControlSet002
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2013-02-21] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Cloud Antivirus\PSUAMain.exe [37624 2014-05-06] (Panda Security, S.L.)
HKLM\...\Run: [Connectify Hotspot] => C:\Program Files\Connectify\Connectify.exe [3761952 2014-03-04] (Connectify)
HKLM\...\Run: [Connectify Dispatch] => C:\Program Files\Connectify\DispatchUI.exe [1672992 2014-03-04] (Connectify)
HKLM\...\InprocServer32: [Default-wbemess] ATTENTION! ====> ZeroAccess?
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess?
HKU\Bojo\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\Bojo\...\Run: [GoogleChromeAutoLaunch_BBE51B82B8CE451641DECCDC6B492FE5] => C:\Program Files\Google\Chrome\Application\chrome.exe [854344 2014-10-22] (Google Inc.)
HKU\Bojo\...\Run: [Google Update] => C:\Users\Bojo\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-15] (Google Inc.)
HKU\Bojo\...\Run: [Google+ Auto Backup] => C:\Users\Bojo\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-12] (Google Inc.)
HKU\Bojo\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 Connectify; C:\Program Files\Connectify\ConnectifyService.exe [487936 2014-03-04] (Connectify)
S2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242912 2014-09-11] (Foxit Software Inc.)
S2 HFGService; C:\Windows\System32\HFGService.dll [413696 2009-12-21] (CSR, plc)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 NanoServiceMain; C:\Program Files\Panda Cloud Antivirus\PSANHost.exe [141560 2014-05-05] (Panda Security, S.L.)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14652704 2013-11-14] (NVIDIA Corporation)
S4 OpenMceIrService; C:\Program Files\MceIrService\OpenMceIrServiceX86.exe [191488 2009-10-06] ()
S4 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-05-22] (Panda Security, S.L.)
S2 PSUAService; C:\Program Files\Panda Cloud Antivirus\PSUAService.exe [38136 2014-05-06] (Panda Security, S.L.)
S4 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [327680 2014-03-18] ()
S4 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [327064 2010-05-18] (Enigma Software Group USA, LLC.)
S4 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S2 c67abfdb; "C:\Windows\system32\rundll32.exe" "c:\progra~1\sw-boo~1\AssistantSvc.dll",service
S4 HPSLPSVC; C:\Users\Bojo\AppData\Local\Temp\7zS3F06\hpslpsvc32.dll [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc)
S3 APL531; C:\Windows\System32\Drivers\ov550i.sys [580992 2006-07-31] (Omnivision Technologies, Inc.)
S3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [105728 2013-03-26] (AVM Berlin)
S3 BthAudioHF; C:\Windows\System32\DRIVERS\BthAudioHF.sys [43008 2009-12-21] (CSR, plc)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
S1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [29672 2014-08-08] (Connectify)
S3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [61952 2009-12-21] (CSR, plc)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] ()
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [5248 2010-01-27] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] ()
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [65896 2013-07-12] (FTDI Ltd.)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [99840 2014-03-14] (Gemalto)
S3 ghsdiagMDM; C:\Windows\System32\DRIVERS\ghsdiagMDM.sys [106624 2011-11-28] (HS Incorporated)
S1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.)
S3 Jcae04_USBw32; C:\Windows\System32\Drivers\Jcae04_USBw32.sys [39080 2013-10-23] (JCAE)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
S1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [88992 2014-05-02] (Panda Security, S.L.)
S1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [166816 2014-05-02] (Panda Security, S.L.)
S1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110496 2014-05-02] (Panda Security, S.L.)
S1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [125216 2014-05-02] (Panda Security, S.L.)
S1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [96160 2014-05-02] (Panda Security, S.L.)
S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [61984 2014-05-02] (Panda Security, S.L.)
S1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [121888 2014-05-02] (Panda Security, S.L.)
S1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [288032 2014-05-02] (Panda Security, S.L.)
S1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [208800 2014-05-02] (Panda Security, S.L.)
S1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [109856 2014-05-02] (Panda Security, S.L.)
S1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [243872 2014-05-02] (Panda Security, S.L.)
S1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [96928 2014-05-02] (Panda Security, S.L.)
S2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [33568 2013-11-14] (NVIDIA Corporation)
S2 PIEUsb; C:\Windows\System32\Drivers\usbscan.sys [36352 2013-07-03] (Microsoft Corporation)
S2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [137760 2014-05-05] (Panda Security, S.L.)
S2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [103456 2014-05-05] (Panda Security, S.L.)
S1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [166432 2014-05-05] (Panda Security, S.L.)
S2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [112160 2014-05-05] (Panda Security, S.L.)
S2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [122912 2014-05-06] (Panda Security, S.L.)
S2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [98336 2014-05-05] (Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [48736 2014-03-25] (Panda Security, S.L.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15576 2013-03-08] ()
S3 Rockusb; C:\Windows\System32\DRIVERS\rockusb.sys [46096 2013-09-09] (Fuzhou Rockchip Electronics Co,Ltd.)
S3 rt70x86; C:\Windows\System32\DRIVERS\netr70.sys [306016 2010-04-27] (Ralink Technology Corp.)
S2 TVicHW32; C:\Windows\System32\Drivers\TVicHW32.sys [37136 2006-10-13] (EnTech Taiwan)
S3 udsstub; C:\Windows\System32\DRIVERS\udsstub.sys [16000 2012-06-18] (SysNucleus)
S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [113432 2010-10-18] (ZTE Incorporated)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 massfilter; system32\DRIVERS\massfilter.sys [X]
S1 MoboroboAssDriver; system32\drivers\MoboroboAssDriver.sys [X]
S3 pwdspio; \??\C:\Windows\system32\pwdspio.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 TJUSBDEV; System32\Drivers\TJUSBDEV.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-31 21:03 - 2014-10-31 21:04 - 00000000 ____D () C:\FRST
2014-10-30 17:05 - 2014-10-30 23:46 - 00000000 ____D () C:\Users\Bojo\AppData\Roaming\Kodi
2014-10-30 17:00 - 2014-10-30 17:01 - 00000000 ____D () C:\Program Files\Kodi
2014-10-27 23:45 - 2014-10-27 23:45 - 18516250 _____ () C:\Users\Bojo\Documents\DSC_9719.tif
2014-10-27 23:02 - 2014-10-27 23:04 - 00000000 ____D () C:\xampp
2014-10-27 22:35 - 2014-10-27 23:50 - 00000000 ____D () C:\Users\Bojo\.negfix8
2014-10-27 22:32 - 2013-09-11 12:41 - 00008625 _____ () C:\Windows\negfix8.cmd
2014-10-27 22:07 - 2014-10-27 22:24 - 00000000 ____D () C:\Program Files\ImageMagick-6.8.9-Q16
2014-10-27 22:07 - 2014-10-27 22:07 - 00001933 _____ () C:\Users\Bojo\Desktop\ImageMagick Display.lnk
2014-10-27 01:06 - 2014-10-27 02:05 - 00000000 ____D () C:\Program Files\VueScan
2014-10-27 01:06 - 2014-10-27 01:22 - 00000939 _____ () C:\Users\Public\Desktop\VueScan x32.lnk
2014-10-27 01:01 - 2014-10-27 01:01 - 00000000 ____D () C:\Users\Bojo\AppData\Roaming\Thinstall
2014-10-27 01:01 - 2014-10-27 01:01 - 00000000 ____D () C:\Users\Bojo\AppData\Local\Thinstall
2014-10-25 20:02 - 2014-10-25 20:02 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-10-25 14:32 - 2006-10-12 23:00 - 00044544 _____ (SEIKO EPSON CORP.) C:\Windows\System32\escwiab.dll
2014-10-25 14:20 - 2014-10-25 14:20 - 00000000 ____D () C:\EPSON
2014-10-24 11:49 - 2014-10-24 13:09 - 00001168 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk
2014-10-19 20:23 - 2014-10-27 22:41 - 00000000 ____D () C:\Users\Bojo\AppData\Temp
2014-10-19 20:23 - 2014-10-19 20:23 - 00000000 ____D () C:\Users\Bojo\AppData\Local\ArcSoft
2014-10-19 20:22 - 2014-10-19 20:22 - 00000000 ____D () C:\ProgramData\ArcSoft
2014-10-19 20:21 - 2014-10-28 00:11 - 00000000 ____D () C:\Users\Bojo\AppData\Roaming\ArcSoft
2014-10-19 20:21 - 2014-10-28 00:11 - 00000000 ____D () C:\Program Files\Common Files\ArcSoft
2014-10-19 20:21 - 2006-11-10 14:05 - 00018688 _____ (Arcsoft, Inc.) C:\Windows\System32\Drivers\afc.sys
2014-10-19 20:21 - 1995-08-01 03:44 - 00212480 _____ (Eastman Kodak) C:\Windows\PCDLIB32.DLL
2014-10-19 20:19 - 2014-10-19 20:19 - 00000000 ____D () C:\Windows\OvtCam
2014-10-19 20:19 - 2014-10-19 20:19 - 00000000 ____D () C:\Windows\OVT
2014-10-19 20:19 - 2014-10-19 20:19 - 00000000 ____D () C:\Program Files\OVT
2014-10-19 09:26 - 2014-10-26 09:53 - 00004460 _____ () C:\Windows\PFRO.log
2014-10-19 00:08 - 2014-10-19 00:08 - 00000000 ____D () C:\Users\Bojo\.appwork
2014-10-18 23:46 - 2014-10-18 23:46 - 00000000 ____D () C:\Users\Administrator.Bojo-Laptop\AppData\Roaming\SumatraPDF
2014-10-18 19:11 - 2014-10-18 19:14 - 00000000 ____D () C:\Users\Bojo\AppData\Local\Adobe
2014-10-18 18:24 - 2014-10-31 12:38 - 00053185 _____ () C:\Windows\setupact.log
2014-10-18 18:24 - 2014-10-18 18:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-17 00:00 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-10-16 23:59 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-10-16 23:59 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-10-16 23:59 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-10-16 23:59 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-10-16 23:59 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-10-16 23:59 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-10-16 23:59 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-10-16 23:59 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-10-16 23:59 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-10-16 23:59 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-10-16 23:59 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-10-16 23:59 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-10-16 23:59 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-10-16 23:59 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-10-16 23:59 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-10-16 23:59 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-10-16 23:59 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-10-16 23:59 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-10-16 23:59 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-10-16 23:59 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-10-16 23:59 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-10-16 23:59 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-10-16 23:59 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-10-16 23:59 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-10-16 23:59 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-10-16 23:59 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-10-16 23:59 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-10-16 23:59 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-10-16 23:59 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-10-16 23:59 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-10-16 23:59 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\System32\rastls.dll
2014-10-16 23:59 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-10-16 23:59 - 2014-08-29 02:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2014-10-16 23:59 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2014-10-16 23:59 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2014-10-16 23:59 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2014-10-16 23:59 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\System32\dfshim.dll
2014-10-16 23:59 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\System32\mscorier.dll
2014-10-16 23:59 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\System32\mscories.dll
2014-10-16 23:58 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2014-10-16 23:58 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\packager.dll
2014-10-16 23:58 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\System32\winsta.dll
2014-10-16 23:58 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\System32\termsrv.dll
2014-10-16 23:58 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2014-10-16 23:58 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2014-10-16 23:58 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2014-10-16 23:58 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2014-10-16 23:58 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2014-10-16 23:58 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2014-10-15 20:53 - 2014-10-15 20:53 - 00065272 _____ () C:\Users\Administrator.Bojo-Laptop\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-15 20:53 - 2014-10-15 20:53 - 00000000 ____D () C:\Users\Administrator.Bojo-Laptop\AppData\Roaming\Panda Security
2014-10-15 20:53 - 2014-10-15 20:53 - 00000000 ____D () C:\Users\Administrator.Bojo-Laptop\AppData\Roaming\Adobe
2014-10-15 20:52 - 2014-10-15 20:53 - 00000000 ____D () C:\Users\Administrator.Bojo-Laptop\AppData\Local\Google
2014-10-15 20:52 - 2014-10-15 20:53 - 00000000 ____D () C:\users\Administrator.Bojo-Laptop
2014-10-15 20:52 - 2014-10-15 20:52 - 00000020 ___SH () C:\Users\Administrator.Bojo-Laptop\ntuser.ini
2014-10-15 20:52 - 2014-10-15 20:52 - 00000000 _SHDL () C:\Users\Administrator.Bojo-Laptop\Ustawienia lokalne
2014-10-15 20:52 - 2014-10-15 20:52 - 00000000 _SHDL () C:\Users\Administrator.Bojo-Laptop\Szablony
2014-10-15 20:52 - 2014-10-15 20:52 - 00000000 _SHDL () C:\Users\Administrator.Bojo-Laptop\Moje dokumenty
2014-10-15 20:52 - 2014-10-15 20:52 - 00000000 _SHDL () C:\Users\Administrator.Bojo-Laptop\Menu Start
2014-10-15 20:52 - 2014-10-15 20:52 - 00000000 _SHDL () C:\Users\Administrator.Bojo-Laptop\Documents\Moje wideo
2014-10-15 20:52 - 2014-10-15 20:52 - 00000000 _SHDL () C:\Users\Administrator.Bojo-Laptop\Documents\Moje obrazy
2014-10-15 20:52 - 2014-10-15 20:52 - 00000000 _SHDL () C:\Users\Administrator.Bojo-Laptop\Documents\Moja muzyka
2014-10-15 20:52 - 2014-10-15 20:52 - 00000000 _SHDL () C:\Users\Administrator.Bojo-Laptop\Dane aplikacji
2014-10-15 20:52 - 2014-10-15 20:52 - 00000000 _SHDL () C:\Users\Administrator.Bojo-Laptop\AppData\Local\Historia
2014-10-15 20:52 - 2014-10-15 20:52 - 00000000 _SHDL () C:\Users\Administrator.Bojo-Laptop\AppData\Local\Dane aplikacji
2014-10-15 20:52 - 2014-02-24 21:06 - 00000000 ____D () C:\Users\Administrator.Bojo-Laptop\AppData\Roaming\Macromedia
2014-10-15 20:52 - 2013-02-21 16:41 - 00001097 _____ () C:\Users\Administrator.Bojo-Laptop\Desktop\CyberLink YouCam.lnk
2014-10-10 22:30 - 2014-10-25 14:24 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-09 21:10 - 2014-10-09 21:10 - 00000000 ____D () C:\Program Files\WinPcap
2014-10-05 20:40 - 2014-09-16 22:26 - 00000338 _____ () C:\PhoneManageru_20140916232638.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-31 17:23 - 2014-05-10 17:49 - 00000069 ____N () C:\spyhunter.log
2014-10-31 16:08 - 2014-08-06 18:56 - 02025154 _____ () C:\Windows\WindowsUpdate.log
2014-10-31 02:04 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\System32\LogFiles
2014-10-31 01:05 - 2014-06-13 20:33 - 00000000 ____D () C:\Users\Bojo\AppData\Roaming\DMCache
2014-10-31 00:09 - 2014-09-05 23:14 - 00000000 ____D () C:\Program Files\YoutuubeAdBlockE
2014-10-30 22:29 - 2013-06-03 19:47 - 00000000 ____D () C:\Download
2014-10-30 22:03 - 2014-07-27 09:22 - 00000000 ____D () C:\Users\Bojo\AppData\Roaming\vlc
2014-10-30 21:32 - 2013-03-07 12:15 - 00000000 ____D () C:\Users\Bojo\AppData\Roaming\XBMC
2014-10-30 17:02 - 2013-07-27 23:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-30 16:44 - 2013-02-21 16:40 - 01670518 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-10-30 16:44 - 2009-07-14 09:07 - 00740672 _____ () C:\Windows\System32\perfh015.dat
2014-10-30 16:44 - 2009-07-14 09:07 - 00156214 _____ () C:\Windows\System32\perfc015.dat
2014-10-29 22:30 - 2013-02-22 00:28 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-29 22:28 - 2013-02-21 19:29 - 00000000 ____D () C:\Program Files\Google
2014-10-29 15:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\System32\NDF
2014-10-28 00:11 - 2013-02-21 16:37 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-27 22:35 - 2013-02-21 16:29 - 00000000 ____D () C:\users\Bojo
2014-10-27 22:25 - 2009-07-14 05:34 - 00020224 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-27 22:25 - 2009-07-14 05:34 - 00020224 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-27 16:54 - 2013-03-07 12:12 - 00000000 ____D () C:\Program Files\XBMC
2014-10-27 01:22 - 2014-09-25 22:46 - 00059968 _____ () C:\Windows\DPINST.LOG
2014-10-27 01:06 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\twain_32
2014-10-26 00:37 - 2013-02-23 11:57 - 00000000 ____D () C:\Users\Bojo\AppData\Roaming\GG
2014-10-25 20:02 - 2009-07-14 03:37 - 00000000 ___RD () C:\users\Public
2014-10-25 14:32 - 2014-01-05 14:09 - 00000940 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-10-25 14:27 - 2014-09-05 23:14 - 00000000 ____D () C:\ProgramData\YoutuubeAdBlockE
2014-10-25 14:26 - 2014-07-22 21:09 - 00000000 ____D () C:\Program Files\TomTom International B.V
2014-10-25 14:26 - 2013-04-13 09:28 - 00000000 ____D () C:\Program Files\VistaStumbler
2014-10-25 14:25 - 2014-09-16 22:14 - 00000000 ____D () C:\Program Files\VROOT
2014-10-25 14:23 - 2014-08-18 22:44 - 00000000 ____D () C:\Users\Bojo\AppData\Local\Kolor
2014-10-25 08:47 - 2013-02-21 18:23 - 00000000 ____D () C:\Program Files\Panda Cloud Antivirus
2014-10-25 08:46 - 2014-09-05 23:16 - 00000000 ____D () C:\Program Files\SW-Booster
2014-10-24 13:10 - 2013-11-20 00:29 - 10257920 _____ () C:\Program Files\Common Files\lpuninstall.exe
2014-10-24 13:10 - 2013-08-15 10:53 - 00000000 ____D () C:\Program Files\LastPass
2014-10-23 18:57 - 2014-08-08 19:21 - 00000000 ____D () C:\Users\Bojo\AppData\Roaming\Azureus
2014-10-21 20:04 - 2013-02-23 11:05 - 00000000 ____D () C:\Users\Bojo\AppData\Roaming\Skype
2014-10-21 20:04 - 2013-02-23 11:05 - 00000000 ____D () C:\ProgramData\Skype
2014-10-20 01:16 - 2014-02-24 21:06 - 00000000 ____D () C:\Program Files\Adobe
2014-10-20 01:15 - 2013-02-21 16:41 - 00000000 ____D () C:\ProgramData\Temp
2014-10-19 20:45 - 2009-07-14 03:04 - 00000812 _____ () C:\Windows\win.ini
2014-10-19 17:16 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-19 09:28 - 2013-06-15 21:20 - 00000000 ____D () C:\Program Files\AutoMapa EU
2014-10-19 00:09 - 2013-06-15 07:27 - 00000000 ____D () C:\Users\Bojo\AppData\Local\JDownloader v2.0
2014-10-18 23:52 - 2014-01-10 17:41 - 00000000 ____D () C:\Scan
2014-10-18 01:16 - 2014-06-13 20:33 - 00000000 ____D () C:\Users\Bojo\AppData\Roaming\IDM
2014-10-17 16:56 - 2013-07-21 23:56 - 00000000 ____D () C:\Program Files\Connectify
2014-10-17 16:55 - 2009-07-14 05:33 - 00328992 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-10-17 16:53 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\System32\pl-PL
2014-10-17 01:15 - 2013-07-15 18:20 - 00000000 ____D () C:\Windows\System32\MRT
2014-10-17 01:07 - 2013-02-22 10:46 - 100290944 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-10-09 20:17 - 2014-09-24 22:56 - 00000000 ____D () C:\MTK Droid Tools 2.5.3
2014-10-08 20:04 - 2014-03-08 10:21 - 00002505 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-10-08 20:04 - 2013-03-31 17:53 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-10-08 20:04 - 2013-02-23 11:05 - 00000000 ___RD () C:\Program Files\Skype
2014-10-04 21:56 - 2013-02-23 11:57 - 00000000 ____D () C:\Users\Bojo\AppData\Local\GG
2014-10-02 14:53 - 2013-02-21 18:15 - 00231568 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
Files to move or delete:
====================
C:\ProgramData\ISTask.dll
Some content of TEMP:
====================
C:\Users\Bojo\AppData\Local\Temp\i4jdel0.exe
C:\Users\Bojo\AppData\Local\Temp\mpegc.dll
C:\Users\Bojo\AppData\Local\Temp\proxy_vole6150049770773461321.dll
C:\Users\Bojo\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Bojo\AppData\Local\Temp\vsdel.exe
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe
[2014-10-16 23:58] - [2014-07-17 02:39] - 0304128 ____A (Microsoft Corporation) 52449FD429D6053B78AE564DEF303870
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points =========================
Restore point made on: 2014-10-27 10:24:24
==================== Memory info ===========================
Percentage of memory in use: 13%
Total physical RAM: 3956.55 MB
Available physical RAM: 3424.92 MB
Total Pagefile: 3954.82 MB
Available Pagefile: 3435.86 MB
Total Virtual: 2047.88 MB
Available Virtual: 1947.18 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:79.12 GB) (Free:22.38 GB) NTFS
Drive e: (DATA) (Fixed) (Total:203.87 GB) (Free:15.51 GB) NTFS
Drive f: (RECOVERY) (Fixed) (Total:15 GB) (Free:0.66 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive h: (MINI_SD) (Removable) (Total:1.83 GB) (Free:1.83 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: CC5F9E61)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=79.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=203.9 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1.8 GB) (Disk ID: CAD4EBEA)
Partition 00: (Active) - (Size=0) - (Type=00) ATTENTION ===> 0 byte partition bootkit.
Partition 3: (Not Active) - (Size=1.8 GB) - (Type=06)
LastRegBack: 2014-10-26 10:42
==================== End Of Log ============================
-
-
Witam, wczoraj system zamknal sie, po czym nie mam juz mozliwosci jego uruchomienia. Punkt odzyskiwania, recovery - nic nie pomaga. Poczatkowo startuje normalnie - do napisu ur4uchamianie systemu windows, po czym napis znika i pozostaje kursor na ciemnym tle reagujacy na ruchy na touchpadzie.
Gdy probowalem uruchomic recovery mialem dostep do okienka polecen i udalo mi sie sprawdzic zawartosc poszczegolnych partycji i sie zdziwilem, bo system zostal przeniesiony z partycji C: na D:, a dane ktore miałem na D: - są na E:
Uruchomilem z pendriva Kaspersky Resque Disk, a tam wszystko wyglada normalnie: C: to C:, a D: to D:. Mimo to postanowilem zmienic w rejestrach DosDevices wg TEGO opisu, ale nic to nie dalo.
Po calym dniu walki poddaje sie i prosze o pomoc.
System nie uruchamia sie - Uruchamianie systemu Windows + ciemny ekran
w Windows 7
Opublikowano
Wlasciwie to nic nie zrobilem w sensie naprawy, zmiany. Przywracanie systemu nie zadzialalo, nie pamietam szczegółów, ale cos w sensie, że nie można przywrocic systemu.
(Acer recovery jest dla mnie zupelnie dziwne, bo laptop to samsung, a zadnego Acera nie mam i nie mialem)
Sprawdzilem dysk chkdsk /f /r - zadnych błędów, uszkodzonych sektorów.
Jedyne co mi przychodzi do głowy to taka sytuacja: zainstalowałem nową wersję Kodi (w wersji alpha - Multimedia Center). W opcjach chcialem ustawic zeroconfig ale nie mogłem jej aktywować. I mam wrażenie, że wtedy komputer zwolnił i o ile sie nie mylę zaraz potem zaczął się sam zamykać i potem już nie dało się go uruchomić.
Nie jestem tego pewny na 100%, bo robiłem jednoczesnie kilka rzeczy, ale gdy w FRST zobaczylem wpis o zerokonfig to mi sie przypomniala ta sytuacja.
Może to jest jakiś trop?
W jaki sposob moge usunąć z rejestru dwa wpisy z adnotacją: Atention! Może to one powodują problemy?