Opakovaná modrá smrt po náběhu ntb

[duff74]

Další log ComboFix:


ComboFix 12-01-13.03 - david 13.01.2012 22:11:15.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.959.343 [GMT 1:00]
Spuštěný z: c:\documents and settings\david\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\david\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-13 do 2012-01-13 )))))))))))))))))))))))))))))))
.
.
2012-01-11 08:36 . 2012-01-11 08:36 -------- d-----w- c:\program files\HD Tune
2012-01-08 10:00 . 2012-01-08 10:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\nView_Profiles
2012-01-06 20:15 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-01-06 20:15 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-01-06 20:15 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-01-06 20:15 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-01-06 20:15 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-01-06 20:15 . 2011-11-28 17:52 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-01-06 20:15 . 2011-11-28 17:51 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-01-06 20:15 . 2011-11-28 17:48 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-01-06 20:14 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2012-01-06 20:14 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
2012-01-06 20:14 . 2012-01-06 20:14 -------- d-----w- c:\program files\AVAST Software
2012-01-06 20:14 . 2012-01-06 20:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2012-01-06 18:32 . 2012-01-06 18:32 -------- d-----w- c:\program files\FinalWire
2012-01-04 20:20 . 2012-01-04 20:21 -------- d-----w- c:\windows\Symbols
2012-01-04 19:49 . 2012-01-05 18:52 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2012-01-04 19:16 . 2012-01-04 19:16 -------- d-----w- c:\program files\Microsoft SDKs
2012-01-04 11:01 . 2012-01-05 19:29 -------- d-----w- c:\program files\WhoCrashed
2012-01-03 20:10 . 2012-01-03 20:10 -------- d-----w- c:\program files\Common Files\Java
2012-01-03 20:08 . 2012-01-03 20:08 637848 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-01-03 19:46 . 2012-01-03 19:46 -------- d-----w- c:\program files\FileHippo.com
2012-01-03 16:46 . 2012-01-03 16:46 -------- d-----w- C:\rsit
2012-01-01 12:17 . 2012-01-01 12:17 -------- d-----w- c:\documents and settings\david\Local Settings\Data aplikací\Unity
2011-12-31 13:13 . 2011-12-31 13:13 -------- d-----w- c:\documents and settings\david\Data aplikací\Malwarebytes
2011-12-31 13:13 . 2011-12-31 13:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-12-31 13:13 . 2011-12-31 13:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-31 13:13 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-30 17:50 . 2011-12-30 19:57 -------- d-----w- c:\documents and settings\david\Local Settings\Data aplikací\eSupport.com
2011-12-30 17:44 . 2011-12-30 17:44 -------- d-----w- c:\program files\Lavalys
2011-12-28 19:03 . 2011-12-28 19:08 -------- d-----w- c:\documents and settings\david\Data aplikací\HPAppData
2011-12-28 19:00 . 2011-12-28 19:00 -------- d-----w- C:\NVIDIA
2011-12-28 18:48 . 2011-12-28 18:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PC Drivers HeadQuarters
2011-12-28 18:23 . 2011-12-28 18:23 -------- dc-h--w- c:\documents and settings\All Users\Data aplikací\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2011-12-28 17:38 . 2011-12-28 17:38 -------- d-----w- c:\documents and settings\All Users\Uniblue
2011-12-28 16:51 . 2011-12-28 16:51 -------- d-----w- c:\documents and settings\david\Data aplikací\AVG Secure Search
2011-12-28 16:48 . 2011-12-28 16:48 -------- d-----w- c:\documents and settings\david\Data aplikací\AVG2012
2011-12-28 16:46 . 2012-01-06 20:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG2012
2011-12-21 19:44 . 2011-12-21 19:44 -------- d-----w- c:\documents and settings\NetworkService\Data aplikací\McAfee
2011-12-21 11:51 . 2011-12-21 11:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee
2011-12-21 10:35 . 2012-01-04 10:47 -------- d-----w- c:\program files\trend micro
2011-12-21 00:02 . 2011-12-21 00:02 4448256 ----a-w- c:\windows\system32\GPhotos.scr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-03 20:08 . 2011-10-14 13:00 567184 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-03 20:08 . 2011-10-14 13:00 141312 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-25 21:57 . 2006-03-02 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2006-03-02 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 2006-03-02 12:00 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-04 19:13 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 15:29 . 2006-03-02 12:00 386560 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:29 . 2006-03-02 12:00 1294848 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07 . 2006-03-02 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2006-03-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2006-03-02 12:00 2194944 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 10:50 . 2004-08-17 15:45 2071552 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2006-03-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-27 7561216]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"nwiz"="nwiz.exe" [2006-04-27 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-04-27 86016]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKLM\~\startupfolder\C:^Documents and Settings^david^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=c:\documents and settings\david\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 10:43 69632 -c----r- c:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2006-06-02 10:58 176128 -c--a-r- c:\program files\Apoint2K\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2010-12-05 10:49 47672 ----a-w- c:\windows\AsScrProlog.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 07:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-04-27 09:48 7561216 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-04-27 09:48 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-04-27 09:48 1519616 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 19:24 32768 -c--a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-08-14 06:00 16050176 -c----r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-06-15 13:02 15141768 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04 2879488 -c----r- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2006-08-07 05:11 573440 -c--a-w- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\{59C83C08-63F4-4AEC-81D6-392C5E23B843}\\setup\\hpznui01.exe"=
"c:\\Program Files\\Aspyr Media, Inc\\THAW\\Game\\THAW.exe"=
"c:\\Program Files\\Windows jZip Toolbar\\Datamngr\\ToolBar\\dtUser.exe"=
"c:\\Program Files\\Aspyr Media, Inc\\THAW\\Game\\THAW-THEMOD.exe"=
"c:\\Documents and Settings\\david\\Local Settings\\Data aplikací\\Akamai\\netsession_win.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31.7.2011 16:42 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [6.1.2012 21:15 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [6.1.2012 21:15 314456]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [2.3.2006 13:00 14336]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6.1.2012 21:15 20568]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [31.12.2011 14:13 652872]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [31.12.2011 14:13 20464]
R3 SynMini;ASUS WebCam, 1.3M, USB2.0, FF;c:\windows\system32\drivers\SynMini.sys [5.12.2010 10:30 841110]
R3 SynScan;ASUS WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [5.12.2010 10:30 8278]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [22.9.2011 14:47 15896]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
S4 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [22.12.2010 10:07 136176]
S4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [22.12.2010 10:07 136176]
S4 TicnoSearch;TicnoSearch;c:\documents and settings\david\Plocha\Ticno\Multibar\SearchService.exe --> c:\documents and settings\david\Plocha\Ticno\Multibar\SearchService.exe [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
Akamai REG_MULTI_SZ Akamai
HPService REG_MULTI_SZ HPSLPSVC
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-22 09:07]
.
2012-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-22 09:07]
.
2012-01-13 c:\windows\Tasks\User_Feed_Synchronization-{09596058-AFE4-4E96-BCBC-25398BD92733}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 10.27.5.5
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-13 22:25
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_b427739.dll"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1688)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2012-01-13 22:29:31
ComboFix-quarantined-files.txt 2012-01-13 21:29
ComboFix2.txt 2012-01-13 20:06
.
Před spuštěním: Volných bajtů: 47 040 176 128
Po spuštění: Volných bajtů: 47 020 822 528
.
- - End Of File - - 3917165979ABB221E5BE751529CDA603

[duff74]

Dnes ráno po 10 min. po zapnutí opět pád, viz screen:

IMG_20120114_082720.jpg (81.77 KiB) Zobrazeno 1588 x

[Roli]

Nevím proč ComboFix zbytky po AVG nesmáznul tak to uděláme jinak.

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
c:\*.tmp
c:\WINDOWS\System32\*.tmp
c:\WINDOWS\*.tmp
c:\documents and settings\david\Data aplikací\AVG Secure Search
c:\documents and settings\david\Data aplikací\AVG2012
c:\documents and settings\All Users\Data aplikací\AVG2012
c:\documents and settings\NetworkService\Data aplikací\McAfee
c:\documents and settings\All Users\Data aplikací\McAfee

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\


PLUS mi sem dej výpis z Debugging Tools For Windows

[duff74]

ahoj, operace s T-Cleanerem probéhla úspěšně a s OTMovelt na třetí pokus nekonec taky :


All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder c:\*.tmp not found.
c:\WINDOWS\System32\ConduitEngine.tmp moved successfully.
c:\WINDOWS\System32\CONFIG.TMP moved successfully.
c:\WINDOWS\002582_.tmp moved successfully.
c:\WINDOWS\msdownld.tmp folder moved successfully.
c:\WINDOWS\NV112208.TMP folder moved successfully.
c:\WINDOWS\SET21.tmp moved successfully.
c:\WINDOWS\SET3.tmp moved successfully.
c:\WINDOWS\SET4.tmp moved successfully.
c:\WINDOWS\SET8.tmp moved successfully.
c:\documents and settings\david\Data aplikací\AVG Secure Search\cache folder moved successfully.
c:\documents and settings\david\Data aplikací\AVG Secure Search folder moved successfully.
c:\documents and settings\david\Data aplikací\AVG2012\cfgall folder moved successfully.
c:\documents and settings\david\Data aplikací\AVG2012 folder moved successfully.
c:\documents and settings\All Users\Data aplikací\AVG2012\scanlogs folder moved successfully.
c:\documents and settings\All Users\Data aplikací\AVG2012\log folder moved successfully.
c:\documents and settings\All Users\Data aplikací\AVG2012\Dumps folder moved successfully.
c:\documents and settings\All Users\Data aplikací\AVG2012\cfgall folder moved successfully.
c:\documents and settings\All Users\Data aplikací\AVG2012\Cfg folder moved successfully.
c:\documents and settings\All Users\Data aplikací\AVG2012 folder moved successfully.
c:\documents and settings\NetworkService\Data aplikací\McAfee\sacore folder moved successfully.
c:\documents and settings\NetworkService\Data aplikací\McAfee folder moved successfully.
c:\documents and settings\All Users\Data aplikací\McAfee\MCLOGS\SecurityScanner\McUICnt folder moved successfully.
c:\documents and settings\All Users\Data aplikací\McAfee\MCLOGS\SecurityScanner folder moved successfully.
c:\documents and settings\All Users\Data aplikací\McAfee\MCLOGS\PartnerCustom\SSScheduler folder moved successfully.
c:\documents and settings\All Users\Data aplikací\McAfee\MCLOGS\PartnerCustom\McUICnt folder moved successfully.
c:\documents and settings\All Users\Data aplikací\McAfee\MCLOGS\PartnerCustom\McCHSvc folder moved successfully.
c:\documents and settings\All Users\Data aplikací\McAfee\MCLOGS\PartnerCustom folder moved successfully.
c:\documents and settings\All Users\Data aplikací\McAfee\MCLOGS\McUICnt\McUICnt folder moved successfully.
c:\documents and settings\All Users\Data aplikací\McAfee\MCLOGS\McUICnt folder moved successfully.
c:\documents and settings\All Users\Data aplikací\McAfee\MCLOGS\Common\McCHSvc folder moved successfully.
c:\documents and settings\All Users\Data aplikací\McAfee\MCLOGS\Common folder moved successfully.
c:\documents and settings\All Users\Data aplikací\McAfee\MCLOGS folder moved successfully.
c:\documents and settings\All Users\Data aplikací\McAfee folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: david
->Temp folder emptied: 4402 bytes
->Temporary Internet Files folder emptied: 1539947 bytes
->Java cache emptied: 854017 bytes
->FireFox cache emptied: 54943208 bytes
->Google Chrome cache emptied: 7926401 bytes
->Flash cache emptied: 615 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Google Chrome cache emptied: 6209888 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 39594 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 68,00 mb


OTM by OldTimer - Version 3.1.19.0 log created on 01152012_090345

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_23c.dat not found!

Registry entries deleted on Reboot...

---------------------------------------------------------------------------------------------------------------------

Debugging Tools for Windows (pokud si myslel zrovna toto):

Microsoft(R) Debugging Tools for Windows(R)
Version 6.10 Release Notes
August 2008

-----------------------------------------------------------------------------

Contents

Overview
What's New
Known Issues
Programs
Debugger Extensions
Software Development Samples
Documentation
Redistributables
More Information
Feedback

-----------------------------------------------------------------------------

Overview

Debugging Tools for Windows contains tools to analyze and debug Windows,
Windows drivers, and applications. It can analyze memory dump files or
perform live debugging.

The kernel debugger is KD.exe. It can be installed and run on Windows XP and
later versions. It can debug all the platforms listed below.

The user-mode debugger is CDB.exe. It can be installed and used on Windows XP
and later versions. It can be used to debug 32-bit X86 applications.

WinDbg.exe is the GUI version of the debugger. It supports both user-mode
and kernel-mode debugging. It can be installed and run on Windows XP and
later versions. It can debug all the platforms listed below.

Supported platforms:

Windows 2000 (x86)
Windows XP (All CPU architectures)
Windows Server 2003 (All CPU architectures)
Windows Vista (All CPU architectures)
Windows 2008 Server (All CPU architectures)

Please be aware that while you may run the 32-bit version of the debugging
tools on an 64-bit installation, the inverse is not supported.

-----------------------------------------------------------------------------

What's New

This release of Debugging Tools for Windows contains many bug fixes and new
enhancements. The debuggers are stable and more reliable than previous
releases and we recommend that you upgrade to this version.

*** 1394 Kernel Debugging Changes ***

This debugger has changes to improve 1394 debugging that require that the
1394 debug driver shipped with this release be installed on the host machine.
There are many improvements that have been made in the 1394 debug driver
including changes to allow all 1394 cards to work in target machines.
In addition, automatic reconnect to broken in targets was added for 1394.
This release of the debugger will not work well for 1394 kernel debugging if
it calls an old version of the driver from a previous release. The debugger
will check whether the 1394 driver is new enough, and if not, will install
the latest driver when 1394 debugging is started. There are 2 older versions
of the driver that will not get upgraded by this process. They are named
1394dbg1.sys and 1394dbg2.sys. They should be removed manually from the
system if required. An explanation of how to do this is contained in the
known issues section. It is extremely important that users do not attempt
to prevent the upgrade to the latest 1394 driver, as 1394 kernel debugging
may not work AT ALL if the latest driver is not installed. Make sure if
you are prompted to reboot the machine during driver install, that you reboot
before attempting to do 1394 kernel debugging. To prevent having to reboot
your host, make sure that all instances of the debugger that are doing 1394
kernel debugging are closed before running this release of the debugger.

Important changes in WinDbg 6.10:

* CE6 dump processing now works.
* NT4 no longer supported.
* Enable installation of the USB debug driver on 64bit versions of Windows.
* Install USBView.exe as part of the debugger package.
* Enable use of any 1394 cards in target machines.
* Improve 1394 debug driver reliability, responsiveness and performance.
* Improve error messages for specific 1394 driver installation failures.
* Prevent loss of 1394 debug connections after host sleep or hibernate.
* Change the 1394 debug driver to write every sent packet to the target
regardless of whether the previously sent packet was acknowleged.
* Ensure the installed 1394 debug driver is new enough to work properly with
the current release of the debugger. (Update the 1394 driver to the
version shipped in this debugger package.)
* Automatically reconnect to broken in target machines when doing 1394
kernel debugging.
* Introduce new ".dump /mA ..." option to generate user-mode minidump.
The new behaiour is the same as ".dump /ma" except that it will ignore
inacessable memory read failure and continue minidump generation,
instead of bailing out immediately.
* Add CHK/FRE information in user-mode minidump. Only dumps generated from
the new debugger will carry this information.
* Include breakpoint exception in user-mode minidump when the dump is
generated after a breakpoint hits. This enables debugger to show the
current process/thread information when debugging a dump file.
* Fix debugger hang when writing lsass dump files.
* Fix debugging of WOW64 minidumps containing managed code.
* Force the WOW64 extension to convert contexts as appropriate.
* Don't sign extend addresses of 32 bit user mode processes in the 64 bit
debugger.
* Set 64bit debugger as the postmortem debugger for WOW64 applications.
* Disable adding user-mode breakpoints in kd when KdIgnoreUmException is set.
* Fix escape character ("\") parsing problem in the bl command.
* Force bu breakpoint removal for unloaded modules.
* Add automatic IPv6 detection to the "-remote tcp:..." remote protocol.
* Fix .sleep to work when -ddefer is used.
* Fix .tlist command
* Performance improvements to windbg and other debuggers.
* Notify users when workspace corruption is detected.
* Fix the infinite recursion with corrupt workspaces in windbg.
* Report the correct processor family values in !cpuid for all processors.
* Attempt to breakin only once per ctrl-c, ctrl-break instead of spinning
in a loop on packet write failure.
* Print the target computername in the debugger vertarget output when symbol
information is available.
* Tell debugger users how to break out of symbol loading, if it does not
complete within a reasonable amount of time.
* Display source server spew state when .srcnoisy is run. Also display the
source server only output filter state.
* Workaround for Vista/DWM unpainted captions.
* Add host debugger time when remote kernel target boots and shuts down.
* Symstore: don't truncate long file names when compressing files.
* Symchk: Add recursive symbol search option ("/sr") to force SymChk to
recursively search (non-symbol server) symbol paths for matching symbols.
* Add support in symsrv for getting file pointers from an http store and
using them as is without caching them to the default downstream store.
* Agestore tool should not run on computers that do not update the
last-access-time on files.
* Many !analyze improvements.
* Extensive debugger documentation updates.

Additional details on some of these features can be found in the debugger
documentation (debugger.chm). To open this documentation, use
Start --> Debugging Tools for Windows --> Debugging Help.


-----------------------------------------------------------------------------

Known Issues and Workarounds

* Docked window frames do not paint properly when running as an elevated
user while the Aero theme is active on Vista.
* Using the 32 bit debugger on a 64 bit OS to do 1394 kernel debugging
will not work unless the latest 64 bit debugger is first installed and
used to do 1394 debugging on the host. That will ensure that the
64 bit debugger installs the most recent 1394 debug driver. After that
has been done, copy 1394kdbg.sys from windows\system32\drivers into
windows\syswow64\drivers. After this is done, you will be able to do
1394 debugging with the 32 bit debugger as the driver date check made
by the 32 bit version of the debugger will pass. Note that the
1394kdbg.sys file in syswow64\drivers is not actually loaded or used.
* To prevent old 1394 debug drivers from loading on the box after the new
debugger is installed, do the following:
- Close all instances of debugger software running on the box.
- Go to device manager and double click on 1394 Debugger Device.
- Right click on each debug driver in the just opened list, and select
uninstall. In the dialog box that pops, check the Delete the driver
software for this device check box, and click OK. Some earlier OS
may not give you the option of deleting the software and you may
have to do it manually as described in the next bullet.
- After uninstalling the debug devices, double click on IEEE 1394 Bus
host controllers.
- Right click on each 1394 controller in the just opened list, and
select Uninstall. Click OK in the dialog box, but DO NOT delete the
driver software for these devices. (You shouldn't get that option.)
- Reboot the machine. After the reboot, open device manager. The 1394
host controllers should be present as they will have been found by
Plug and Play during boot, and reinstalled. The debug drivers should
NOT be present. If they are, you will need to manually delete the
driver software from the machine, and reboot. Refer to the next
bullet for a description of how to do this.
* To manually remove 1394dbg1.sys and 1394dbg2.sys from the machine do the
following:
- Close all instances of debugger software running on the box.
- Go to windows\system32\drivers and delete 1394dbg1.sys and 1394dbg2.sys
if they are present in that directory.
- Go to windows\inf and check if any of the oem*.inf files refer to
either 1394dbg1.sys or 1394dbg2.sys. You can do this by running
findstr -ip "1394dbg1.sys" from a command prompt. You should also run
findstr -ip "1394dbg2.sys" to check for 1394dbg2.sys. The names of
files containing those strings will be highlighted in the output of
these commands.
- Delete each oemXXX.inf file and its corresponding oemXXX.pnf file that
refers to the above drivers. The oem files are numbered, so XXX will
correspond to some number, typically between 0 and 15. For example
if the file oem4.inf contains the string 1394dbg1.sys then type
del oem4.* from an elevated command prompt. Make SURE you DO NOT
delete any .inf files EXCEPT those containing references to either
1394dbg1.sys or 1394dbg2.sys.
- Check that all the old debug .inf files have been removed by rerunning
the findstr commands above. There should be no output from either
search.
- Use device manager to uninstall all 1394 debug drivers and all 1394
host controllers as described in the previous bullet.
- Reboot the machine.
- After reboot, the 1394 controllers should be present, and the 1394
debug devices should finally be gone.
- Run the debugger and it will install the latest 1394 debug driver when
1394 debugging is used.

-----------------------------------------------------------------------------

Programs

This distribution includes the following debuggers:

KD - Command-line kernel debugger
NTSD - Command-line user-mode debugger
CDB - Command-line user-mode debugger (variant of NTSD)
WinDbg - GUI kernel debugger

I386KD is also provided in the package to support backwards compatibility.
It has the same code-base as KD.

The Helpful Tools option is installed by default and includes these
debugger-related tools:

AgeStore - Removes old or unwanted files from the downstream store used
by a symbol server or source server
DBH - DbgHelp shell
GFlags - Global Flags Editor
Breakin - Utility to force a breakin in another process being debugged
Remote - Remote Command Line
Kill - Task Killing Utility
List - File List Utility
LogViewer - Display API logs created with the .logext extension from
the debugger
RTList - Remote Task List Viewer
SymChk - utility to check validity of symbol files, or download
symbols from a symbol server prior to a debugging session
SymProxy - ISAPI filter acting as an HTTP proxy for one or more
symbol servers
SymStore - Creates a symbol server for automatic symbol lookup
ConvertStore - Modifies Symbol Server stores
TList - Task List Viewer
UMDH - Heap Analysis Tool
PdbCopy - Symbol file stripper
DbEngPrx - A repeater (small proxy server) used for remote debugging. DbgSrv is described in this documentation.
DbgRpc - A tool used to display Microsoft Remote Procedure Call (RPC) state information.
DumpChk - A tool used to validate a memory dump file.
KDbgCtrl - A tool that controls and configures the kernel debugging connection.
KdSrv - A KD connection server used for remote debugging.
Logger - A tool and an extension DLL that record the function calls and other actions of a program.
UsbView - Utility to view USB controllers and attached devices. Useful
for properly setting up USB kernel debugging.

-----------------------------------------------------------------------------

Debugger Extensions

Debugger Extensions are DLLs that WinDbg, CDB, NTSD, and KD can use to provide
additional debugger commands.

The extensions that work for all versions of Windows reside in the "winext"
subdirectory, and include:

uext.dll
kext.dll
ext.dll
logexts.dll


The newest version-specific debugger extensions (which work on Windows XP,
Windows Server 2003, Windows Vista and Windows 2008 Server) reside
in the "winxp" subdirectory, and include:

exts.dll
kdexts.dll

The debugger has awareness of these subdirectories, and will not be able
to find them if these subdirectories are renamed or moved.

If a custom extension DLL is to be used, it should be placed in its own
directory. The user can then set the debugger extension path variable so the
debugger can find the extension. Debugger extensions can also be loaded in
the debugger using fully qualified path names.

All of the debuggers search for debugger extension DLLs in a series of
directories. For a list of these directories and the sequence in which they
are searched, open the documentation, choose the Index tab, type "extension",
and click on "default search order" in the listing under "extension".

-----------------------------------------------------------------------------

Software Development Samples


Header files, libraries and samples for debugger extensions are provided
in this package. They are not installed by default. The "SDK"
component of the package must be selected during the install to get the
samples installed.

Use the Build utility to compile and build these samples. You must use
the version of the Build utility supplied by the latest version of the
Windows WDK or the Platform SDK. These kits include several different
build environment windows; it is important that you use the "Windows
Server 2003 Build Environment" or "Windows Vista Build Environment"
windows -- even if you are building samples or extensions for use on a
different version of Windows.

Attempting to build the samples and headers in a "Windows 2000 Build
Environment" will cause compilation errors. Building them in a "Windows
XP Build Environment" may succeed in some cases, but it is not
recommended. The "Windows 2003 Server Build Environment" and "Windows
Vista Build Environment" windows are the ones that should be used in all
cases.

The header files and libs in this package should replace any existing
version of the header files or libs that are shipped with the Windows
WDK or the Platform SDK. If you follow the instructions for using the
Build utility, which appear in the Windows WDK documentation, you can
set your include paths so that this is done automatically.

The samples will not compile if they are located in a directory path containing
spaces. If you have installed Debugging Tools for Windows into a path with
spaces, you can work around this limitation by moving or copying the "sdk"
subdirectory to a directory path without spaces.


-----------------------------------------------------------------------------

Documentation

For documentation on how to use these debuggers and related tools, see the
help file debugger.chm that is included with the tools. This documentation
has been improved and expanded since the last release.

When Debugging Tools for Windows is installed, a shortcut to this documentation
can be found under Start --> Programs --> Debugging Tools for Windows -->
Debugging Help.

You may also choose to review the most current documentation on MSDN:
http://msdn2.microsoft.com/en-us/library/cc267445.aspx

Information on how to write debugger extensions is included in this same
documentation file. If you plan to write debugger extensions, you should
perform a custom install of Debugging Tools for Windows and select all
available features. This will ensure that you have all the necessary
extension headers, libraries, and samples.

The DbgHelp interface is documented in a separate documentation file
(dbghelp.chm).

A tutorial on kernel debugging, Kernel_Debugging_Tutorial.doc, is also included
in this installation. This file is helpful if you are familiar with other
debugging tools and want to learn how to use WinDbg for kernel debugging.

You need to have Internet Explorer 5.0 or greater installed in order to use
the documentation properly.

-----------------------------------------------------------------------------

Redistributables

Please read the license agreement during setup for legal information regarding
redistributable files. If this is a retail release, the license agreement
mentions that redist.txt gives a list of the files that are redistributable.

-----------------------------------------------------------------------------

More Information

For more information on debugging, see the Debugging Tools for Windows
web page, <http://www.microsoft.com/whdc/DevTools/Debugging>.

We encourage people to get the new debugger off the web "often", as
we do many updates, while keeping compatibility with current, and Beta
versions of Windows.

Version 6.9 was the last debugger release that supports NT 4.0.

-----------------------------------------------------------------------------

Feedback

We are interested in your feedback on the tools. Please mail suggestions or
bug reports to WinDbgfb@microsoft.com. This is not a support alias, but your
feedback will help us to plan future changes for these tools and will make
them more useful to you in the future.

There is also a newsgroup moderated by Microsoft representatives and made up
many users of these tools. It is microsoft.public.windbg. Posting questions
or comments here will often get you the information you need to be productive
with the debuggers.

-----------------------------------------------------------------------------

[Roli]

Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.


Stáhni a nainstaluj Debugging Tools For Windows .

Přes Start >> Všechny programy vyhledej program s jménem WinDbg ve složce Debugging Tools for Windows a spusť.

Ve Windows Vista a Windows 7, spusť WinDbg jako administrátor (budeš přistupovat do adresáře Windows)

První co budeš muset nastavit je cesta k symbolům. Klikni na File -> Symbol File Path a zde nastav http://msdl.microsoft.com/download/symbols

Nyní můžeš začít analyzovat BSOB.

Klikni na File -> Open Crash Dump a najdi složku C:\Windows\Minidump.

Ve složce Minidumps se nacházejí soubory Minixxxxxx-xx.dmp (xxxxxx-xx je datum a pořadové číslo).

Pokud je složka prázdná neměl jsi ještě žádnou BSOD nebo jsi jí vymazal.

Jakmile soubor otevřeš začnou se načítat symboly a po chvilce můžeš zadávat přikazy do přikazového řádku, kde stačí napsat !analyze -v

nebo kliknout myší na příkaz.

Nejdůležitější parametry, které tě mohou zajímat jsou :

PROCESS_NAME (jméno procesu, který způsobil chybu),

IMAGE_NAME

MODULE_NAME

(tyto tři hodnoty mi sem nakopíruj nebo je stačí zadat do Googlu a řešení je jako na dlani)

Vypadá to asi TAKHLE

[duff74]

Tak ve složce Minidump není nic, ačkoliv by být mělo protože protože poslední BSOD byl podle prohlížeče událostí 14.1.12 v 13.51h a vědomě jsem nic nemazal. Možná je to blbost, ale mně to připadá tak, že záznamy v Minidump zůstanou jen do restartu PC ať už chtěného, nebo do BSOD. Vycházím z toho, že když jsem dělal výpis z WinDbg minule (viz 1.strana), tak mi před tím po zapnutí PC třikrát spadl a v Minidump byly jen tyto tři záznamy BSOD a taky by jich tam mělo být více z minulého dne, ale PC jsem večer vypnul, čímž se zřejmě složka Minidump vymazala. Jen moje dedukce...

[Roli]

Tak tohle už taky nechápu

Zkusil bych testnout PC přes 3DMark

nebo přes Sandru

abychom tak nějak vyloučili hardware, pak dej vědět jak to dopadlo.

[duff74]

Tak jsem stáhnul 3DMark, ale nějak jsem nepochopil kde se nabízí nějaký test. Jestli ten test spočíval v tom jestli mi funguje ta letecká hra, tak funguje OK.

Potom jsem začal stahovat Sandru a ke konci instalace mi PC spadl , tak jsem využil toho, že v Minidump se crash záznam tentokrát uložil a přes WinDbg. jsem vytáhnul toto:



Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\WINDOWS\Minidump\Mini011712-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows XP Kernel Version 2600 (Service Pack 3) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 2600.xpsp_sp3_gdr.111025-1629
Machine Name:
Kernel base = 0x804d7000 PsLoadedModuleList = 0x805540c0
Debug session time: Tue Jan 17 07:54:34.062 2012 (GMT+1)
System Uptime: 0 days 0:48:13.629
Loading Kernel Symbols
...............................................................
................................................................
........................
Loading User Symbols
Loading unloaded module list
............
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000000A, {81bc7ff0, 2, 0, 8051ee5c}

Probably caused by : memory_corruption ( nt!MiRemovePageByColor+1e )

Followup: MachineOwner
---------

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 81bc7ff0, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 8051ee5c, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: 81bc7ff0

CURRENT_IRQL: 2

FAULTING_IP:
nt!MiRemovePageByColor+1e
8051ee5c 8b7e0c mov edi,dword ptr [esi+0Ch]

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xA

PROCESS_NAME: RpcSandraSrv.ex

LAST_CONTROL_TRANSFER: from 80512705 to 8051ee5c

STACK_TEXT:
b5fcabf4 80512705 8629d5b8 00000460 00000400 nt!MiRemovePageByColor+0x1e
b5fcac20 80513240 00005000 843192b8 843192c4 nt!MiResolveMappedFileFault+0x3dd
b5fcac64 805133fa 00000000 00435720 c00021a8 nt!MiResolveProtoPteFault+0x18c
b5fcace8 8051d335 e16181f0 00435720 c00021a8 nt!MiDispatchFault+0xe8
b5fcad4c 805405d4 00000008 00435720 00000001 nt!MmAccessFault+0xf9d
b5fcad4c 00435720 00000008 00435720 00000001 nt!KiTrap0E+0xcc
WARNING: Frame IP not in any known module. Following frames may be wrong.
01fbf7d0 00000000 00000000 00000000 00000000 0x435720


STACK_COMMAND: kb

FOLLOWUP_IP:
nt!MiRemovePageByColor+1e
8051ee5c 8b7e0c mov edi,dword ptr [esi+0Ch]

SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: nt!MiRemovePageByColor+1e

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

DEBUG_FLR_IMAGE_TIMESTAMP: 4ea6b0e6

IMAGE_NAME: memory_corruption

FAILURE_BUCKET_ID: 0xA_nt!MiRemovePageByColor+1e

BUCKET_ID: 0xA_nt!MiRemovePageByColor+1e

Followup: MachineOwner
---------

[JaRon]

z obrazku ktory si dodal k memtestu ma zaujala ferekvencia RAM - 361MHz ,,, mala by byt 333MHz
skus pozriet do BIOS-u

[duff74]

JaRon: Mohl bys mě prosím tě navést, kde v tom BIOSu je frekvence RAM? Právě jsem se z BIOSu vrátil a nerad bych nějakým neuváženým krokem udělal víc škody než užitku. Děkuju

[JaRon]

to Ti tazko poradim, BIOS-ov je mnozstvo - kazdy ma nejak inac usporiadane polozky ,,,
len pozri nastavenie pamate, kde su uvedene frekvencie prip. daj screen obrazovky alebo to odpis - NIC NEMEN

[duff74]

Opatrně jsem nakoukl do některých submenu, ale na paměť jsem nenarazil. Tady je screen Biosu:

IMG_20120117_102551.jpg (64.46 KiB) Zobrazeno 1541 x

[JaRon]

no pozrel som si podla verzie - tento BIOS toho vela neukaze
skus system information - ale tam tiez asi vela nebude ,,,
doporucujem otestovat pamat este s goldmemory - uvidime aku frekvenciu nam uvedie

[duff74]

V system information jsem byl a tam jsou jen zákl info o systému, ale frekv. RAM tam není . Ještě zkusím GoldMemory.

[duff74]

Tak jsem zkusil i GoldMemory a errors - 0, viz screen, ale frekvenci RAM tam nevidím:

IMG_20120117_162444.jpg (77.22 KiB) Zobrazeno 1532 x