restart, blue screen - chyba v paměti, chyba ve winload

Zpráva

jhalamka · #1 Příspěvek od **jhalamka** » 17 črc 2013 22:45

Dobrý den,

prosím o pomoc. Poslední cca 14 dní se potýkám s nenadálými restarty, nebo vyskočí modrá obrazovka - chyba paměti. Mem test ani windows test paměti nikdy nenašel chybu. Poslední dva dny mi PC vůbec nechtěl naběhnout kvůli chybě ve winload. Příležitostně systém nastartuje..-

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jerzi at 2013-07-17 23:09:45
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 8 GB (23%) free of 34 GB
Total RAM: 8191 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:10:19, on 17.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jerzi.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [uTorrent] "E:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{354CA9E3-572B-4831-9039-5F2090E2F94D}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{354CA9E3-572B-4831-9039-5F2090E2F94D}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{354CA9E3-572B-4831-9039-5F2090E2F94D}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7565 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\rundll32.exe" sbavmon.dll,SBAVMonitor
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-18388fea-1bb0-457b-86f6-20e5281bbca4 -SystemEventPortName:HostProcess-0003c7de-0bff-4e9a-a6af-724ba32033a8 -IoCancelEventPortName:HostProcess-163a26db-55df-4a65-9c7c-9094bc85b6f2 -NonStateChangingEventPortName:HostProcess-b6313702-3add-4fbf-9e81-e162ff77258e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6a28171e-995d-4299-a866-ae52c8c1e67d -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -StartUpRun
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="512.0.1767184609\1790972352" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20 --gpu-vendor-id=0x1002 --gpu-device-id=0x68b8 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=12.104.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup10 channel:stable mods:100/InstantExtended/Padding1 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_68/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="512.3.955768219\766084444" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup10 channel:stable mods:100/InstantExtended/Padding1 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_68/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="512.4.1828812279\149744520" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup10 channel:stable mods:100/InstantExtended/Padding1 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_68/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="512.5.517084454\887066624" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup10 channel:stable mods:100/InstantExtended/Padding1 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_68/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="512.9.1500902514\61488382" /prefetch:673131151
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup10 channel:stable mods:100/InstantExtended/Padding1 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_68/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="512.57.745225107\1428849921" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyGroup10 channel:stable mods:100/InstantExtended/Padding1 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_68/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="512.75.73998030\265017429" /prefetch:673131151
"E:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-05-09 242496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Creative SB Monitoring Utility"=RunDll32 sbavmon.dll,SBAVMonitor []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=E:\Program Files (x86)\uTorrent\uTorrent.exe [2013-04-13 802136]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"Module Loader"=C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [2007-07-18 57344]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-03-28 642656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-07-18 03:56:52 ----D---- C:\Boot
2013-07-18 03:56:23 ----D---- C:\$WINDOWS.~BT
2013-07-18 03:56:23 ----ASH---- C:\WinPEpge.sys
2013-07-17 23:09:45 ----D---- C:\rsit
2013-07-17 23:09:45 ----D---- C:\Program Files\trend micro
2013-07-12 07:24:19 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-12 07:24:19 ----A---- C:\Windows\system32\ieui.dll
2013-07-12 07:24:18 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-12 07:24:18 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-12 07:24:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-12 07:24:18 ----A---- C:\Windows\system32\iesetup.dll
2013-07-12 07:24:18 ----A---- C:\Windows\system32\iernonce.dll
2013-07-12 07:24:18 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-12 07:24:17 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-12 07:24:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-12 07:24:17 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-12 07:24:17 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-12 07:24:17 ----A---- C:\Windows\system32\iertutil.dll
2013-07-12 07:24:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-12 07:24:16 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-12 07:24:16 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-12 07:24:16 ----A---- C:\Windows\system32\jscript.dll
2013-07-12 07:24:15 ----A---- C:\Windows\system32\jscript9.dll
2013-07-12 07:24:14 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-12 07:24:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-12 07:24:14 ----A---- C:\Windows\system32\urlmon.dll
2013-07-12 07:24:12 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-12 07:24:12 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-12 07:24:12 ----A---- C:\Windows\system32\wininet.dll
2013-07-12 07:24:12 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-12 07:24:11 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-12 07:24:09 ----A---- C:\Windows\system32\ieframe.dll
2013-07-12 07:24:08 ----A---- C:\Windows\system32\mshtml.dll
2013-07-12 07:24:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-11 17:36:05 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-11 17:36:05 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-11 17:36:05 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-11 17:36:05 ----A---- C:\Windows\system32\qedit.dll
2013-07-11 17:35:46 ----A---- C:\Windows\system32\win32k.sys
2013-07-11 17:35:34 ----A---- C:\Windows\system32\DWrite.dll
2013-07-11 17:35:33 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-01 17:17:28 ----D---- C:\ProgramData\ATI
2013-07-01 17:17:21 ----D---- C:\Program Files (x86)\AMD AVT
2013-06-26 19:43:21 ----D---- C:\Users\Jerzi\AppData\Roaming\IObit
2013-06-26 19:43:21 ----D---- C:\Program Files (x86)\IObit

======List of files/folders modified in the last 1 month======

2013-07-18 08:37:52 ----D---- C:\Windows\system32\LogFiles
2013-07-17 23:09:59 ----D---- C:\Users\Jerzi\AppData\Roaming\uTorrent
2013-07-17 23:09:48 ----D---- C:\Windows\Temp
2013-07-17 23:09:45 ----RD---- C:\Program Files
2013-07-17 22:46:43 ----D---- C:\Windows\System32
2013-07-17 22:46:43 ----D---- C:\Windows\inf
2013-07-17 22:46:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-17 22:44:34 ----D---- C:\Windows\system32\config
2013-07-17 22:41:19 ----D---- C:\Windows
2013-07-16 20:57:54 ----D---- C:\Users\Jerzi\AppData\Roaming\TS3Client
2013-07-16 20:57:52 ----D---- C:\Windows\Panther
2013-07-16 20:57:52 ----D---- C:\Windows\Minidump
2013-07-16 20:57:52 ----D---- C:\Windows\debug
2013-07-16 19:12:52 ----D---- C:\Users\Jerzi\AppData\Roaming\vlc
2013-07-15 18:56:08 ----D---- C:\Windows\Microsoft.NET
2013-07-15 18:54:10 ----RSD---- C:\Windows\assembly
2013-07-15 17:42:27 ----SHD---- C:\System Volume Information
2013-07-15 17:40:17 ----SHD---- C:\Windows\Installer
2013-07-15 17:39:54 ----RD---- C:\Program Files (x86)
2013-07-15 17:38:20 ----D---- C:\Windows\winsxs
2013-07-12 07:27:16 ----D---- C:\Windows\SysWOW64
2013-07-12 07:27:16 ----D---- C:\Program Files\Windows Defender
2013-07-12 07:27:16 ----D---- C:\Program Files\Internet Explorer
2013-07-12 07:27:16 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-12 07:27:16 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-12 07:27:15 ----D---- C:\Program Files\Windows Journal
2013-07-12 07:26:30 ----A---- C:\Windows\system32\MRT.exe
2013-07-12 07:24:27 ----D---- C:\Windows\system32\catroot2
2013-07-12 07:24:27 ----D---- C:\Windows\system32\catroot
2013-07-01 17:17:28 ----HD---- C:\ProgramData
2013-07-01 17:17:22 ----D---- C:\ProgramData\AMD
2013-07-01 17:16:54 ----D---- C:\Program Files\ATI Technologies
2013-07-01 17:16:09 ----SHD---- C:\$Recycle.Bin
2013-07-01 17:15:40 ----D---- C:\Windows\system32\drivers
2013-07-01 17:15:39 ----D---- C:\Windows\system32\DriverStore
2013-07-01 17:00:37 ----D---- C:\Windows\system32\Tasks
2013-07-01 17:00:22 ----D---- C:\Windows\Tasks
2013-07-01 17:00:22 ----D---- C:\Windows\system32\wfp
2013-07-01 17:00:22 ----D---- C:\Windows\system32\wbem
2013-07-01 16:59:57 ----D---- C:\Windows\system32\CodeIntegrity
2013-07-01 16:59:57 ----D---- C:\Windows\AppCompat
2013-07-01 16:59:57 ----D---- C:\Users\Jerzi\AppData\Roaming\GHISLER
2013-07-01 16:59:55 ----D---- C:\Windows\registration
2013-07-01 16:59:55 ----D---- C:\Users\Jerzi\AppData\Roaming\Skype
2013-06-27 20:26:55 ----D---- C:\Windows\LiveKernelReports
2013-06-26 19:52:44 ----D---- C:\Users\Jerzi\AppData\Roaming\Media Player Classic
2013-06-26 19:52:37 ----D---- C:\Windows\Logs
2013-06-26 19:42:20 ----D---- C:\Program Files (x86)\totalcmd
2013-06-19 17:30:25 ----D---- C:\Windows\system32\wdi
2013-06-18 19:59:04 ----D---- C:\Windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-07-01 189936]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2013-04-13 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2013-04-13 13440]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-07-01 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-07-01 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-29 11658752]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-03-29 581120]
R3 AODDriver;AODDriver; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys [2010-03-12 52280]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-02-14 96768]
R3 ksaud;Creative USB Audio Driver; C:\Windows\system32\drivers\ksaud.sys [2011-09-13 1588608]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2013-04-13 15416]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-03-29 241152]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-03-28 361984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
S2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2010-03-12 136544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-13 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-04-13 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-04-13 79360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-13 116648]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-22 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 18 črc 2013 17:18

Zdravím!
Otevřte adresář c:\windows\minidump, jeho obsah zabalte do raru a přiložte k vašemu příštímu postu.

jhalamka · #3 Příspěvek od **jhalamka** » 18 črc 2013 19:01

Dobrý den, složka c:\windows\minidump je prázdná - 0 bajtů

#4 Příspěvek od **Rudy** » 18 črc 2013 20:17

jhalamka píše:Dobrý den, složka c:\windows\minidump je prázdná - 0 bajtů

Divné. Každá BSOD vytvoří dmp soubor, z něhož je možné vyčíst příčinu. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes Úpravy>kopírovat sem dejte log.

jhalamka · #5 Příspěvek od **jhalamka** » 18 črc 2013 21:31

----------------------------------------------------------------------------
CrystalDiskInfo 5.6.1 Shizuku Edition (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate SP1 [6.1 Build 7601] (x64)
Date : 2013/07/18 22:30:27

-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ ATA Channel 0 (0) [ATA]
- TSSTcorp CDDVDW SH-S223C ATA Device
+ ATA Channel 1 (1) [ATA]
- KINGSTON SV300S37A120G ATA Device
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) KINGSTON SV300S37A120G : 120,0 GB [0/1/0, pd1] - sf

----------------------------------------------------------------------------
(1) KINGSTON SV300S37A120G
----------------------------------------------------------------------------
Model : KINGSTON SV300S37A120G
Firmware : 505ABBF0
Serial Number : 50026B733104FF40
Disk Size : 120,0 GB (8,4/120,0/120,0/120,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 234441648
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ACS-2 Revision 3
Transfer Mode : SATA/600
Power On Hours : 285 hod.
Power On Count : 183 krát
Host Reads : 576 GB
Host Writes : 567 GB
Temparature : 25 C (77 F)
Health Status : Dobrý (100 %)
Features : S.M.A.R.T., APM, 48bit LBA, NCQ, TRIM
APM Level : 00FEh [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr Raw Values (7) Attribute Name
01 120 120 _50 00000000000000 Raw Read Error Rate
05 100 100 __3 00000000000000 Retired Block Count
09 100 100 __0 33A0400000011D Power-on Hours
0C 100 100 __0 000000000000B7 Power Cycle Count
AB __0 __0 __0 00000000000000 Program Fail Count
AC __0 __0 __0 00000000000000 Erase Fail Count
AE __0 __0 __0 00000000000035 Unexpected Power Loss Count
B1 __0 __0 __0 00000000000002 Wear Range Delta
B5 __0 __0 __0 00000000000000 Program Fail Count
B6 __0 __0 __0 00000000000000 Erase Fail Count
BB 100 100 __0 00000000000000 Reported Uncorrectable Errors
BD _25 _85 __0 00001400550019 Specifický pro výrobce
C2 _25 _85 __0 00001400550019 Temperature
C3 100 100 __0 00000000000000 On-the-Fly ECC Uncorrectable Error Count
C4 100 100 __3 00000000000000 Reallocation Event Count
C9 100 100 __0 00000000000000 Uncorrectable Soft Read Error Rate
CC 100 100 __0 00000000000000 Soft ECC Correction Rate
E6 100 100 __0 00000000000064 Life Curve Status
E7 100 100 _10 00000000000000 SSD Life Left
E9 __0 __0 __0 00000000000477 Specifický pro výrobce
EA __0 __0 __0 00000000000237 Specifický pro výrobce
F1 __0 __0 __0 00000000000237 Lifetime Writes from Host
F2 __0 __0 __0 00000000000240 Lifetime Reads from Host

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3530 3032 3642 3733 3331 3034 4646 3430 2020 2020
020: 0000 0000 0004 3530 3541 4242 4630 4B49 4E47 5354
030: 4F4E 2053 5633 3030 5333 3741 3132 3047 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: 4BB0 0DF9 0000 0007 0003 0078 0078 0078 0078 4200
070: 0000 0000 0000 0000 0000 001F C70E 0004 004C 0040
080: 01FC 0110 746B 7469 6163 7429 B449 6163 407F 0001
090: 0000 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: 4BB0 0DF9 0000 0000 0000 0001 4000 0000 5002 6B73
110: 3104 FF40 0000 0000 0000 0000 0000 0000 0000 401A
120: 4018 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0021 0000 0000 4000
210: 0000 0000 0100 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 33A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 78 78 00 00 00 00 00 00 00 05 33
010: 00 64 64 00 00 00 00 00 00 00 09 32 00 64 64 1D
020: 01 00 00 40 A0 33 0C 32 00 64 64 B7 00 00 00 00
030: 00 00 AB 32 00 00 00 00 00 00 00 00 00 00 AC 32
040: 00 00 00 00 00 00 00 00 00 00 AE 30 00 00 00 35
050: 00 00 00 00 00 00 B1 00 00 00 00 02 00 00 00 00
060: 00 00 B5 32 00 00 00 00 00 00 00 00 00 00 B6 32
070: 00 00 00 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BD 00 00 19 55 19 00 55 00 14
090: 00 00 C2 22 00 19 55 19 00 55 00 14 00 00 C3 1C
0A0: 00 64 64 00 00 00 00 00 00 00 C4 33 00 64 64 00
0B0: 00 00 00 00 00 00 C9 1C 00 64 64 00 00 00 00 00
0C0: 00 00 CC 1C 00 64 64 00 00 00 00 00 00 00 E6 13
0D0: 00 64 64 64 00 00 00 00 00 00 E7 13 00 64 64 00
0E0: 00 00 00 00 00 00 E9 00 00 00 00 77 04 00 00 00
0F0: 00 00 EA 32 00 00 00 37 02 00 00 00 00 00 F1 32
100: 00 00 00 37 02 00 00 00 00 00 F2 32 00 00 00 40
110: 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7B
170: 03 00 01 00 01 30 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A8

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 32 00 00 00 00 00 00 00 00 00 00 05 03
010: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
020: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
030: 00 00 AB 00 00 00 00 00 00 00 00 00 00 00 AC 00
040: 00 00 00 00 00 00 00 00 00 00 AE 00 00 00 00 00
050: 00 00 00 00 00 00 B1 00 00 00 00 00 00 00 00 00
060: 00 00 B5 00 00 00 00 00 00 00 00 00 00 00 B6 00
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 03 00 00 00 00
0B0: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
0C0: 00 00 CC 00 00 00 00 00 00 00 00 00 00 00 E6 00
0D0: 00 00 00 00 00 00 00 00 00 00 E7 0A 00 00 00 00
0E0: 00 00 00 00 00 00 E9 00 00 00 00 00 00 00 00 00
0F0: 00 00 EA 00 00 00 00 00 00 00 00 00 00 00 F1 00
100: 00 00 00 00 00 00 00 00 00 00 F2 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9F

#6 Příspěvek od **Rudy** » 18 črc 2013 21:56

Disk je v pořádku. Dejte log ComobFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

jhalamka · #7 Příspěvek od **jhalamka** » 18 črc 2013 22:07

ComboFix 13-07-18.04 - Jerzi 18.07.2013 23:02:05.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8191.6679 [GMT 2:00]
Spuštěný z: e:\downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-18 do 2013-07-18 )))))))))))))))))))))))))))))))
.
.
2013-07-18 21:05 . 2013-07-18 21:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-18 20:29 . 2013-07-18 20:29 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-07-18 01:56 . 2013-07-18 01:56 -------- d-----w- C:\Boot
2013-07-18 01:56 . 2013-07-18 01:56 536870912 --sha-w- C:\WinPEpge.sys
2013-07-18 01:56 . 2013-07-18 01:56 -------- d-----w- C:\$WINDOWS.~BT
2013-07-17 21:09 . 2013-07-17 21:10 -------- d-----w- C:\rsit
2013-07-17 21:09 . 2013-07-17 21:10 -------- d-----w- c:\program files\trend micro
2013-07-16 17:06 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4FF7128B-E33B-4A56-AC5A-BC9D5A1D6A9C}\mpengine.dll
2013-07-11 15:36 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-07-11 15:36 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-07-11 15:36 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-07-11 15:36 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 15:36 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-11 15:36 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-11 15:36 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 15:36 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-07-11 15:36 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-11 15:36 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-11 15:36 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-11 15:35 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-11 15:35 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-11 15:35 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-11 15:35 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 15:35 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-11 15:35 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 15:35 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-11 15:35 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-01 15:17 . 2013-07-01 15:17 -------- d-----w- c:\programdata\ATI
2013-07-01 15:17 . 2013-07-01 15:17 -------- d-----w- c:\program files (x86)\AMD AVT
2013-06-26 17:43 . 2013-07-01 14:59 -------- d-----w- c:\users\Jerzi\AppData\Roaming\IObit
2013-06-26 17:43 . 2013-07-01 14:59 -------- d-----w- c:\program files (x86)\IObit
2013-06-24 17:05 . 2013-06-24 17:05 -------- d-----w- c:\users\Default\AppData\Local\Google
2013-06-19 18:25 . 2013-06-19 18:25 -------- d-----w- c:\users\Jerzi\AppData\Local\ElevatedDiagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-12 05:26 . 2013-04-23 18:26 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-07-01 15:01 . 2013-04-13 20:36 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-07-01 15:01 . 2013-04-13 20:36 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-07-01 15:01 . 2013-04-13 20:36 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-13 05:51 . 2013-06-12 17:40 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 17:40 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 17:40 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 17:40 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 17:40 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 17:40 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 17:40 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 17:40 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 17:40 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 17:40 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-10 05:49 . 2013-06-12 17:40 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 17:40 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-05-09 08:59 . 2013-04-13 20:36 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2013-04-13 20:36 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-04-13 20:36 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2013-04-13 20:36 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:59 . 2013-04-13 20:36 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:58 . 2013-04-13 20:36 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2013-04-13 20:36 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-08 06:39 . 2013-06-12 17:40 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-02 00:06 . 2013-04-13 20:49 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-05-01 18:20 . 2013-05-01 18:20 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-01 18:20 . 2013-05-01 18:20 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-01 18:20 . 2013-05-01 18:20 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-01 18:20 . 2013-05-01 18:20 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-01 18:20 . 2013-05-01 18:20 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-01 18:20 . 2013-05-01 18:20 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-01 18:20 . 2013-05-01 18:20 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-01 18:20 . 2013-05-01 18:20 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-01 18:20 . 2013-05-01 18:20 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-01 18:20 . 2013-05-01 18:20 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-01 18:20 . 2013-05-01 18:20 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-01 18:20 . 2013-05-01 18:20 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-01 18:20 . 2013-05-01 18:20 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-01 18:20 . 2013-05-01 18:20 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-01 18:20 . 2013-05-01 18:20 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-01 18:20 . 2013-05-01 18:20 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-01 18:20 . 2013-05-01 18:20 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-01 18:20 . 2013-05-01 18:20 441856 ----a-w- c:\windows\system32\html.iec
2013-05-01 18:20 . 2013-05-01 18:20 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-01 18:20 . 2013-05-01 18:20 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-01 18:20 . 2013-05-01 18:20 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-01 18:20 . 2013-05-01 18:20 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-01 18:20 . 2013-05-01 18:20 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-01 18:20 . 2013-05-01 18:20 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-01 18:20 . 2013-05-01 18:20 235008 ----a-w- c:\windows\system32\url.dll
2013-05-01 18:20 . 2013-05-01 18:20 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-01 18:20 . 2013-05-01 18:20 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-01 18:20 . 2013-05-01 18:20 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-01 18:20 . 2013-05-01 18:20 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-01 18:20 . 2013-05-01 18:20 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-01 18:20 . 2013-05-01 18:20 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-01 18:20 . 2013-05-01 18:20 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-01 18:20 . 2013-05-01 18:20 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-01 18:20 . 2013-05-01 18:20 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-01 18:20 . 2013-05-01 18:20 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-01 18:20 . 2013-05-01 18:20 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-01 18:20 . 2013-05-01 18:20 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-01 18:20 . 2013-05-01 18:20 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-01 18:20 . 2013-05-01 18:20 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-01 18:20 . 2013-05-01 18:20 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-01 18:20 . 2013-05-01 18:20 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-01 18:20 . 2013-05-01 18:20 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-01 18:20 . 2013-05-01 18:20 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-01 18:20 . 2013-05-01 18:20 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-01 18:20 . 2013-05-01 18:20 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-01 18:20 . 2013-05-01 18:20 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-01 18:20 . 2013-05-01 18:20 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-01 18:20 . 2013-05-01 18:20 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-01 18:20 . 2013-05-01 18:20 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-01 18:18 . 2013-05-01 18:18 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-01 18:18 . 2013-05-01 18:18 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-01 18:18 . 2013-05-01 18:18 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-05-01 18:18 . 2013-05-01 18:18 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-05-01 18:18 . 2013-05-01 18:18 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-01 18:18 . 2013-05-01 18:18 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-01 18:18 . 2013-05-01 18:18 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-01 18:18 . 2013-05-01 18:18 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-01 18:18 . 2013-05-01 18:18 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-05-01 18:18 . 2013-05-01 18:18 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-05-01 18:18 . 2013-05-01 18:18 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-05-01 18:18 . 2013-05-01 18:18 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-01 18:18 . 2013-05-01 18:18 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-01 18:18 . 2013-05-01 18:18 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-05-01 18:18 . 2013-05-01 18:18 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-05-01 18:18 . 2013-05-01 18:18 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-05-01 18:18 . 2013-05-01 18:18 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-01 18:18 . 2013-05-01 18:18 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-01 18:18 . 2013-05-01 18:18 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-05-01 18:18 . 2013-05-01 18:18 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-05-01 18:18 . 2013-05-01 18:18 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-01 18:18 . 2013-05-01 18:18 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-01 18:18 . 2013-05-01 18:18 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-01 18:18 . 2013-05-01 18:18 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-01 18:18 . 2013-05-01 18:18 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-05-01 18:18 . 2013-05-01 18:18 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="e:\program files (x86)\uTorrent\uTorrent.exe" [2013-04-13 802136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"Module Loader"="c:\program files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-18 57344]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S3 AODDriver;AODDriver;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver.sys;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 ksaud;Creative USB Audio Driver;c:\windows\system32\drivers\ksaud.sys;c:\windows\SYSNATIVE\drivers\ksaud.sys [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-15 15:40 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-26 c:\windows\Tasks\AWC Startup.job
- c:\program files (x86)\IObit\Advanced SystemCare 3\AWC.exe [2013-06-26 11:53]
.
2013-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-13 20:31]
.
2013-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-13 20:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Creative SB Monitoring Utility"="sbavmon.dll" [2010-07-29 115712]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 8.8.4.4 8.8.8.8
TCP: Interfaces\{354CA9E3-572B-4831-9039-5F2090E2F94D}: NameServer = 8.8.8.8,8.8.4.4
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-07-18 23:06:19
ComboFix-quarantined-files.txt 2013-07-18 21:06
.
Před spuštěním: 7 801 663 488
Po spuštění: 7 571 603 456
.
- - End Of File - - 979067C9261C0A3AB5346CB4E9094CF8
A36C5E4F47E84449FF07ED3517B43A31

#8 Příspěvek od **Rudy** » 19 črc 2013 17:21

Ani v tomto logu není nic, co by mohlo podobný problém způsobovat. Máte nainstalovaný IOBit, je možné, že jste si něco pohrábl jeho činností. Dopručil bych ho odinstalovat, je to šmejd, který hledá problémy tam, kde nejsou a doporučuje ne zrovna korektní řešení. Co jste instaloval těsně před tím, než se problém objevil?

jhalamka · #9 Příspěvek od **jhalamka** » 22 črc 2013 19:00

To jsem instaloval, až když se objevil problém. Odstranil jsem to tedy.

Nemůže to být HW problém třeba s pamětmi, deskou, nebo VGA pamětmi, když to psalo na blue screen chybu pamětí? Nejčastěji to zamrzlo, když byl PC v zátěži, pak to spadlo a pak už to třeba nenabootovalo a psalo chybu ve winload....nevím.

PC je cca 4 roky staré, zdroj mám nový.

Nedávno jsem už zkoušel memtest asi hodinu, ale nic to nenašlo.

#10 Příspěvek od **Rudy** » 22 črc 2013 19:32

Pokud to hází modré smrti, měl by být někde (windows\minidump) soubor, který problém popisuje. Pokud ho neuvidím, budeme jen hádat. Máte-li disk OK, RAMky také, nový zdroj, zbývá už jen zákl. deska, grafika, nebo ovladače. Ty zkuste přeinstalovat všechny od zákl. desky, po grafiku. Dál se uvidí.

jhalamka · #11 Příspěvek od **jhalamka** » 24 črc 2013 22:26

Dobrý den, dnes mi to opět zamrzlo a poté spadlo úplně bez zátěže a restart se podařil až na poněkolikáté - po delším vypnutí zdroje. Monitor nic neukazuje, jen cyklicky hučí větrák. Jako by nefungovala graf. karta. Konečně se ale vygeneroval dump soubor! Ovladače jsem zatím nepřeinstaloval.

#12 Příspěvek od **Rudy** » 25 črc 2013 16:39

1. Není v PC něco přetaktováno?
2. Stáhněte, nainstalujte a spusťte Speedfan: http://www.stahuj.centrum.cz/utility_a_ ... /speedfan/ . V průběhu chodu PC sledujte teploty komponent. Neměly by trvale překračovat 65°C (70°C u NB).

VIRY.CZ

restart, blue screen - chyba v paměti, chyba ve winload

restart, blue screen - chyba v paměti, chyba ve winload

Re: restart, blue screen - chyba v paměti, chyba ve winload

Re: restart, blue screen - chyba v paměti, chyba ve winload

Re: restart, blue screen - chyba v paměti, chyba ve winload

Re: restart, blue screen - chyba v paměti, chyba ve winload

Re: restart, blue screen - chyba v paměti, chyba ve winload

Re: restart, blue screen - chyba v paměti, chyba ve winload

Re: restart, blue screen - chyba v paměti, chyba ve winload

Re: restart, blue screen - chyba v paměti, chyba ve winload

Re: restart, blue screen - chyba v paměti, chyba ve winload

Re: restart, blue screen - chyba v paměti, chyba ve winload

Re: restart, blue screen - chyba v paměti, chyba ve winload