BSOD prosím o kontrolu logu Vyřešeno

[Petison]

Zdravím z ničeho nic se mi občas na PC objeví BSOD.Například když chci instalovat nebo odinstalovat nějaký program tak se na konci instalace objeví modrá obrazovka.Ne vždy ,ale občas.Paměti jsem testoval a jsou OK.Tak prosím o kontrolu logu ,zda tam nemám nějakého šmejda.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:57:18, on 6.7.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/av ... x_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [NVRaidService] C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 6912 bytes

[Reklama]

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

Stáhni si CrystalDiskInfo

Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

[Petison]

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Verze databáze: 7041

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

7.7.2011 16:18:52
mbam-log-2011-07-07 (16-18-52).txt

Typ: Rychlá kontrola
Kontrolované objekty: 163487
Uplynulý čas: 3 minut, 12 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

----------------------------------------------------------------------------
CrystalDiskInfo 4.0.2 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition SP1 [6.1 Build 7601] (x86)
Date : 2011/07/07 16:22:12

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- HL-DT-ST DVDRAM GSA-H12N ATA Device
- WDC WD2500YS-01SHB0 ATA Device
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) WDC WD2500YS-01SHB0 : 251.0 GB [0-2-0, pd1]

----------------------------------------------------------------------------
(1) WDC WD2500YS-01SHB0
----------------------------------------------------------------------------
Model : WDC WD2500YS-01SHB0
Firmware : 20.06C03
Serial Number : WD-WCANY2247787
Disk Size : 251.0 GB (8.4/137.4/251.0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 490234752
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 8404 hod.
Power On Count : 2954 krát
Temparature : 30 C (86 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 191 186 _21 000000001520 Čas na roztočení ploten
04 _98 _98 __0 000000000BA1 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _89 _89 __0 0000000020D4 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000B8A Počet cyklů zapnutí zařízení
C2 120 _96 __0 00000000001E Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000001 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 43 41 4E
020: 59 32 32 34 37 37 38 37 00 00 80 00 00 32 32 30
030: 2E 30 36 43 30 33 57 44 43 20 57 44 32 35 30 30
040: 59 53 2D 30 31 53 48 42 30 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 06 00 00 00 44 00 40
0A0: 00 FE 00 00 74 6B 7F 61 40 63 74 69 3C 41 40 63
0B0: 40 7F 00 27 00 00 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 63 80 1D 38 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 10
0F0: 40 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 09 00 00 00 00 00 00 00 00 16 7C 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 10 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 38 A5

[Petison]

Jen doplním,že problém přetrvává.BSOD se objevilo i při prohlížení internetu.To mi předtím ještě neudělalo.

[jaro3]

Někam postni obsah složky minidump:
C:\windows\minidump.

[Petison]

http://www.edisk.cz/stahni/64652/mini.zip_73.84KB.html

[jaro3]

Jsou tam dva problémy:

halmacpi.dll
watchdog.sys

Stáhni si a nainstaluj WhoCrashed

otevři ho a klikni na Analyze.
Program vytvoří zprávu , zkopíruj celou a vlož prosím sem.

[Petison]

System Information (local)
--------------------------------------------------------------------------------

computer name: JIRKA-PC
windows version: Windows 7 Service Pack 1, 6.1, build: 7601
windows dir: C:\Windows
CPU: AuthenticAMD AMD Athlon(tm) 64 X2 Dual Core Processor 5600+ AMD586, level: 15
2 logical processors, active mask: 3
RAM: 3220758528 total
VM: 2147352576, free: 1931628544



--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.


On Thu 7.7.2011 14:29:09 GMT your computer crashed
crash dump file: C:\Windows\Minidump\070711-23015-01.dmp
This was probably caused by the following module: snapman.sys (snapman+0x11F6B)
Bugcheck code: 0x100000B8 (0xFFFFFFFF88492020, 0xFFFFFFFF807C7800, 0xFFFFFFFFAF12AFD0, 0x0)
Error: CUSTOM_ERROR
file path: C:\Windows\system32\drivers\snapman.sys
product: Acronis Snapshot API
company: Acronis
description: Acronis Snapshot API
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: snapman.sys (Acronis Snapshot API, Acronis).
Google query: snapman.sys Acronis CUSTOM_ERROR




On Thu 7.7.2011 14:29:09 GMT your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: ntkrpamp.exe (nt!KeBugCheckEx+0x1E)
Bugcheck code: 0xB8 (0xFFFFFFFF88492020, 0xFFFFFFFF807C7800, 0xFFFFFFFFAF12AFD0, 0x0)
Error: ATTEMPTED_SWITCH_FROM_DPC
Bug check description: This indicates that an illegal operation was attempted by a delayed procedure call (DPC) routine.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: ntkrpamp.exe .
Google query: ntkrpamp.exe ATTEMPTED_SWITCH_FROM_DPC




On Wed 6.7.2011 11:48:19 GMT your computer crashed
crash dump file: C:\Windows\Minidump\070611-36015-01.dmp
This was probably caused by the following module: snapman.sys (snapman+0x11F6B)
Bugcheck code: 0x100000B8 (0xFFFFFFFF85DDD508, 0xFFFFFFFF807C7800, 0xFFFFFFFFA3749FD0, 0x0)
Error: CUSTOM_ERROR
file path: C:\Windows\system32\drivers\snapman.sys
product: Acronis Snapshot API
company: Acronis
description: Acronis Snapshot API
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: snapman.sys (Acronis Snapshot API, Acronis).
Google query: snapman.sys Acronis CUSTOM_ERROR




On Tue 5.7.2011 14:48:44 GMT your computer crashed
crash dump file: C:\Windows\Minidump\070511-26312-01.dmp
This was probably caused by the following module: snapman.sys (snapman+0x120EB)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000046, 0xFFFFFFFF830BA990, 0xFFFFFFFF807DE56C, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\Windows\system32\drivers\snapman.sys
product: Acronis Snapshot API
company: Acronis
description: Acronis Snapshot API
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: snapman.sys (Acronis Snapshot API, Acronis).
Google query: snapman.sys Acronis KERNEL_MODE_EXCEPTION_NOT_HANDLED_M





--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

4 crash dumps have been found and analyzed. 4 third party drivers have been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:

snapman.sys (Acronis Snapshot API, Acronis)

ntkrpamp.exe

If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems.


Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

[jaro3]

- snapman.sys je od Acronis Snapshot API, Acronis--zkus přeinstalovat program Acronis

-- ntkrpamp.exe:

Stáhni si Memtest:


Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
nebo:
vypálit soubor .iso a nabootovat z mechaniky CD/DVD.

http://www.memtest86.com/


http://www.pcporadenstvi.cz/memtest-86

http://www.stahuj.centrum.cz/utility_a_ ... i/memtest/

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Petison]

Tak po odinstalaci acronise a následném restartu,který si vyžádal už počítač nechtěl naběhnout.Hned na záčátku se restartoval a vypnul.Musel jsem přes F8 zvolit poslední známou funkční konfiguraci.Systém naběhnul..Počkám zda se BSOD objeví,či ne.Zatím děkuji za pomoc.

[jaro3]

nemáš zač! Dej vědět a pak můžeš dát zelenou fajfku.

[Petison]

Tak BSOD se znovu objevilo.Tak jsem spustil instalaci CoboFixu,ale při rozbalování zase modrá smrt.Tak jsem šel do nouzového režimu a tam už to proběhlo v pořádku.přikládám log.


ComboFix 11-07-07.06 - Jirka 08.07.2011 17:02:40.1.2 - x86 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3072.2108 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Jirka\AppData\Roaming\inst.exe
c:\users\Jirka\AppData\Roaming\pcouffin.sys
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-08 do 2011-07-08 )))))))))))))))))))))))))))))))
.
.
2011-07-08 15:08 . 2011-07-08 15:11 -------- d-----w- c:\users\Jirka\AppData\Local\temp
2011-07-08 15:08 . 2011-07-08 15:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-08 12:26 . 2011-07-08 12:26 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2011-07-07 18:20 . 2011-07-08 12:29 -------- d-----w- c:\users\Jirka\AppData\Local\Adobe
2011-07-07 13:47 . 2011-07-07 13:47 -------- d-----w- c:\users\Jirka\AppData\Local\{820F5B53-E13F-4230-8C38-85A079FF139D}
2011-07-06 15:06 . 2011-07-06 15:17 -------- d-----w- C:\PDF 4
2011-07-06 14:00 . 2011-07-06 14:01 -------- d-----w- c:\users\Jirka\AppData\Roaming\QuickScan
2011-07-06 11:09 . 2011-07-06 11:11 -------- d-----w- C:\Egypt
2011-07-06 11:05 . 2011-07-06 11:06 -------- d-----w- c:\users\Jirka\AppData\Local\{FC397EBB-8A04-448E-B395-1598DCB3DC6C}
2011-07-05 16:20 . 2011-07-05 16:20 -------- d-----w- c:\users\Jirka\AppData\Local\{2C6CADD0-8A6B-4E84-886A-A4DB59FDBCEE}
2011-07-05 14:50 . 2011-07-05 14:57 -------- d-----w- c:\users\Jirka\AppData\Roaming\wargaming.net
2011-07-05 14:38 . 2011-07-05 14:38 -------- d-----w- C:\Games
2011-07-04 17:42 . 2011-07-04 17:42 -------- d-----w- c:\users\Jirka\AppData\Local\{518D243B-9568-4348-AD81-3C237D3A3B8D}
2011-07-04 12:26 . 2011-07-04 12:26 -------- d-----w- c:\users\Jirka\AppData\Local\{7B21506B-012B-41CC-8561-E3BEDE122519}
2011-07-04 12:05 . 2011-07-04 12:05 388096 ----a-r- c:\users\Jirka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-04 12:05 . 2011-07-04 12:05 -------- d-----w- c:\program files\Trend Micro
2011-07-03 14:52 . 2009-09-02 11:44 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2011-07-03 14:52 . 2009-09-02 11:44 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2011-07-03 14:52 . 2011-07-03 14:52 -------- d-----w- c:\program files\VSO
2011-07-03 10:02 . 2011-07-03 10:02 -------- d-----w- c:\users\Jirka\AppData\Local\{3C8E0DC9-1A8B-40C9-8011-DE2461F9A355}
2011-07-02 15:40 . 2011-07-02 15:40 -------- d-----w- c:\program files\OCCT
2011-07-02 12:36 . 2011-07-04 17:38 -------- d-----w- c:\users\Jirka\AppData\Roaming\WinAVI
2011-07-02 12:34 . 2011-07-02 12:34 -------- d-----w- c:\users\Jirka\AppData\Local\WinAVI
2011-07-02 12:34 . 2011-07-02 12:34 -------- d-----w- c:\windows\WinAVI Video Converter 9.0
2011-07-02 11:48 . 2011-07-02 12:30 -------- d-----w- C:\videa p
2011-07-02 11:08 . 2011-07-02 11:08 -------- d-----w- c:\users\Jirka\AppData\Roaming\ProgSense
2011-07-02 11:08 . 2011-07-02 11:08 -------- d-----w- c:\users\Jirka\AppData\Roaming\GrabPro
2011-07-02 11:08 . 2011-07-02 18:06 -------- d-----w- c:\users\Jirka\AppData\Roaming\Orbit
2011-07-02 10:32 . 2011-07-02 10:32 -------- d-----w- c:\program files\BinaryMark
2011-07-02 07:47 . 2011-07-02 07:47 -------- d-----w- c:\users\Jirka\AppData\Local\{06927ED7-21EB-4A79-A294-375B687758F1}
2011-07-01 16:40 . 2011-07-01 16:40 -------- d-----w- c:\users\Jirka\AppData\Local\{CF536FB2-7122-4735-A9BE-EAC93C9EDBA7}
2011-07-01 13:46 . 2011-07-01 13:46 -------- d-----w- c:\program files\Activision
2011-06-30 11:38 . 2011-06-30 11:38 -------- d-----w- c:\users\Jirka\AppData\Local\{01E1E605-5326-4447-9845-C39024F9F97A}
2011-06-29 13:52 . 2011-06-29 13:53 -------- d-----w- c:\users\Jirka\AppData\Local\{8C3B1485-45E6-4C4A-873D-B3379BADF072}
2011-06-29 13:41 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 13:41 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 13:41 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 13:41 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 13:41 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 13:41 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 13:41 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 13:41 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 13:41 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 13:41 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-28 14:40 . 2011-06-28 14:40 -------- d-----w- c:\program files\PJsoft
2011-06-28 12:20 . 2011-06-28 12:21 -------- d-----w- c:\users\Jirka\AppData\Local\{082318A3-2CD3-492C-987C-7CD5DDD3DC15}
2011-06-27 14:28 . 2011-06-27 14:28 -------- d-----w- c:\users\Jirka\AppData\Local\{0619A608-7721-4507-AFAB-95209A65A05F}
2011-06-26 11:58 . 2011-06-26 11:58 -------- d-----w- c:\program files\Valve
2011-06-26 09:41 . 2011-06-26 11:07 -------- d-----w- c:\program files\Common Files\Steam
2011-06-26 09:41 . 2011-07-02 12:50 -------- d-----w- c:\program files\Steam
2011-06-26 09:31 . 2011-06-26 09:31 -------- d-----w- c:\users\Jirka\AppData\Local\{5A63FDC0-7885-4D98-8869-AA1EA51485C3}
2011-06-25 12:36 . 2011-06-25 12:36 -------- d-----w- c:\users\Jirka\AppData\Local\{1CE8AFD2-D55C-4249-AF68-C9564251A91E}
2011-06-24 19:31 . 2010-11-09 13:35 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2011-06-24 14:30 . 2011-06-24 14:30 -------- d-----w- c:\users\Jirka\AppData\Local\{916B910B-18E1-48CD-856D-656DE69AE7EE}
2011-06-23 19:23 . 2011-06-23 19:23 -------- d-----w- c:\users\Jirka\AppData\Local\{E4C6152F-F4FF-4E4B-80D3-D84ED39E4F23}
2011-06-23 14:19 . 2011-06-23 14:19 -------- d-----w- c:\users\Jirka\AppData\Local\{21D0DF5C-5675-4D51-9651-0C5133E1C7D6}
2011-06-22 15:23 . 2011-06-22 15:23 -------- d-----w- c:\users\Jirka\AppData\Local\{2BDBDC53-1596-46CF-B2BD-9E080915737A}
2011-06-21 18:27 . 2011-06-22 15:25 -------- d-----w- c:\programdata\LightScribe
2011-06-21 18:15 . 2011-06-21 18:15 -------- d-----w- c:\users\Jirka\AppData\Roaming\Acoustica
2011-06-21 11:34 . 2011-06-21 11:34 -------- d-----w- c:\users\Jirka\AppData\Local\{48BA8AC7-E8AC-440B-A200-6866B1E30597}
2011-06-20 15:58 . 2011-06-20 15:58 -------- d-----w- c:\users\Jirka\AppData\Local\{39D04950-3216-4511-A5F2-E7A60502993D}
2011-06-19 11:39 . 2011-06-19 11:39 -------- d-----w- c:\users\Jirka\AppData\Local\Microsoft Games
2011-06-19 09:05 . 2011-06-19 09:05 -------- d-----w- c:\users\Jirka\AppData\Local\{5ECAD526-D656-47B9-A6E6-DB464F837FAF}
2011-06-19 07:24 . 2011-06-19 10:44 -------- d-----w- C:\Turecko 2011
2011-06-18 18:31 . 2011-06-18 18:31 -------- d-----r- c:\program files\Skype
2011-06-18 06:58 . 2011-06-18 06:58 -------- d-----w- c:\program files\BurnAware Free
2011-06-18 06:22 . 2011-06-18 06:22 -------- d-----w- c:\programdata\ATI
2011-06-18 06:22 . 2011-06-18 06:22 -------- d-----w- c:\program files\AMD APP
2011-06-18 05:23 . 2009-08-19 22:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-06-18 05:22 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-06-18 05:22 . 2011-06-18 05:26 -------- d-----w- C:\_AcroTemp
2011-06-18 05:15 . 2011-06-18 05:15 -------- d-----w- c:\users\Jirka\AppData\Local\SKIDROW
2011-06-17 19:14 . 2011-06-17 19:14 -------- d-----w- c:\users\Jirka\AppData\Local\{D58B71CE-F22E-454B-A6DE-668E6BF5F05C}
2011-06-17 19:13 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-06-17 19:13 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-17 19:13 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-06-17 19:09 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-17 19:09 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-17 19:09 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-17 19:09 . 2011-04-25 04:31 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-17 19:09 . 2011-04-25 02:18 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-17 19:09 . 2011-02-25 05:34 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-17 19:09 . 2011-05-03 04:30 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-17 19:09 . 2011-04-27 02:17 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-17 19:09 . 2011-04-27 02:17 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-17 19:09 . 2011-04-27 02:17 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-09 15:14 . 2011-06-25 12:36 -------- d-----w- c:\users\Jirka\AppData\Roaming\EssentialPIM
2011-06-09 15:14 . 2011-06-09 15:14 -------- d-----w- c:\program files\EssentialPIM
2011-06-09 14:55 . 2011-06-09 14:56 -------- d-----w- c:\users\Jirka\AppData\Local\{35261CA9-331F-4069-8ABB-78AE27B5A592}
2011-06-09 14:02 . 2011-06-09 14:02 -------- d-----w- c:\users\Jirka\AppData\Local\{84E003A1-E793-4BB6-B770-EA75DDC906E7}
2011-06-08 15:48 . 2011-07-08 14:57 -------- d-----w- C:\Programy 33
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-08 11:49 . 2011-01-01 21:41 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-07-08 11:49 . 2011-01-01 21:44 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-07-08 11:49 . 2011-01-01 21:40 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-07-08 11:49 . 2011-01-01 21:40 103736 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-07-03 18:24 . 2011-01-01 21:40 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-07-02 10:46 . 2011-05-19 15:11 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-01 13:57 . 2011-01-01 21:41 22328 ----a-w- c:\users\Jirka\AppData\Roaming\PnkBstrK.sys
2011-05-29 07:11 . 2010-11-12 14:53 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2010-11-12 14:53 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-25 04:25 . 2011-05-25 04:25 7800832 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-05-25 03:31 . 2011-05-25 03:31 17940992 ----a-w- c:\windows\system32\atioglxx.dll
2011-05-25 03:07 . 2011-05-25 03:07 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-05-25 03:07 . 2010-03-03 04:16 688128 ----a-w- c:\windows\system32\aticfx32.dll
2011-05-25 03:04 . 2011-05-25 03:04 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-05-25 03:03 . 2011-05-25 03:03 401408 ----a-w- c:\windows\system32\atieclxx.exe
2011-05-25 03:03 . 2011-05-25 03:03 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-05-25 03:02 . 2011-05-25 03:02 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2011-05-25 03:02 . 2011-05-25 03:02 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2011-05-25 03:02 . 2011-05-25 03:02 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-05-25 03:01 . 2011-05-25 03:01 15872 ----a-w- c:\windows\system32\atimuixx.dll
2011-05-25 03:01 . 2011-05-25 03:01 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-05-25 02:59 . 2011-05-25 02:59 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-05-25 02:58 . 2010-03-03 04:06 4219904 ----a-w- c:\windows\system32\atidxx32.dll
2011-05-25 02:50 . 2010-03-03 03:24 4017152 ----a-w- c:\windows\system32\atiumdva.dll
2011-05-25 02:47 . 2011-05-25 02:47 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-05-25 02:47 . 2011-05-25 02:47 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-05-25 02:43 . 2011-05-25 02:43 6847488 ----a-w- c:\windows\system32\aticaldd.dll
2011-05-25 02:39 . 2010-03-03 03:46 4330496 ----a-w- c:\windows\system32\atiumdag.dll
2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\system32\atimpc32.dll
2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2011-05-25 02:26 . 2011-05-25 02:26 262144 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:26 . 2011-05-25 02:26 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-05-25 02:25 . 2011-05-25 02:25 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-05-25 02:25 . 2011-05-25 02:25 245760 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-05-25 02:24 . 2010-03-03 03:06 31744 ----a-w- c:\windows\system32\atiuxpag.dll
2011-05-25 02:24 . 2010-03-03 03:06 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-05-25 02:24 . 2011-05-25 02:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-05-25 02:18 . 2010-03-03 03:23 52736 ----a-w- c:\windows\system32\coinst.dll
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\system32\amdocl.dll
2011-05-24 18:28 . 2011-05-24 18:28 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-05-24 18:28 . 2011-05-24 18:28 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-13 16:31 . 2009-10-09 13:31 44384 ----a-w- c:\windows\system32\drivers\tifsfilt.sys
2011-05-13 16:31 . 2009-10-09 13:31 441760 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-05-13 16:31 . 2011-05-13 16:31 129248 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-05-13 16:31 . 2009-10-09 13:31 368736 ----a-w- c:\windows\system32\drivers\tdrpman.sys
2011-05-12 11:06 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-05-11 15:06 . 2011-02-14 15:22 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-04-22 19:14 . 2011-05-25 14:59 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\system32\GPhotos.scr
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\system32\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2011-04-29 17:53 . 2011-03-22 15:54 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"NVRaidService"="c:\program files\NVIDIA Corporation\Raid\nvraidservice.exe" [2010-04-09 163944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AODDriver4.0;AODDriver4.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-08-15 3700176]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS [2011-01-27 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS [2011-03-15 744568]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110701.001\BHDrvx86.sys [2011-05-19 810616]
S1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [2010-09-29 20088]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110707.031\IDSvix86.sys [2011-07-07 367736]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS [2011-01-27 136312]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NIS\1206000.01D\SYMNETS.SYS [2011-03-22 296568]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-05-25 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-05-24 294400]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-05-25 7800832]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-05-25 245760]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-03-30 100880]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-10 105592]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\iefzglfm.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.seznam.cz/?sourceid=FF_5&q=
FF - prefs.js: network.proxy.type - 2
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Photodex\ProShowProducer\ScsiAccess.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\SOUNDMAN.EXE
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2011-07-08 17:15:32 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-08 15:15
.
Před spuštěním: Volných bajtů: 67 476 062 208
Po spuštění: Volných bajtů: 66 835 173 376
.
- - End Of File - - D5C883BAF2A6EA18141D8ADB88DD850F