Prosim o kontrolu logu Vyřešeno

[Massacre]

Čau, neni to tak dlouho co sem formatoval pc z duvodu samovolnyho vypinani programu a naskakovani modre smrti. Nekdy se to vyplo s klasikou od microsoftu: odeslat,neodeslat... a nekdy zase uplne samo jako kdybych dal alt F4. Tak sem se rozhodl to zformatovat. Po formatu sem zacal instalovat windows a vyjela modra a uz se pocitac ani nepustil. Ukazalo se ze chyba je v technice takze sem to vsechno dal dokupy, nainstaloval odznova windows, zakladni programy potrebny pro muj pc zivot a vsechno jelo v pohode dal. Bohuzel v posledni dobe se mi zacinaji vracet problemy typu: V aplikaci abcd.efg(priklad) doslo chybe. Odeslat neodeslat. Stava se to jenom u pocitacovych her a pokazde kdyz najedu do detailu je to nejaky .dll soubor. Od nekterych her to bylo napr.: d3d9.dll ve slozce windows/system32 a nebo jeste neco podobneho ve stejne slozce, u jinych her to bylo zase jejich vlastni .dll. Na internetu sem si nasel ze je moznost ze tento error vypisuje v pripade ze tyhle soubory chybi, ale ja je tady mam, naprosto v poradku podle velikosti. Ted jsem dokonce prisel na to ze problem s souborem .dll (konkretne to bylo neco jako wmvdmod.dll a dalsi podobne, v pripade potreby muzu najit) vyhazuje i Sony Vegas 8.0. Koukal jsem se do procesu spoustejcich se pri startu windows, zkusil sem povypinat az bych rekl nebezpecne moc, pocitac se mi v klidu rozjel(drivery sem samozrejme nevypl, krome nvidie, ale to nic nevadilo) ale tem errorum to nepomohlo, takze sem to pro vsechny pripady dal zase zpatky. Muze mi s timhle nekdo pomoct? Reknete si co chcete, muzu vam dat print screeny, vypisy a vse mozny. Prece jenom na pc nejsem zas takovej novacek

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:30:15, on 29.6.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\FSAUA\program\fsus.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MST" WISE_SETUP_EXE_PATH="c:\nvidia\winxp\182.50\english\PhysX_9.09.0203_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6624 bytes

[Reklama]

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

Problém bude spíše v HW.
Otestuj HDD utilitou od výrobce.
Ram otestuj Memtestem:
http://www.stahuj.centrum.cz/utility_a_ ... i/memtest/
Vepiš hodnotu největší jednotlivé RAM (256,512,1024 atd) nech test 2h , pokud bude stále 0 error , jsou O.K.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[Massacre]

Tady zatím ten log, jdu na memtest.
KernelFaultCheck sem fixnul.
Mimochodem ted mi dokonce vyhodil chybu v aplikaci i firefox s detaily: EventType : BEX P1 : firefox.exe P2 : 1.9.0.3439 P3 : 4a25b23d
P4 : xul.dll P5 : 1.9.0.3439 P6 : 4a25b295 P7 : 0006b924
P8 : c0000409 P9 : 00000000

Malwarebytes' Anti-Malware 1.38
Verze databáze: 2349
Windows 5.1.2600 Service Pack 3

29.6.2009 10:42:55
mbam-log-2009-06-29 (10-42-55).txt

Typ skenu: Rychlý sken
Objektu skenováno: 80437
Uplynulý cas: 2 minute(s), 34 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
(Žádné zákerné položky nebyly zjišteny)

Infikované soubory:
(Žádné zákerné položky nebyly zjišteny)

[Massacre]

Tak bohuzel behem testu mi to ted vyhodilo modrou a zapomnel sem nastavit aby ji to podrzelo. Nevim ted jestli to bylo tou ramkou, asi sem to pretizil.. Ted sem nastavil aby se ta modra podrzela, kdyby to znova padlo, test jede odznova

[Massacre]

Tak to bude zjevne tou ramkou, po treti bych to nerad zkousel. Pri testu vystrelilo toto:
http://www.thegame.xf.cz/error.jpg
Takze sem restartoval pc a hned vyskocilo dalsi:
http://www.thegame.xf.cz/error2.jpg
Po treti uz to nastesti slo po tom co sem odklikal nejaky ty blaboly o normalnim spusteni.
Muze to byt teda tou ram? I to s tema .dll souborama ?

[jaro3]

To není tak jednoduché-Memtest by to určil.Můžeš zkusit vyndat RAM , vyčistit kontakty ( pozor na stat. elektřinu!) a pořádně zasunout do slotu, pokud jich máš víc , nechat jednu a pak prohazovat...
Závada může být špatným zdrojem ( i slabším na Tvojí sestavu),Vyjmout nepotřebné karty do PCI, mechaniky atd. Chyby na disku, je třeba otestovat utilitou od výrobce ( stáhnout .iso soubor , vypálit v PowerISO , nabootovat (boot z CD/DVD).Nebo alespoň použít HD Tune ap.

vyčisti systém CCleanerem
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si DDS :

a ulož ho na plochu.Zavři všechna spuštěná okna a spusť program, potvrď licenční podmínky a postupuj podle pokynů. Začne scanování.Až skončí, tak by měl vytvořit 2 logy proto se Ti 2krát otevře notepad. Jeden log bude mít název DDS.txt a druhý attach.txt. Tak sem zkopíruj oba.

[Massacre]

Mezi tim sem zkusil preinstalovat vsechny ovladace, zatim nevim jestli to pomohlo. Kontakty sem vyčistil, HD Tune nenasel nic spatneho.
Tady jsou ty logy:
Tim ATF cleanerem jsem nesmazal ulozene formluare a hesla, neb si je nepamatuju a potrebuju je, doufam ze to nevadi.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-06-26.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 12.4.2009 22:00:04
System Uptime: 29.6.2009 13:59:10 (1 hours ago)

Motherboard: ASUSTeK Computer INC. | | M2N-E
Processor: AMD Processor model unknown | Socket AM2 | 3013/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 49 GiB total, 10,469 GiB free.
D: is FIXED (NTFS) - 249 GiB total, 171,314 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is FIXED (FAT32) - 298 GiB total, 209,268 GiB free.
K: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: USB Device
Device ID: USB\VID_046D&PID_08DA&MI_00\6&74B3876&0&0000
Manufacturer:
Name: USB Device
PNP Device ID: USB\VID_046D&PID_08DA&MI_00\6&74B3876&0&0000
Service:

==== System Restore Points ===================

RP1: 12.4.2009 22:02:27 - Kontrolní bod systému
RP2: 12.4.2009 22:05:38 - Nainstalováno Windows Installer KB893803v2.
RP3: 12.4.2009 22:22:00 - Installed NVIDIA ForceWare Network Access Manager
RP4: 12.4.2009 22:24:27 - Installed Windows XP KB888111WXPSP2.
RP5: 12.4.2009 22:24:51 - Installed SoundMAX
RP6: 12.4.2009 22:25:18 - Installed SoundMAX
RP7: 12.4.2009 22:35:48 - Software Distribution Service 3.0
RP8: 13.4.2009 9:39:51 - psc 8.01 build 129 Installation
RP9: 13.4.2009 9:48:56 - Installed Adobe Reader 9.1.
RP10: 13.4.2009 10:07:03 - Nainstalováno: OpenOffice.org 3.0
RP11: 13.4.2009 10:08:50 - Software Distribution Service 3.0
RP12: 13.4.2009 10:51:08 - Installed ImagXpress
RP13: 13.4.2009 10:51:32 - Nainstalováno rozhraní DirectX
RP14: 13.4.2009 10:51:43 - Installed neroxml
RP15: 13.4.2009 10:51:47 - Installed Advertising Center
RP16: 13.4.2009 10:52:00 - Installed NeroBurningROM
RP17: 13.4.2009 10:55:05 - Installed Nero CoverDesigner
RP18: 13.4.2009 11:04:02 - Removed Advertising Center
RP19: 13.4.2009 11:07:52 - Installed WingMan Software
RP20: 13.4.2009 11:15:48 - Installed Test Drive Unlimited
RP21: 13.4.2009 12:30:03 - Installed Command & Conquer 3.
RP22: 13.4.2009 18:29:40 - Installed QuickTime
RP23: 13.4.2009 21:03:18 - Installed Windows XP WIC.
RP24: 13.4.2009 21:03:28 - Installed %1 %2.
RP25: 13.4.2009 21:03:30 - Je nainstalován ovladač tiskárny Microsoft XPS Document Writer
RP26: 13.4.2009 21:09:36 - Installed Sony Vegas Pro 8.0
RP27: 13.4.2009 21:13:50 - Software Distribution Service 3.0
RP28: 14.4.2009 16:52:13 - Software Distribution Service 3.0
RP29: 17.4.2009 9:12:57 - Software Distribution Service 3.0
RP30: 18.4.2009 9:37:21 - Software Distribution Service 3.0
RP31: 19.4.2009 13:08:36 - Software Distribution Service 3.0
RP32: 21.4.2009 14:04:07 - Kontrolní bod systému
RP33: 23.4.2009 17:16:26 - Kontrolní bod systému
RP34: 25.4.2009 19:05:11 - Kontrolní bod systému
RP35: 28.4.2009 20:45:53 - Kontrolní bod systému
RP36: 30.4.2009 8:31:06 - Kontrolní bod systému
RP37: 30.4.2009 19:39:31 - Installed PowerDVD
RP38: 11.5.2009 8:16:58 - Kontrolní bod systému
RP39: 13.5.2009 9:54:56 - Software Distribution Service 3.0
RP40: 15.5.2009 14:59:18 - Kontrolní bod systému
RP41: 19.5.2009 14:34:55 - Kontrolní bod systému
RP42: 24.5.2009 11:52:30 - Kontrolní bod systému
RP43: 26.5.2009 6:42:41 - Kontrolní bod systému
RP44: 28.5.2009 14:26:22 - Kontrolní bod systému
RP45: 29.5.2009 17:34:41 - Nainstalováno: Text-To-Speech-Runtime
RP46: 31.5.2009 18:20:58 - Kontrolní bod systému
RP47: 1.6.2009 20:56:04 - Installed WinZip 12.1
RP48: 3.6.2009 10:00:10 - Kontrolní bod systému
RP49: 4.6.2009 15:29:21 - Kontrolní bod systému
RP50: 4.6.2009 20:26:48 - Installed Java(TM) 6 Update 13
RP51: 6.6.2009 13:05:03 - Installed Ventrilo Client
RP52: 6.6.2009 13:18:15 - Removed Ventrilo Client
RP53: 6.6.2009 13:18:38 - Installed Ventrilo
RP54: 11.6.2009 8:25:25 - Software Distribution Service 3.0
RP55: 12.6.2009 17:25:30 - Kontrolní bod systému
RP56: 14.6.2009 12:57:16 - Kontrolní bod systému
RP57: 14.6.2009 19:27:43 - Software Distribution Service 3.0
RP58: 15.6.2009 20:53:02 - Kontrolní bod systému
RP59: 17.6.2009 8:30:54 - Kontrolní bod systému
RP60: 20.6.2009 12:09:28 - Kontrolní bod systému
RP61: 22.6.2009 10:27:40 - Kontrolní bod systému
RP62: 23.6.2009 13:31:48 - Removed WinZip 12.1
RP63: 27.6.2009 16:43:31 - Configured PowerDVD
RP64: 27.6.2009 19:05:31 - Uniblue RegistryBooster 2009
RP65: 27.6.2009 19:06:17 - Uniblue RegistryBooster 2009
RP66: 27.6.2009 19:19:14 - Uniblue RegistryBooster
RP67: 28.6.2009 12:33:22 - Nainstalováno rozhraní DirectX
RP68: 28.6.2009 20:59:06 - Instalováno Zaklínač
RP69: 28.6.2009 21:08:20 - Nainstalováno rozhraní DirectX
RP70: 29.6.2009 13:26:51 - Configured NVIDIA ForceWare Network Access Manager
RP71: 29.6.2009 13:36:04 - Installed NVIDIA ForceWare Network Access Manager

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1
Aktualizace zabezpečení systému Windows XP (KB923789)
Any Video Converter 2.7.2
Apple Software Update
AVIConverter 5.1.6
Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
BSPlayer
CCleaner (remove only)
Command & Conquer 3
F-Secure Profi Antivirus
Fraps (remove only)
Free Easy Burner V 3.0
Hamachi 1.0.3.0
HijackThis 2.0.2
ImagXpress
IrfanView (remove only)
Java(TM) 6 Update 13
LightScribe System Software 1.14.17.1
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft XML Parser
Mozilla Firefox (3.0.11)
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
neroxml
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA PhysX
OpenOffice.org 3.0
PSPad editor
QIP 2005 8090
QuickTime
RACE 07 Offline
RealPlayer
Skype™ 4.0
Sony Vegas Pro 8.0
SoundMAX
System Requirements Lab
Test Drive Unlimited
Text-To-Speech-Runtime
The KMPlayer (remove only)
Total Commander (Remove or Repair)
Uniblue RegistryBooster 2
Ventrilo
WebFldrs XP
Windows Communication Foundation
Windows Imaging Component
Windows Presentation Foundation
Windows Workflow Foundation
Windows XP Service Pack 3
WingMan Software
XML Paper Specification Shared Components Pack 1.0
Zaklínač


DDS (Ver_09-06-26.01) - NTFSx86
Run by Marek at 14:06:29,07 on po 29.06.2009
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1599 [GMT 2:00]

AV: F-Secure Profi Antivirus 8.01 *On-access scanning enabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: F-Secure Profi Antivirus 8.01 *enabled* {D4747503-0346-49EB-9262-997542F79BF4}
FW: ActiveArmor Firewall *disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
svchost.exe
svchost.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\FSAUA\program\fsus.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\QIP\qip.exe
C:\Documents and Settings\Marek\Plocha\dds.scr

============== Pseudo HJT Report ===============

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "c:\program files\common files\wise installation wizard\wisdd1865f0ad7340fbb23e1822e02396ff_9_09_0203.msi" transforms="c:\program files\common files\wise installation wizard\wisdd1865f0ad7340fbb23e1822e02396ff_9_09_0203.mst" wise_setup_exe_path="c:\nvidia\winxp\182.50\english\PhysX_9.09.0203_SystemSoftware.exe"
mRun: [F-Secure Manager] "c:\program files\f-secure\common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "c:\program files\f-secure\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
LSP: c:\program files\f-secure\fsps\program\FSLSP.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shoc ... wflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\marek\dataap~1\mozilla\firefox\profiles\yr5v21ut.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.XMLHttpRequest.channel", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.SOAPEncoding.schemaCollection", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.default.XMLHttpRequest.channel", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("security.checkloaduri", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("bidi.characterset", 1);
c:\program files\mozilla firefox\defaults\pref\channel-prefs.js - pref("app.update.channel", "release");
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");

============= SERVICES / DRIVERS ===============

R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2009-4-13 33408]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-4-13 79872]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\f-secure\hips\drivers\fshs.sys [2009-4-13 67808]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS;c:\program files\f-secure\anti-virus\fsgk32st.exe [2009-4-13 215648]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\f-secure\anti-virus\minifilter\fsgk.sys [2009-4-13 86648]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\f-secure\orsp client\fsorsp.exe [2009-4-13 55904]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2006-3-2 69120]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\f-secure\anti-virus\win2k\fsfilter.sys [2009-4-13 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\f-secure\anti-virus\win2k\fsrec.sys [2009-4-13 25184]

=============== Created Last 30 ================

2009-06-29 13:55 215,383 a------- c:\windows\system32\nvapps.xml
2009-06-29 13:55 453,152 a------- c:\windows\system32\nvudisp.exe
2009-06-29 13:55 19,054 a------- c:\windows\system32\nvdisp.nvu
2009-06-29 13:55 <DIR> --d----- c:\windows\nview
2009-06-29 13:52 552 a------- c:\windows\system32\d3d8caps.dat
2009-06-29 13:51 <DIR> --d----- c:\program files\SystemRequirementsLab
2009-06-29 13:51 <DIR> --d----- c:\documents and settings\marek\SystemRequirementsLab
2009-06-29 13:51 664 a------- c:\windows\system32\d3d9caps.dat
2009-06-29 13:46 43,008 a------- c:\windows\system32\drivers\AmdK8.sys
2009-06-29 13:36 1,024 a------- C:\.rnd
2009-06-29 13:36 22 a------- c:\windows\FileName
2009-06-29 13:36 <DIR> --d----- c:\program files\NVIDIA Corporation
2009-06-29 13:35 442,368 a------- c:\windows\system32\CapabilityTable.exe
2009-06-29 13:35 1,570 -------- c:\windows\system32\nvide.nvu
2009-06-29 13:35 208,896 -------- c:\windows\system32\nvuide.exe
2009-06-29 13:35 35,840 a----r-- c:\windows\system32\NVCOI.DLL
2009-06-29 13:33 24,959 a------- c:\windows\Ascd_tmp.ini
2009-06-29 13:14 <DIR> --d----- c:\docume~1\marek\dataap~1\Command and Conquer 3 Tiberium Wars
2009-06-29 10:39 <DIR> --d----- c:\docume~1\marek\dataap~1\Malwarebytes
2009-06-29 10:39 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-29 10:39 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-06-29 10:39 <DIR> --d----- c:\docume~1\alluse~1\dataap~1\Malwarebytes
2009-06-29 10:39 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-06-29 01:40 <DIR> --d----- c:\windows\system32\AGEIA
2009-06-28 21:09 278,984 a------- c:\windows\system32\drivers\atksgt.sys
2009-06-28 21:09 25,416 a------- c:\windows\system32\drivers\lirsgt.sys
2009-06-28 20:59 <DIR> --d----- c:\program files\Zaklínač
2009-06-27 19:18 <DIR> --d----- c:\program files\Uniblue
2009-06-27 19:04 <DIR> --d----- c:\docume~1\marek\dataap~1\Uniblue
2009-06-25 08:34 27,648 ac------ c:\windows\system32\dllcache\irmon.dll
2009-06-25 08:34 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll
2009-06-25 08:34 27,648 a------- c:\windows\system32\irmon.dll
2009-06-25 08:34 8,192 a------- c:\windows\system32\wshirda.dll
2009-06-25 08:34 152,064 ac------ c:\windows\system32\dllcache\irftp.exe
2009-06-25 08:34 152,064 a------- c:\windows\system32\irftp.exe
2009-06-14 13:49 <DIR> --d----- c:\windows\pss
2009-06-14 12:27 <DIR> --d----- c:\program files\TrekStor
2009-06-13 21:53 <DIR> --d----- c:\program files\The KMPlayer
2009-06-06 13:18 <DIR> --d----- c:\program files\Ventrilo
2009-06-04 20:27 410,984 a------- c:\windows\system32\deploytk.dll
2009-06-04 20:27 73,728 a------- c:\windows\system32\javacpl.cpl
2009-05-31 13:58 <DIR> --d----- c:\docume~1\alluse~1\dataap~1\Blizzard

==================== Find3M ====================

2009-06-25 08:38 471,764 a------- c:\windows\system32\perfh005.dat
2009-06-25 08:38 93,704 a------- c:\windows\system32\perfc005.dat
2009-05-07 17:33 346,624 a------- c:\windows\system32\localspl.dll
2009-05-01 18:33 44,944 -------- c:\windows\system32\drivers\PxHelp20.sys
2009-05-01 18:33 9,200 -------- c:\windows\system32\drivers\cdralw2k.sys
2009-05-01 18:33 9,072 -------- c:\windows\system32\drivers\cdr4_xp.sys
2009-05-01 18:33 158,192 -------- c:\windows\system32\pxwma.dll
2009-04-30 19:39 29,480 a------- c:\windows\system32\msxml3a.dll
2009-04-29 06:35 667,648 a------- c:\windows\system32\wininet.dll
2009-04-29 06:35 81,920 a------- c:\windows\system32\ieencode.dll
2009-04-22 14:35 38,201 a------- c:\program files\uninstall.exe
2009-04-19 21:52 1,847,168 a------- c:\windows\system32\win32k.sys
2009-04-18 10:07 76,487 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-04-18 09:28 348,160 a------- c:\windows\system32\msvcr71.dll
2009-04-15 16:54 585,216 a------- c:\windows\system32\rpcrt4.dll
2009-04-13 12:14 107,888 a------- c:\windows\system32\CmdLineExt.dll
2009-04-12 21:57 21,812 a------- c:\windows\system32\emptyregdb.dat
2009-04-11 19:52 65,536 a------- c:\windows\DUMP2b75.tmp
2006-10-26 11:44 2,838,528 a------- c:\program files\fraps.exe
2006-10-26 11:43 110,592 a------- c:\program files\fraps.dll
2006-10-26 11:43 122,880 a------- c:\program files\frapslcd.dll
2006-10-26 10:36 11,066 a------- c:\program files\changes.txt
2006-10-26 04:44 1,859 a------- c:\program files\README.HTM
2006-10-21 02:56 56,320 a------- c:\program files\fraps64.dll
2006-10-21 02:56 293,376 a------- c:\program files\fraps64.dat

============= FINISH: 14:07:09,54 ===============

[Massacre]

Zda se to cim dal tim horsi. Pocitac vzdy nejakou chvili bezi a pri pusteni jakekoli hry bezi jeste dalsich 10 minut nez naskoci modra. Odkliknu, pak naskoci jeste dalsi , konkretne 0x00000050 tcpip.sys a 0x0000008E a 0x00000024 classpnp.sys a az teprve co projdou tyhle tri se mi to znova rozjede. A pocitac jede dal, dokud zase nepustim nejakou hru, nebo nepustim ten memtest. Je to tak i kdyz vyndam jednu a necham druhou. Ty modry obrazovky vypisujou chybi na drivery (tcpip.sys - sitovka , nvata.sys a nv4_mini.sys - grafika). Preinstalovani ale zjevne nepomohlo. Jeste je treba mozne ze je to kombinace obou problemu, jak s ramkou tak spatnyma ovladacema.

[Massacre]

Ze sameho premysleni sem prisel na nasledujici. Otevrel sem pc zkousel postupne vytahovat ty ramky ovsem nic to nepomohlo a pocitac se nechtel nastartovat kvuli samym errorum vypisujici porad odkazy na nvidiu. A pak sem si toho vsiml, stara zavada s procesorem, ktera mi stejne problemy pusobila jak sem jiz zminil drive, je tu znova. Chladic procesoru je odchliply, sice jen malo ale je. Pocitac ma zjevne nejakou pojistku v pripade ze pri startu neni natlaceny tak jak ma spravne byt na procesoru, takze sem ho chvili pridrzel nez to najelo na plochu a pak sem ho mohl v klidu pustit a pocitac jede dal. Proc to psalo modrou s nvidiou vysvetluje to ze muj procesor je nforce 570 coz je vlastne od nvidie a vzhledem k tomu ze nebyl chlazenej tak vyhazoval modrou smrt. Takze sem vyresil prvni problem, kterej se da vyresit s 50ti korunou v kapse zitra v technice, ale porad tu zbyva ten druhy, proc to vyhazuje modrou pri testu ram a proc mi aplikace hazou chyby microsoft. Omlouvam se za doubleposty,ale chci aby v tom byl poradek.

[jaro3]

Stáhni si program OTMoveIt3 (by OldTimer)
http://www.edisk.cz/stahni/07995/OTMove ... .39KB.html
a ulož si ho na disk C a spusť ho.
- Do levého sloupce (Paste Instructions for Items to be Moved) zkopíruj tyto cesty:
Poznámka: Nepoužij k označení funkci VYBRAT VŠE

Kód: Vybrat vše

:Processes
explorer.exe

:Services

:Reg

:Files
c:\program files\uninstall.exe
c:\windows\DUMP2b75.tmp

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


- Po zkopírování klikni na tlačítko MoveIt! a vlož sem následně celý obsah z pravého sloupce, jinak uložený ve složce C:\_OTMoveIt\MovedFiles\, který bude informovat o výsledcích
- Je možné, že pokud nebudou moci být soubory odstraněny, budeš dotázán na restart počítače, v tom případě restart potvrď.

Toto otestuj na Virustotal
c:\windows\Ascd_tmp.ini
Vlož sem pak odkaz výsledku.

Přes správce zařízení odinstaluj síťovku a grafiku , restart PC , po restartu nenech windows instalovat žádné ovladače , ale použij , CD k MB a CD pro grafiku k nainstalování ovladačů.

[Massacre]

Sitovku i grafiku sem odinstalovaval uz odpoledne jednou a udelal sem to presne tak jak jste psal. Nenechal windows nic a dal to z CD od motherboardu vsechno. Jestli to mam po tomhle kroku zopakovat ještě jednou prosim o potvrzení.
Virustotal: http://www.virustotal.com/cs/analisis/1 ... 1246302185
Move it:
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
c:\program files\uninstall.exe moved successfully.
c:\windows\DUMP2b75.tmp moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Marek\LOCALS~1\Temp\etilqs_PtPCXrjGA6AQJGV6aY1w scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Marek\LOCALS~1\Temp\~DFFB55.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Marek\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\nvcbin.def.76167175.TMP scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5a8.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Marek\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\yr5v21ut.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Marek\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\yr5v21ut.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Marek\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\yr5v21ut.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Marek\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\yr5v21ut.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Marek\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\yr5v21ut.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Marek\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\yr5v21ut.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTM by OldTimer - Version 2.1.0.1 log created on 06292009_205224

Files moved on Reboot...
File C:\DOCUME~1\Marek\LOCALS~1\Temp\etilqs_PtPCXrjGA6AQJGV6aY1w not found!
File C:\DOCUME~1\Marek\LOCALS~1\Temp\~DFFB55.tmp not found!
C:\WINDOWS\temp\nvcbin.def.76167175.TMP moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_5a8.dat not found!
C:\Documents and Settings\Marek\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\yr5v21ut.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Marek\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\yr5v21ut.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Marek\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\yr5v21ut.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Marek\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\yr5v21ut.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Marek\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\yr5v21ut.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Marek\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\yr5v21ut.default\XUL.mfl moved successfully.

Registry entries deleted on Reboot...

[jaro3]

Ještě nový log z HJT.
Při testu je procesor více vytěžován , takže ten chladič bude třeba, i senzory na teplotu indikují..