Pomoc! vir v explorer.exe

[zipicek]

skript ? Myslíte ze mám udelat tu opravu z otl a hodit sem log?

[motji]

Ano

[zipicek]

tady je log

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\Temp\GUR495E.tmp moved successfully.
C:\WINDOWS\Temp\GUR49EA.tmp moved successfully.
C:\ProgramData\Kaspersky Lab folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\AppLogs folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware folder moved successfully.
C:\Users\Tomáš\AppData\Roaming\SUPERAntiSpyware.com folder moved successfully.
C:\Program Files\SUPERAntiSpyware folder moved successfully.
C:\Program Files\DaemonTools_WhenUSave_Installer folder moved successfully.
File\Folder C:\Windows\System32\drivers\jhkw.sys not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes' Anti-Malware (reboot) deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\klmdb.sys\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\klmdb.sys\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service qobfd stopped successfully!
Service qobfd deleted successfully!
Service SASDIFSV stopped successfully!
Service SASDIFSV deleted successfully!
Service SASKUTIL stopped successfully!
Service SASKUTIL deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: rodinka
->Temp folder emptied: 8750 bytes
->Temporary Internet Files folder emptied: 8234596 bytes
->Google Chrome cache emptied: 819568 bytes
->Opera cache emptied: 2194508 bytes
->Flash cache emptied: 6447 bytes

User: Tomáš
->Temp folder emptied: 39287613 bytes
->Temporary Internet Files folder emptied: 21184653 bytes
->Google Chrome cache emptied: 203859063 bytes
->Opera cache emptied: 14067401 bytes
->Flash cache emptied: 2086 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1766378 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 278,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: rodinka
->Flash cache emptied: 0 bytes

User: Tomáš
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 02222011_175546





ted se mi objevili nejake soubory (viz foto)
http://leteckaposta.cz/638474183

[motji]

Ty soubory nepřečtu, ale to možná zmizí pod odinstalaci OTL.
Jak se chová počítač? Poprosím o nový log ze rsitu.

Ještě znovu spustte OTL, klikněte na tlačítko vyčisti, uklidí po sobě

[zipicek]

Tak ted jsem zformátoval disk ale furt to znaci tu stejnou chybu

[motji]

Promiňte, jakou?

[zipicek]

Ze se restartuje počítač při spouštění windowsu.

[motji]

stáhněte
http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V


Systém jste uplně zformátoval,že?

[zipicek]

a todle je k čemu? (v licenccí smlouve jsou jakesi klikyháky, mám to nainstalovat? protože kdyz uz naskocí systém tak nejede antivirus)

ano ale neco tam zůstalo ve windowsu old (prog. files, user ...)

[motji]

Tak to jste dělal přeinstalaci bez formátu,ne?
Tohle je utilitka na kontrolu disku, zjistím, v jakém je stavu. Ano, nainstalujte

[zipicek]

JJ hned to udelam a tady jsou nejake chyby co zpusobuje padáni win

C:\Windows\Minidump\022411-33930-01.dmp
C:\Users\Tomáš\AppData\Local\Temp\WER-39983-0.sysdata.xml

[motji]

Poproísm o tuto složku, dejte ji doraru a přiložte jako přílohu
C:\Windows\Minidump

[zipicek]

----------------------------------------------------------------------------
CrystalDiskInfo 3.10.0 (C) 2008-2010 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition [6.1 Build 7600] (x86)
Date : 2011/02/24 17:20:22

-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ ATA Channel 0 (0) [ATA]
- WDC WD5000AAKS-00UU3A0 ATA Device
+ ATA Channel 1 (1) [ATA]
- TSSTcorp CDDVDW SH-S223C ATA Device
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AAKS-00UU3A0 : 500.1 GB [0-0-0, pd1]

----------------------------------------------------------------------------
(1) WDC WD5000AAKS-00UU3A0
----------------------------------------------------------------------------
Model : WDC WD5000AAKS-00UU3A0
Firmware : 01.03B01
Serial Number : WD-WCAYU0047142
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 1424 hod.
Power On Count : 423 krát
Temparature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 141 141 _21 000000000F4C Čas na roztočení ploten
04 100 100 __0 000000000258 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _99 _99 __0 000000000590 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 0000000001A7 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000019 Počet vypnutí disku
C1 200 200 __0 00000000023E Počet cyklů načítání/vymazání
C2 108 103 __0 000000000023 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 43 41 59
020: 55 30 30 34 37 31 34 32 00 00 80 00 00 32 30 31
030: 2E 30 33 42 30 31 57 44 43 20 57 44 35 30 30 30
040: 41 41 4B 53 2D 30 30 55 55 33 41 30 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 17 06 00 00 00 44 00 40
0A0: 01 FE 00 00 74 6B 7F 61 41 23 74 69 BC 41 41 23
0B0: 40 7F 00 26 00 26 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 60 30 3A 38 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E1 57 D3 56 31
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 18
0F0: 40 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 FE 01 25 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 37 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 1E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A8 A5

[motji]

Vidím tam chybu Avastu, zkuste ho odinstalovat, a pak pravděpodobně chybu hardware.
Dám konzultaci s kolegou, HW už není můj obor

Zkuste odinstalovat Avast, jestli se dostanete pak do běžného režimu.

[zipicek]

JJ odinstaluji to a hodím to tam zas a děkuji ze mi tak pomáháte