prosím o kontrolu logu - důvod: seznam e-mail Vyřešeno

[whitecoyottecz]

mám už za sebou první samorestart...a avira už mi našla infekci....v prvním procentu testování

[Reklama]

[whitecoyottecz]

no...počítač se drží.....avira mi našla další viry....dám ti sem pro jistotu log



Avira AntiVir Personal
Report file date: 27. července 2011 20:17

Scanning for 3294984 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : Whitecoyotte
Computer name : RAPTOR

Version information:
BUILD.DAT : 10.0.0.650 31822 Bytes 17.6.2011 15:43:00
AVSCAN.EXE : 10.0.4.2 442024 Bytes 17.6.2011 10:36:21
AVSCAN.DLL : 10.0.3.0 46440 Bytes 17.6.2011 10:37:04
LUKE.DLL : 10.0.3.2 104296 Bytes 17.6.2011 10:36:49
LUKERES.DLL : 10.0.0.1 12648 Bytes 10.2.2010 22:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 6.11.2009 08:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 05:53:55
VBASE002.VDF : 7.11.3.0 1950720 Bytes 9.2.2011 05:53:56
VBASE003.VDF : 7.11.5.225 1980416 Bytes 7.4.2011 10:36:57
VBASE004.VDF : 7.11.8.178 2354176 Bytes 31.5.2011 10:18:22
VBASE005.VDF : 7.11.10.251 1788416 Bytes 7.7.2011 18:13:36
VBASE006.VDF : 7.11.10.252 2048 Bytes 7.7.2011 18:13:36
VBASE007.VDF : 7.11.10.253 2048 Bytes 7.7.2011 18:13:36
VBASE008.VDF : 7.11.10.254 2048 Bytes 7.7.2011 18:13:36
VBASE009.VDF : 7.11.10.255 2048 Bytes 7.7.2011 18:13:36
VBASE010.VDF : 7.11.11.0 2048 Bytes 7.7.2011 18:13:36
VBASE011.VDF : 7.11.11.1 2048 Bytes 7.7.2011 18:13:36
VBASE012.VDF : 7.11.11.2 2048 Bytes 7.7.2011 18:13:36
VBASE013.VDF : 7.11.11.75 688128 Bytes 12.7.2011 18:13:39
VBASE014.VDF : 7.11.11.104 978944 Bytes 13.7.2011 18:13:46
VBASE015.VDF : 7.11.11.137 655360 Bytes 14.7.2011 18:13:51
VBASE016.VDF : 7.11.11.184 699392 Bytes 18.7.2011 18:13:57
VBASE017.VDF : 7.11.11.214 414208 Bytes 19.7.2011 18:13:59
VBASE018.VDF : 7.11.11.242 772096 Bytes 20.7.2011 18:14:07
VBASE019.VDF : 7.11.12.3 1291776 Bytes 20.7.2011 18:14:16
VBASE020.VDF : 7.11.12.30 844288 Bytes 21.7.2011 18:14:20
VBASE021.VDF : 7.11.12.67 149504 Bytes 24.7.2011 18:14:21
VBASE022.VDF : 7.11.12.93 195072 Bytes 25.7.2011 18:14:23
VBASE023.VDF : 7.11.12.113 150528 Bytes 26.7.2011 18:14:24
VBASE024.VDF : 7.11.12.114 2048 Bytes 26.7.2011 18:14:24
VBASE025.VDF : 7.11.12.115 2048 Bytes 26.7.2011 18:14:24
VBASE026.VDF : 7.11.12.116 2048 Bytes 26.7.2011 18:14:24
VBASE027.VDF : 7.11.12.117 2048 Bytes 26.7.2011 18:14:24
VBASE028.VDF : 7.11.12.118 2048 Bytes 26.7.2011 18:14:24
VBASE029.VDF : 7.11.12.119 2048 Bytes 26.7.2011 18:14:24
VBASE030.VDF : 7.11.12.120 2048 Bytes 26.7.2011 18:14:24
VBASE031.VDF : 7.11.12.139 70656 Bytes 27.7.2011 18:14:25
Engineversion : 8.2.6.18
AEVDF.DLL : 8.1.2.1 106868 Bytes 21.4.2011 05:53:28
AESCRIPT.DLL : 8.1.3.73 1622395 Bytes 27.7.2011 18:14:49
AESCN.DLL : 8.1.7.2 127349 Bytes 21.4.2011 05:53:27
AESBX.DLL : 8.2.1.34 323957 Bytes 15.6.2011 22:54:00
AERDL.DLL : 8.1.9.13 639349 Bytes 27.7.2011 18:14:46
AEPACK.DLL : 8.2.9.5 676214 Bytes 27.7.2011 18:14:42
AEOFFICE.DLL : 8.1.2.12 201083 Bytes 27.7.2011 18:14:40
AEHEUR.DLL : 8.1.2.146 3633527 Bytes 27.7.2011 18:14:39
AEHELP.DLL : 8.1.17.6 254326 Bytes 27.7.2011 18:14:28
AEGEN.DLL : 8.1.5.6 401780 Bytes 15.6.2011 22:54:00
AEEMU.DLL : 8.1.3.0 393589 Bytes 21.4.2011 05:53:14
AECORE.DLL : 8.1.22.4 196983 Bytes 27.7.2011 18:14:27
AEBB.DLL : 8.1.1.0 53618 Bytes 21.4.2011 05:53:14
AVWINLL.DLL : 10.0.0.0 19304 Bytes 21.4.2011 05:53:36
AVPREF.DLL : 10.0.0.0 44904 Bytes 17.6.2011 10:36:20
AVREP.DLL : 10.0.0.8 62209 Bytes 17.6.2011 10:36:20
AVREG.DLL : 10.0.3.2 53096 Bytes 17.6.2011 10:36:20
AVSCPLR.DLL : 10.0.4.2 84840 Bytes 17.6.2011 10:36:21
AVARKT.DLL : 10.0.22.6 231784 Bytes 17.6.2011 10:36:13
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 17.6.2011 10:36:18
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17.6.2010 13:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 21.4.2011 05:53:36
NETNT.DLL : 10.0.0.0 11624 Bytes 21.4.2011 05:53:46
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 17.6.2011 10:37:06
RCTEXT.DLL : 10.0.58.0 97128 Bytes 17.6.2011 10:37:06

Configuration settings for the scan:
Jobname.............................: Local Hard Disks
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\alldiscs.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 27. července 2011 20:17

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avshadow.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'RUNDLL32.EXE' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '328' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\Amiga\Amiga Game in PC Exe\Goblins.3in1.COMPiLATiON.Win7-TheCompany.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
C:\Instalačky\Paint.Shop.Pro.v7.02.cz.exe
--> Object
[1] Archive type: ACE SFX (self extracting)
--> jbrws.dll
[WARNING] The file could not be opened!
C:\Program Files\eRightSoft\SUPER\SUPER1.dlm
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\System Volume Information\_restore{2E4F27BD-8CC1-40BA-9A66-35B3905C9F68}\RP21\A0005369.exe
[0] Archive type: OVL
[DETECTION] Is the TR/Spy.Agent.bcxw Trojan
--> Object
[DETECTION] Is the TR/Spy.Agent.bcxw Trojan

--> Object
[DETECTION] Contains recognition pattern of the DR/Delphi.Gen dropper
C:\System Volume Information\_restore{2E4F27BD-8CC1-40BA-9A66-35B3905C9F68}\RP37\A0014861.exe
[DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
C:\System Volume Information\_restore{2E4F27BD-8CC1-40BA-9A66-35B3905C9F68}\RP43\A0026491.exe
[DETECTION] Contains recognition pattern of the KIT/IDL.EC construction kit
C:\System Volume Information\_restore{2E4F27BD-8CC1-40BA-9A66-35B3905C9F68}\RP44\A0027957.exe
[DETECTION] Contains recognition pattern of the KIT/IDL.EC construction kit
C:\Telefon\java hry 240x320\java hry 240x320\D - 2672\JamdatSportsNBA2005_S40v3a.jar
[0] Archive type: ZIP
[DETECTION] Is the TR/Hexem Trojan
--> anims.mrg
[DETECTION] Is the TR/Hexem Trojan

Beginning disinfection:
C:\Telefon\java hry 240x320\java hry 240x320\D - 2672\JamdatSportsNBA2005_S40v3a.jar
[DETECTION] Is the TR/Hexem Trojan
[NOTE] The file was moved to the quarantine directory under the name '4d37d1cc.qua'.
C:\System Volume Information\_restore{2E4F27BD-8CC1-40BA-9A66-35B3905C9F68}\RP44\A0027957.exe
[DETECTION] Contains recognition pattern of the KIT/IDL.EC construction kit
[NOTE] The file was moved to the quarantine directory under the name '555dfe3a.qua'.
C:\System Volume Information\_restore{2E4F27BD-8CC1-40BA-9A66-35B3905C9F68}\RP43\A0026491.exe
[DETECTION] Contains recognition pattern of the KIT/IDL.EC construction kit
[NOTE] The file was moved to the quarantine directory under the name '0702a4d2.qua'.
C:\System Volume Information\_restore{2E4F27BD-8CC1-40BA-9A66-35B3905C9F68}\RP37\A0014861.exe
[DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '6135eb10.qua'.
C:\System Volume Information\_restore{2E4F27BD-8CC1-40BA-9A66-35B3905C9F68}\RP21\A0005369.exe
[DETECTION] Contains recognition pattern of the DR/Delphi.Gen dropper
[NOTE] The file was moved to the quarantine directory under the name '24b1c62e.qua'.
C:\Program Files\eRightSoft\SUPER\SUPER1.dlm
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '5b4af46a.qua'.
C:\Amiga\Amiga Game in PC Exe\Goblins.3in1.COMPiLATiON.Win7-TheCompany.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '17e0d846.qua'.


End of the scan: 27. července 2011 22:28
Used time: 2:09:38 Hour(s)

The scan has been done completely.

15363 Scanned directories
893117 Files were scanned
8 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
7 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
893109 Files not concerned
8428 Archives were scanned
1 Warnings
7 Notes

[memphisto]

Ten SUPER je v pořádku. Položky v C:\System Volume Information jsou pozůstatky infekcí v bodech obnovy a ta Amiga bude pravděpodobně nějaký crack, ten smaž

[whitecoyottecz]

dobře....díky

[jaro3]

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[whitecoyottecz]

vyřešeno ani ne...bylo to lepší...a víc se drží...ale restarty jsou tu znovu....asi budu muset zkusit ten formát

[jaro3]

Stáhni si a nainstaluj WhoCrashed

otevři ho a klikni na Analyze.
Program vytvoří zprávu , zkopíruj celou a vlož prosím sem.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[whitecoyottecz]

formátoval jsem disk....pc skoro vůbec nefungovalo...ale restartuje se pořád, ikdyž s menší intenzitou...dám ti sem později log z whocrashed, ale ten druhý myslím potřeba nebude...pokud ho opravdu chceš...dám ti i ztoho druhého programu

[whitecoyottecz]

ještě musím dodat, že mi padají internetové prohlížeče...i po formátu disku a nainstalování win.
a sem tam mi při spuštění win naběhne okno, že nějaké soubory registru musely být obnovené.

tada je log z whocrashed:


System Information (local)
--------------------------------------------------------------------------------

computer name: WHITECOYOTTE
windows version: Windows XP Service Pack 2, 5.1, build: 2600
windows dir: C:\WINDOWS
CPU: GenuineIntel Intel(R) Pentium(R) 4 CPU 3.06GHz Intel586, level: 15
2 logical processors, active mask: 3
RAM: 1609936896 total
VM: 2147352576, free: 2063904768



--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are enabled on your computer.


On Thu 28.7.2011 19:38:10 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini072911-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x10E396)
Bugcheck code: 0x1000007F (0x8, 0xFFFFFFFFBAB38D70, 0x0, 0x0)
Error: UNEXPECTED_KERNEL_MODE_TRAP_M
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Operační systém Microsoft® Windows®
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a trap was generated by the Intel CPU and the kernel failed to catch this trap.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This problem might be caused by a thermal issue.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.


On Thu 28.7.2011 19:15:53 GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\Mini072811-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x10E396)
Bugcheck code: 0x1000007F (0x8, 0xFFFFFFFF80042000, 0x0, 0x0)
Error: UNEXPECTED_KERNEL_MODE_TRAP_M
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Operační systém Microsoft® Windows®
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a trap was generated by the Intel CPU and the kernel failed to catch this trap.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This problem might be caused by a thermal issue.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.



--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

2 crash dumps have been found and analyzed.
Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

[jaro3]

problém bude nejpíše v jádru systému , ale mohou to být špatné ovladače , služby , HW.

Zadej si téma do jiné sekce , s viry to nesouvisí.
Tady dej zelenou fajfku.

[whitecoyottecz]

dobře...a děkuji za pomoc...měj se