Nav pārliecināts, vai tas ir vīruss vai BOSD

**hopthwoks** · #1 Maijs 15, 2009, 21:29

Was on line writting e-pasts bija tas notiktu. Man kādi izskatījās maza piezīme karti iet no stūra uz stūri ar nedaudz zilu laukumu augšējā kreisajā stūrī un zilās līnijas, kas virzās caur tiem. Visas ikonas pazuda, klaviatūra un pele nedarbosies. Vienīgais veids, kā es varēju novērst tā, lai izslēgtu jaudu.
Kad es saņēmu mājās no darba un pagriezt datoru atpakaļ visu man ir melns ekrāns.
Tāpēc es mēģināju visu turpmāko.
Vispirms noņem kabeli, lai uzraudzītu un saņemt pārbaudes, ņemot vērā uz monitora. pārbaudīt to ar veco pc, un tas strādā labi. Tad nācās izņemt cpu ventilatoru (vienu uz šī datora ir kā pūtēju vairāk kā ventilators.) I pierasts redzēt, ja es varētu dzirdēt procesora ventilators strādā. Tā strādā labi. Tad es gatavojas izmēģināt memtest, bet nevarēja iegūt neko moniter tāpēc es nezinu, vai tas darbojas vai nē.
Noņemt visas tiesības pc un akumulatora tas varētu radīt beep. got nav pīkstiens, kad spēks bija saliekts atpakaļ uz augšu. Un es arī pamanīju, ka, ja visi kabeļi ir saliekts augšup un jauda ir ieslēgta, tastatūra un pele nestrādā ..
Kad man vīrusu programmatūru lejupielādēt veco pc es pārbaudām, vai cietā diska joprojām darbojas.
Attiecībā uz pirātisma fails man bija ilga vienu, tieši pirms tas noticis, bet tas bija ar WinPatrol un tika saglabāts failā. Ja es varētu saņemt cieto disku, lai strādātu šo veco datoru, es pēc tā.

**evilfantasy** · #2 Maijs 16, 2009, 14:38

Bez žurnālos mēs nevaram noteikt, ja tas ir malware vai ne.

**hopthwoks** · #3 Maijs 17, 2009, 14:29

Vai darbs kļūst log failu. Cietais disks deva darbu veco datoru.

**hopthwoks** · #4 Maijs 17, 2009, 15:05

Te ir žurnāls, kas bija ilga tikai pirms avārijas.

Log izveidoja WinPatrol PLUS versija 16.0.2009.2:16.0.2009.2
Scan saglabāts 11:57:58, uz 5/13/2009
Platform: Windows XP SP3 Service Pack 3 (Build 2600)
MSIE: Internet Explorer (8.00.6001.18372)
Boot mode: Normal
Running procesiem:
C: \ WINDOWS \ system32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Comodo \ Comodo INTERNET SECURITY \ cmdagent.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ AOL \ ACS \ AOLacsd.exe
C: \ Program Files \ Common Files \ AOL \ Topspeed \ 2,0 \ aoltsmon.exe
C: \ WINDOWS \ ARSERVICE.EXE
C: \ WINDOWS \ explorer.exe
C: \ WINDOWS \ system32 \ bgsvcgen.exe
C: \ WINDOWS \ ehome \ ehrecvr.exe
C: \ WINDOWS \ ehome \ ehSched.exe
C: \ Program Files \ SPOTMAU WINCARES 2007 \ FOLDERPROTECTSERVICE.EXE
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ Program Files \ Malwarebytes "Anti-Malware \ MBAMSERVICE.EXE
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ Program Files \ Common Files \ NEW robeža \ PrismXL \ PRISMXL.SYS
C: \ WINDOWS \ system32 \ atwtusb.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ Program Files \ DIGITAL MEDIA READER \ READERICON45G.EXE
C: \ WINDOWS \ RTHDCPL.exe
C: \ WINDOWS \ arpwrmsg.exe
C: \ Program Files \ LEXMARK 5.200 SERIES \ lxbtbmgr.exe
C: \ WINDOWS \ ehome \ ehmsas.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Program Files \ QuickTime \ qttask.exe
C: \ Program Files \ LEXMARK 5.200 SERIES \ lxbtbmon.exe
C: \ Program Files \ Common Files \ AOL \ 1229613011 \ EE \ AOLSOFTWARE.EXE
C: \ Program Files \ Comodo \ SafeSurf \ cssurf.exe
C: \ Program Files \ Comodo \ Comodo INTERNET SECURITY \ cfp.exe
C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ WTMKM.exe
C: \ Program Files \ Common Files \ Ulead SYSTEMS \ AUTODETECTOR \ Monitor.exe
C: \ Program Files \ BILLP STUDIOS \ WINPATROL \ WINPATROL.EXE
C: \ Program Files \ MESSENGER \ msmsgs.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ WINDOWS \ system32 \ SEARCHINDEXER.EXE
C: \ Program Files \ FILEHIPPO.COM \ UPDATECHECKER.EXE
C: \ Program Files \ FINEPIXVIEWER \ QUICKDCF2.EXE
C: \ Program Files \ Windows Desktop Search \ WINDOWSSEARCH.EXE
C: \ WINDOWS \ system32 \ dllhost.exe
C: \ Program Files \ America Online 9,0 \ waol.exe
C: \ Program Files \ America Online 9,0 \ shellmon.exe
C: \ Program Files \ BILLP STUDIOS \ WINPATROL \ WINPATROLEX.EXE
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.comodo.com/search/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Link Helper - (18DF081C-E8AD-4.283-A596-FA578C2EBDC3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: VIPTToolbarManager Class - (1A2641AE-2C42-4C51-A05F-8ECEC3FDC94D) - C: \ Program Files \ Visual IP Trace 2008 \ VisualIPTraceIE.dll
O2 - BHO: AskBar BHO - (201f27d4-3.704-41d6-89c1-aa35e39143ed) - C: \ Program Files \ AskBarDis \ bar \ bin \ askBar.dll
O2 - BHO: EntDownloadHelper Class - (2956DD50-4F3E-4C20-81D1-FF36435FF288) - C: \ Program Files \ Enterra \ Download Manager \ edm.dll
O2 - BHO: AOL Toolbar Loader - (7C554162-8CB7-45A4-B8F4-8EA1C75885F9) - C: \ Program Files \ AOL Toolbar \ aoltb.dll
O2 - BHO: URLHooker2 Class - (93935F7F-9C88-42F8-8445-95251D27FABC) - C: \ Program Files \ Flash Video Downloader \ URLHooker.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8.333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4.638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 2.1.1119.1736 \ s wg.dll
O2 - BHO: CBrowserHelperObject Objekts - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - C: \ Windows \ system32 \ BAE.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ izvietot \ jqs \ ti \ jqs_plugin.dll
O3 - Toolbar: & Google - (2318C2B1-4.965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar2.dll
O3 - Toolbar: Enterra Download Manager - (B5147546-9.359-4D9B-8B36-F54C54555799) - C: \ Program Files \ Enterra \ Download Manager \ edm.dll
O3 - Toolbar: Visual IP Trace - (E70C26AE-DFF1-40A8-8D37-19180F56F0AA) - C: \ Program Files \ Visual IP Trace 2008 \ VisualIPTraceIE.dll
O3 - Toolbar: AOL Toolbar - (DE9C389F-3.316-41A7-809B-AA305ED9D922) - C: \ Program Files \ AOL Toolbar \ aoltb.dll
O3 - Toolbar: Jautājiet Toolbar - (3041d03e-fd4b-44e0-b742-2d9b88305f98) - C: \ Program Files \ AskBarDis \ bar \ bin \ askBar.dll
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [readericon] C: \ Program Files \ Digital Media Reader \ readericon45G.exe
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [NvCplDaemon] C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM \ .. \ Run: [Lexmark 5.200 sērija] C: \ Program Files \ Lexmark 5.200 sērija \ lxbtbmgr.exe
O4 - HKLM \ .. \ Run: [LXBTCATS] rundll32 C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ LXBTtim e.dll, _RunDLLEntry @ 16
O4 - HKLM \ .. \ Run: [QuickTime Task] C: \ Program Files \ QuickTime \ qttask.exe-atboottime
O4 - HKLM \ .. \ Run: [NvMediaCenter] C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [HostManager] C: \ Program Files \ Common Files \ AOL \ 1229613011 \ EE \ AOLSoftware.exe
O4 - HKLM \ .. \ Run: [AOLDialer] C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe
O4 - HKLM \ .. \ Run: [Pure Networks Port Magic] C: \ PROGRA ~ 1 \ PURENE ~ 1 \ PORTMA ~ 1 \ PortAOL.exe-Run
O4 - HKLM \ .. \ Run: [REGSHAVE] C: \ Program Files \ REGSHAVE \ REGSHAVE.EXE / Autorun
O4 - HKLM \ .. \ Run: [KernelFaultCheck]% systemroot% \ system32 \ dumprep 0-k
O4 - HKLM \ .. \ Run: [Windows Defender] C: \ Program Files \ Windows Defender \ MSASCui.exe-hide
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] C: \ Program Files \ Adobe \ Reader 9,0 \ Reader \ Reader_sl.exe
O4 - HKLM \ .. \ Run: [Malwarebytes "Anti-Malware] C: \ Program Files \ Malwarebytes" Anti-Malware \ mbamgui.exe / starttray
O4 - HKLM \ .. \ Run: [Comodo SafeSurf] C: \ Program Files \ Comodo \ SafeSurf \ cssurf.exe-s
O4 - HKLM \ .. \ Run: [Comodo Internet Security] C: \ Program Files \ Comodo \ Comodo Internet Security \ cfp.exe-h
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
O4 - HKLM \ .. \ Run: [MacrokeyManager] WTMKM.exe
O4 - HKLM \ .. \ Run: [Ulead AutoDetector v2] C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ Monitor.exe
O4 - HKLM \ .. \ Run: [WinPatrol PLUS] C: \ Program Files \ BillP Studios \ WinPatrol \ winpatrol.exe-expressboot
O4 - HKLM \ .. \ RunOnce: [NSSInstallation] C: \ WINDOWS \ system32 \ Adobe \ Shockwave 11 \ nssstub.exe / RunOnce
O4 - HKCU \ .. \ Run: [MSMSGS] C: \ Program Files \ Messenger \ msmsgs.exe / background
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [filehippo.com] C: \ Program Files \ filehippo.com \ UpdateChecker.exe / background
O4 - Global Startup: ExifLauncher2.lnk = C: \ Program Files \ FinePixViewer \ QuickDCF2.exe
O4 - Global Startup: Windows Search.lnk = C: \ Program Files \ Windows Desktop Search \ WindowsSearch.exe
Ø8 - ārpus konteksta menu item: & AOL Toolbar Search - C: \ Documents and Settings \ All Users \ Application Data \ AOL \ ieToolbar \ resursu \ en-US \ Local \ search.html
Ø8 - ārpus konteksta menu item: & Download by Enterra Download Manager - res: / / C: \ Program Files \ Enterra \ Download Manager \ edm.dll/3000
Ø9 - Extra button: Enterra Download Manager - (1AB6CC97-17C1-4207-BC51-5C9D435A338E) - res: / / C: \ Program Files \ Enterra \ Download Manager \ edm.dll/3002
Ø9 - Extra button: (no name) - (85d1f590-48f4-11d9-9.669-0800200c9a66) -% windir% \ bdoscandel.exe
Ø9 - Extra 'Tools' MENUITEM: Uninstall BitDefender Online Scanner v8 - (85d1f590-48f4-11d9-9.669-0800200c9a66) -% windir% \ bdoscandel.exe
Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø9 - Extra button: FWI Krāpšana Shield - (44E50755-EAC0-49ea-B52D-37372157D100) - C: \ Program Files \ FWI \ FraudShield \ FWIFraudShield.exe (HKCU)
Ø9 - Extra button: Flash Video Downloader - (df7831dd-a048-4.336-8cc8-266a03f00d63) - C: \ Program Files \ Flash Video Downloader \ FlashRunner.exe (HKCU)
Ø11 - grupā Opcijas: [Java (Sun)] Java (Sun) - C: \ Program Files \ Java \ jre6 \ bin
Ø11 - grupā Opcijas: [] --
Ø14 - IERESET.INF: START_PAGE_URL = http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
Ø14 - IERESET.INF: SEARCH_PAGE_URL = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
Ø14 - IERESET.INF: HKCU, Start Page =% START_PAGE_URL%
Ø14 - IERESET.INF: HKLM, Default_Page_URL =% START_PAGE_URL%
Ø14 - IERESET.INF: HKLM, Default_Search_URL =% SEARCH_PAGE_URL%
Ø14 - IERESET.INF: HKLM, Search Page =% SEARCH_PAGE_URL%
Ø14 - IERESET.INF: HKCU, Search Page =% SEARCH_PAGE_URL%
Ø15 - Trusted Zona: aol.com
Ø16 - DPF: (5ED80217-570B-4DA9-BF44-BE107C0EC166) (Windows Live Safety Center Base Module) -- http://cdn.scan.onecare.live.com/res...scbase5036.cab
Ø16 - DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) (Java Plug-in 1.6.0_13) -- http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Ø16 - DPF: (A90A5822-F108-45AD-8.482-9BC8B12DD539) (Izšķiroša cpcScan) -- http://www.crucial.com/controls/cpcScanner.cab
Ø16 - DPF: (B1E2B96C-12FE-45E2-BEF1-44A219113CDD) (SABScanProcesses klase) -- http://www.superadblocker.com/activex/sabspx.cab
Ø16 - DPF: (BB21F850-63F4-4EC9-BF9D-565BD30C9AE9) (kvadrāta Scanner) -- http://ax.emsisoft.com/asquared.cab
Ø16 - DPF: (CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA) (Java Plug-in 1.5.0_02) -- http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
Ø16 - DPF: (CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA) (Java Plug-in 1.6.0_05) -- http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Ø16 - DPF: (CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA) (Java Plug-in 1.6.0_07) -- http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Ø16 - DPF: (CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA) (Java Plug-in 1.6.0_13) -- http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Ø16 - DPF: (CAFEEFAC-ffff-ffff-ffff-ABCDEFFEDCBA) (Java Plug-in 1.6.0_13) -- http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Ø16 - DPF: (E8F628B5-259A-4.734-97EE-BA914D7BE941) (Driver Agent ActiveX Control) -- http://plugin.driveragent.com/files/driveragent.cab
O21 - WPDShServiceObj - WPDShServiceObj Class - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll
O23 - Service: AOL Savienojumi Service - AOL LLC - C: \ Program Files \ Common Files \ AOL \ ACS \ AOLacsd.exe
O23 - Service: AOL Topspeed Monitor - America Online, Inc - C: \ Program Files \ Common Files \ AOL \ Topspeed \ 2,0 \ aoltsmon.exe
O23 - Service: B's Recorder GOLD bibliotēka General Service - BHA Corporation - C: \ WINDOWS \ system32 \ bgsvcgen.exe
O23 - Service: Comodo Internet Security Helper Service - - C: \ Program Files \ Comodo \ Comodo Internet Security \ cmdagent.exe
O23 - Service: FolderProtectService - - C: \ Program Files \ Spotmau WinCares 2007 \ FolderProtectService.exe
O23 - Service: Google Updater Service - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: Java Quick Starter - - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe pakalpojumu config C: \ Program Files \ Java \ jre6 \ lib \ izvietot \ jqs \ jqs.conf
O23 - Service: lxbt_device - - C: \ WINDOWS \ system32 \ lxbtcoms.exe-service
O23 - Service: MBAMService - Malwarebytes Corporation - C: \ Program Files \ Malwarebytes "Anti-Malware \ mbamservice.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: WTService - - C: \ WINDOWS \ system32 \ atwtusb.exe-s
--- Papildu WinPatrol Info ---
Default Browser: Windows ® Internet Explorer - Internet Explorer versija 8.00.6001.18372
MSIE: Internet Explorer (8.00.6001.18372)
25 IE Cookies mapē: C: \ Documents and Settings \ Owner.YOUR-DC0C6E8137 \ Cookies \
WP00 - HKLM \ CS1: BootExecute = Automātiskā pārbaude autochk *
WP00 - HKLM \ CCS: BootExecute = Automātiskā pārbaude autochk *
WP00 - HKLM \ CS2: BootExecute = Automātiskā pārbaude autochk *
WP00 - HKLM \ CS3: BootExecute = Automātiskā pārbaude autochk *
WP02 - HKLM \ CCS: Command = C: \ WINDOWS \ system32 \ cmd.exe
WP03 - Windows Automatic Update = 4: automātiski lejupielādēt ieteicamos atjauninājumus manā datorā un instalēt tos.

WP08 - HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ URL \ DefaultPrefix: Default = http://
WP08 - HKCU \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ URL \ prefiksi: www = http://
WP31 - Scheduled Tasks: [Uniblue SpeedUpMyPC.job] C: \ Program Files \ Uniblue \ SpeedUpMyPC 3 \ SpeedUpMyPC.exe Nekad
WP31 - Scheduled Tasks: [Uniblue SpeedUpMyPC Nag.job] C: \ Program Files \ Uniblue \ SpeedUpMyPC 3 \ SpeedUpMyPC.exe Nekad
WP31 - Scheduled Tasks: [NSSstub.job] C: \ WINDOWS \ system32 \ Adobe \ Shockwave 11 \ nssstub.exe 05/13/2009 11:30
WP31 - Scheduled Tasks: [Driver Robot.job] C: \ Program Files \ Driver Robot \ DriverRobot.exe Nekad
WP31 - Scheduled Tasks: [Basic attīrīšanas up.job] C: \ Program Files \ Panda Security \ Panda Global Protection 2.009 \ PlaTasks.exe Nekad
WP31 - Scheduled Tasks: [User_Feed_Synchronization-(FD03A801-5.427-4.516-93CD-BC74874B5889). Darbavietu] C: \ WINDOWS \ system32 \ msfeedssync.exe 05/13/2009 11:42
WP16 - ActiveX (00EF2092-6AC5-47C0-BD25-CF2D5D657FEB) [Google Script Object] C: \ Program Files \ Google \ GOOGLETOOLBAR2.DLL 4, 0, 1601, 4.978
WP16 - ActiveX (17.492.023-C23A-453E-A040-C7C580BBF700) [Windows Genuine Advantage Validation Tool] C: \ WINDOWS \ system32 \ LEGITCHECKCONTROL.DLL 1.7.0069.2
WP16 - ActiveX (19916E01-B44E-4E31-94A4-4696DF46157B) [InformationCardSigninHelper klase] C: \ WINDOWS \ system32 \ icardie.dll 8.00.6001.18372
WP16 - ActiveX (25.336.920-03F9-11CF-8FD0-00AA00686F13) [HTML Document] C: \ WINDOWS \ system32 \ mshtml.dll 8.00.6001.18372
WP16 - ActiveX (2933BF90-7B36-11D2-B20E-00C04F983E60) [XML DOM Document] C: \ WINDOWS \ system32 \ msxml3.dll 8.100.1048.0
WP16 - ActiveX (2D360201-FFF5-11D1-8D03-00A0C959BC0A) [DHTML Labot Control Drošs Scripting uz IE5] C: \ Program Files \ Common Files \ Microsoft KOPĪGAS \ Triedit \ dhtmled.ocx 6.01.9234
WP16 - ActiveX (48123BC4-99D9-11D1-A6B3-00C04FD91555) [XML dokuments] C: \ WINDOWS \ system32 \ msxml3.dll 8.100.1048.0
WP16 - ActiveX (4E430174-1673-4FF3-BF28-A3B37F6573E7) [Windows Desktop Search Combo Control] C: \ Program Files \ Windows Desktop Search \ wdsShell.dll 7.0.6001.16503
WP16 - ActiveX (4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2) [Microsoft Terminal Services Client Control (redist)] C: \ WINDOWS \ system32 \ mstscax.dll 6.0.6001.18000
WP16 - ActiveX (4EDCB26C-D24C-4e72-AF07-B576699AC0DE) [Microsoft Terminal Services Client Control (redist)] C: \ WINDOWS \ system32 \ mstscax.dll 6.0.6001.18000
WP16 - ActiveX (63610B21-6B0D-46C5-909D-3BD000B9A5A9) [ToolbarParams klase] C: \ Program Files \ AOL RĪKJOSLU \ aoltb.dll 5.13.4.1
WP16 - ActiveX: (6414512B-B978-451D-A0D8-FCFDF33E833C) [WUWebControl klase] C: \ WINDOWS \ system32 \ wuweb.dll 7.2.6001.788
WP16 - ActiveX (6BF52A52-394A-11D3-B153-00C04F79FAA6) [Windows Media Player] C: \ WINDOWS \ system32 \ wmp.dll 11.0.5721.5260
WP16 - ActiveX (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) [MUWebControl klase] C: \ WINDOWS \ system32 \ muweb.dll 7.2.6001.788
WP16 - ActiveX (72267F6A-A6F9-11D0-BC94-00C04FB67863) [Active Desktop Mover] C: \ WINDOWS \ system32 \ shell32.dll 6.00.2900.5622
WP16 - ActiveX (7390f3d8-0.439-4c05-91e3-cf5cb290c3d0) [Microsoft Terminal Services Client Control (redist)] C: \ WINDOWS \ system32 \ mstscax.dll 6.0.6001.18000
WP16 - ActiveX (75565ED2-1560-4F15-B841-20358DE6A0D1) [ImageControl klase] C: \ WINDOWS \ system32 \ mfimgvwr.ocx 2.0.0.1
WP16 - ActiveX (7584c670-2.274-4efb-b00b-d6aaba6d3850) [Microsoft Terminal Services Client Control (redist)] C: \ WINDOWS \ system32 \ mstscax.dll 6.0.6001.18000
WP16 - ActiveX (8856F961-340A-11D0-A96B-00C04FD705A2) [Microsoft Web Browser] C: \ WINDOWS \ system32 \ ieframe.dll 8.00.6001.18372
WP16 - ActiveX (88D969C0-F192-11D4-A65F-0040963251E5) [XML DOM dokuments 4,0] C: \ WINDOWS \ system32 \ msxml4.dll 4.20.9870.0
WP16 - ActiveX (88D969C5-F192-11D4-A65F-0040963251E5) [XML HTTP 4,0] C: \ WINDOWS \ system32 \ msxml4.dll 4.20.9870.0
WP16 - ActiveX (88D969EA-F192-11D4-A65F-0040963251E5) [XML HTTP 5,0] C: \ Program Files \ Common Files \ Microsoft KOPĪGAS \ Office11 \ msxml5.dll 5.20.1087.0
WP16 - ActiveX (8AD9C840-044E-11D1-B3E9-00805F499D93) [Java Plug-in 1.6.0_13] C: \ Program Files \ Java \ jre6 \ bin \ jp2iexp.dll
WP16 - ActiveX (9059f30f-4eb1-4bd2-9fdc-36f43a218f4a) [Microsoft Terminal Services Client Control (redist)] C: \ WINDOWS \ system32 \ mstscax.dll 6.0.6001.18000
WP16 - ActiveX (B1E2B96C-12FE-45E2-BEF1-44A219113CDD) [SABScanProcesses klase] C: \ WINDOWS \ Downloaded Program Files \ sabspx.dll 1.0.0.1
WP16 - ActiveX (BB21F850-63F4-4EC9-BF9D-565BD30C9AE9) [kvadrāta Scanner] C: \ WINDOWS \ Downloaded Program Files \ asquared.ocx 4.0.0.0
WP16 - ActiveX (CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA) [Java Plug-in 1.6.0_05] C: \ Program Files \ Java \ jre6 \ bin \ jp2iexp.dll
WP16 - ActiveX (CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA) [Java Plug-in 1.6.0_07] C: \ Program Files \ Java \ jre6 \ bin \ jp2iexp.dll
WP16 - ActiveX (CFBFAE00-17A6-11D0-99CB-00C04FD64497) [Microsoft Url Search Hook] C: \ WINDOWS \ system32 \ ieframe.dll 8.00.6001.18372
WP16 - ActiveX (D27CDB6E-AE6D-11CF-96B8-444.553.540.000) [Shockwave Flash Object] C: \ WINDOWS \ system32 \ Macromed \ Flash \ Flash10b.ocx 10,0,22,87
WP16 - ActiveX (DFEAF541-F3E1-4C24-ACAC-99C30715084A) [Microsoft Silverlight] C: \ Program Files \ Microsoft Silverlight \ 2.0.40115.0 \ npctrl.dll 2.0.40115.0
WP16 - ActiveX (E8F628B5-259A-4.734-97EE-BA914D7BE941) [Driver Agent ActiveX Control] C: \ WINDOWS \ Downloaded Program Files \ DRIVERAGENT.OCX 1.0.0.0
WP16 - ActiveX (EA756889-2.338-43DB-8F07-D1CA6FB9C90D) [IAOLTBSearch klase] C: \ Program Files \ AOL RĪKJOSLU \ aoltb.dll 5.13.4.1
WP16 - ActiveX (ED8C108E-4.349-11D2-91A4-00C04F7969E8) [XML HTTP Request] C: \ WINDOWS \ system32 \ msxml3.dll 8.100.1048.0
WP16 - ActiveX (F5078F32-C551-11D3-89B9-0000F81FE221) [XML DOM dokuments 3,0] C: \ WINDOWS \ system32 \ msxml3.dll 8.100.1048.0
WP16 - ActiveX (F6D90F11-9C73-11D3-B32E-00C04F990BB4) [XML DOM Document] C: \ WINDOWS \ system32 \ msxml3.dll 8.100.1048.0
WP16 - ActiveX (F6D90F16-9C73-11D3-B32E-00C04F990BB4) [XML HTTP] C: \ WINDOWS \ system32 \ msxml3.dll 8.100.1048.0
WP16 - ActiveX (DFEAF541-F3E1-4c24-ACAC-99C30715084A) [Microsoft Silverlight] C: \ Program Files \ Microsoft Silverlight \ 2.0.40115.0 \ npctrl.dll 2.0.40115.0
WP16 - ActiveX: DFEAF541-F3E1-4c24-ACAC-99C30715084A [Microsoft Silverlight] C: \ Program Files \ Microsoft Silverlight \ 2.0.40115.0 \ npctrl.dll 2.0.40115.0
WP16 - ActiveX (05589fa1-c356-11CE-bf01-00aa0055595a) [ActiveMovieControl Object] C: \ WINDOWS \ system32 \ wmpdxm.dll 11.0.5721.5145
WP16 - ActiveX (0713E8A2-850A-101B-AFC0-4210102A8DA7) [Microsoft TreeView Control, versija 5.0 (SP2)] C: \ WINDOWS \ system32 \ COMCTL32.OCX 5.01.4319
WP16 - ActiveX (0713E8D2-850A-101B-AFC0-4210102A8DA7) [Microsoft ProgressBar Control, versija 5.0 (SP2)] C: \ WINDOWS \ system32 \ COMCTL32.OCX 5.01.4319
WP16 - ActiveX (233C1507-6A77-46A4-9.443-F871F945D258) [Shockwave ActiveX Control] C: \ WINDOWS \ system32 \ Adobe \ direktors \ SwDir.dll 11,5
WP16 - ActiveX (17.492.023-C23A-453E-A040-C7C580BBF700) [Windows Genuine Advantage Validation Tool] C: \ WINDOWS \ system32 \ LEGITCHECKCONTROL.DLL 1.7.0069.2
WP16 - ActiveX (1D2B4F40-1F10-11D1-9E88-00C04FDCAB92) [ThumbCtl klase] C: \ WINDOWS \ system32 \ webvw.dll 6.00.2900.5512
WP16 - ActiveX (DFEAF541-F3E1-4c24-ACAC-99C30715084A) [Microsoft Silverlight] C: \ Program Files \ Microsoft Silverlight \ 2.0.40115.0 \ npctrl.dll 2.0.40115.0
WP16 - ActiveX (52A2AAAE-085D-4.187-97EA-8C30DB990436) [HHCtrl Object] C: \ WINDOWS \ system32 \ hhctrl.ocx 5.2.3790.4110
WP16 - ActiveX (58DA8D8A-9D6A-101B-AFC0-4210102A8DA7) [Microsoft ListView Control, versija 5.0 (SP2)] C: \ WINDOWS \ system32 \ COMCTL32.OCX 5.01.4319
WP16 - ActiveX (58DA8D8F-9D6A-101B-AFC0-4210102A8DA7) [Microsoft Imagelist Control, versija 5.0 (SP2)] C: \ WINDOWS \ system32 \ COMCTL32.OCX 5.01.4319
WP16 - ActiveX (6B7E638F-850A-101B-AFC0-4210102A8DA7) [Microsoft Statusbar Control, versija 5.0 (SP2)] C: \ WINDOWS \ system32 \ COMCTL32.OCX 5.01.4319
WP16 - ActiveX (8856F961-340A-11D0-A96B-00C04FD705A2) [Microsoft Web Browser] C: \ WINDOWS \ system32 \ ieframe.dll 8.00.6001.18372
WP16 - ActiveX (8BD21D50-EC42-11CE-9E0D-00AA006002F3) [Microsoft Forms 2,0 OptionButton] C: \ WINDOWS \ system32 \ FM20.DLL 11.0.6550
WP16 - ActiveX (AE24FDAE-03C6-11D1-8B76-0080C744F389) [Microsoft Scriptlet Detaļas] C: \ WINDOWS \ system32 \ mshtml.dll 8.00.6001.18372
WP16 - ActiveX (CA8A9780-280.D-11CF-A24D-444.553.540.000) [Adobe PDF Reader] C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroPDF.dll
WP16 - ActiveX (CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA) [RealPlayer G2 Control] C: \ WINDOWS \ system32 \ rmoc3260.dll 6.0.8.1266
WP16 - ActiveX (D27CDB6E-AE6D-11CF-96B8-444.553.540.000) [Shockwave Flash Object] C: \ WINDOWS \ system32 \ Macromed \ Flash \ Flash10b.ocx 10,0,22,87
WP16 - ActiveX (E5DF9D10-3B52-11D1-83E8-00A0C90DC849) [WebViewFolderIcon klase] C: \ WINDOWS \ system32 \ webvw.dll 6.00.2900.5512
WP32 - Hidden File: C: \ boot.ini
WP32 - Hidden File: C: \ io.sys
WP32 - Hidden File: C: \ MSDOS.SYS
WP32 - Hidden File: C: \ NTDETECT.COM
WP32 - Hidden File: C: \ ntldr
WP32 - Hidden File: C: \ pagefile.sys
WP32 - Hidden File: C: \ USER
WP32 - Hidden File: C: \ WINDOWS \ WindowsShell.Manifest
WP32 - Hidden File: C: \ WINDOWS \ winnt.bmp
WP32 - Hidden File: C: \ WINDOWS \ winnt256.bmp
WP32 - Hidden File: C: \ WINDOWS \ system32 \ cdplayer.exe.manifest
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ default.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ default.tmp.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ SAM.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ SAM.tmp.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ SECURITY.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ SECURITY.tmp.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ software.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ software.tmp.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ system.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ system.tmp.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ TempKey.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ userdiff.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ drivers \ hosts
WP32 - Hidden File: C: \ WINDOWS \ system32 \ logonui.exe.manifest
WP32 - Hidden File: C: \ WINDOWS \ system32 \ ncpa.cpl.manifest
WP32 - Hidden File: C: \ WINDOWS \ system32 \ nwc.cpl.manifest
WP32 - Hidden File: C: \ WINDOWS \ system32 \ Restore \ filelist.xml
WP32 - Hidden File: C: \ WINDOWS \ system32 \ sapi.cpl.manifest
WP32 - Hidden File: C: \ WINDOWS \ system32 \ WindowsLogon.manifest
WP32 - Hidden File: C: \ WINDOWS \ system32 \ wuaucpl.cpl.manifest
WP32 - Hidden File: C: \ Program Files \ Common Files \ Services \ Thumbs.db
WP32 - Hidden File: C: \ boot.ini
WP32 - Hidden File: C: \ io.sys
WP32 - Hidden File: C: \ MSDOS.SYS
WP32 - Hidden File: C: \ NTDETECT.COM
WP32 - Hidden File: C: \ ntldr
WP32 - Hidden File: C: \ pagefile.sys
WP32 - Hidden File: C: \ USER
WP33 - Faila veids. CAT: [Drošības Katalogs] rundll32.exe cryptext.dll, CryptExtOpenCAT% 1
WP33 - Faila veids. CHM: [Sastādītāja HTML Help fails] C: \ WINDOWS \ hh.exe% 1
WP33 - Faila veids. COM: [MS-DOS Application]% 1% *
WP33 - Faila veids. CMD: [Windows NT Command Script]% 1% *
WP33 - Faila veids. EML: [interneta e-pasta ziņojumu] C: \ Program Files \ Outlook Express \ msimn.exe / eml:% 1
WP33 - Faila veids. EXE: [pieteikums]% 1% *
WP33 - Faila veids. INF: [Setup Information] C: \ WINDOWS \ System32 \ NOTEPAD.EXE% 1
WP33 - Faila veids. JS: [JScript Script File] C: \ WINDOWS \ System32 \ WScript.exe% 1% *
WP33 - Faila veids. LOG: [Text Document] C: \ WINDOWS \ system32 \ NOTEPAD.EXE% 1
WP33 - Faila veids. MSI: [Windows Installer Package] C: \ WINDOWS \ System32 \ Msiexec.exe / i% 1% *
WP33 - Faila veids. MID: [MIDI secības] C: \ Program Files \ Windows Media Player \ wmplayer.exe / Open% L
WP33 - Faila veids. MP3: [MP3 Format Sound] C: \ Program Files \ Windows Media Player \ wmplayer.exe / prefetch: 6 / Open% L
WP33 - Faila veids. PIF: [saīsni MS-DOS programmas]% 1% *
WP33 - Faila veids. RAM: [RealPlayer File] C: \ Program Files \ Real \ RealPlayer \ RealPlay.exe / m audio / x-pn-RealAudio% 1
WP33 - Faila veids. REG: [Reģistrācija Entries] regedit.exe% 1
WP33 - Faila veids. RTF: [Rich Text Document] C: \ Program Files \ Windows NT \ Aksesuāri \ WORDPAD.EXE% 1
WP33 - Faila veids. SCR: [Screen Saver]% 1 / S
WP33 - Faila veids. TXT: [Text Document] C: \ WINDOWS \ system32 \ NOTEPAD.EXE% 1
WP33 - Faila veids. URL: [Internet Shortcut] rundll32.exe ieframe.dll, OpenURL% l
WP33 - Faila veids. VBS: [VBScript Script File] C: \ WINDOWS \ System32 \ WScript.exe% 1% *
WP33 - Faila veids. VBE: [VBScript Kodētie Script File] C: \ WINDOWS \ System32 \ WScript.exe% 1% *
WP33 - Faila veids. WSF: [Windows skripta fails] C: \ WINDOWS \ System32 \ WScript.exe% 1% *
WP33 - Faila veids. Wsh: [Windows Script Host Settings File] C: \ WINDOWS \ System32 \ WScript.exe% 1% *
Memory pašlaik izmanto: 18%
Fiziskā Memory Free: 2.097.151 KB
Peidžeru File Free: 4.194.303 KB
Virtuālās Memory Free: 2.048.264 KB

--
End Lietas

**evilfantasy** · #5 Maijs 17, 2009, 15:21

Es neredzu neko, kas varētu radīt problēmas, Jums ir. Vai esi pārliecināts, ka disks nav iet slikti?

**hopthwoks** · #6 Maijs 17, 2009, 16:26

Šajā brīdī kaut kas ir iespējams.
Kad jūs sakāt drive do you mean HD, kas darbojas naudas sodu par veco datoru?

**evilfantasy** · #7 Maijs 17, 2009, 16:39

Jā HD. Vai jūs pilnībā virus scan par to? Tas būtu ticamāki tad HJT skenēšanu.

**hopthwoks** · #8 Maijs 27, 2009, 08:53

Sorry pagāja tik ilgs, lai saņemtu atpakaļ EF. Bija problēma ar veco datoru. Ko jūs vēlētos man palaist šajā brīdī es centīšos kaut kas, bet comboFix.

**evilfantasy** · #9 Maijs 27, 2009, 09:18

Lejupielādēt DrWeb CureIt Un saglabājiet to savā datorā. Scan ar DrWeb-CureIt šādi:

Double-click uz drweb-cureit.exe un pēc tam noklikšķiniet uz Sākums
Informatīvs paziņojums būs redzams, noklikšķiniet uz OK.
Šis sāk īss skenēšanas ka skenēs lietām, kas patlaban darbojas atmiņā.
Ja Jums nekavējoties nopirkt pilnu versiju tikko izietu no loga. Skeneris joprojām strādā bez iegādāties pilno versiju
Ja vai kad kaut kas ir atrasts, noklikšķiniet uz Jā pogu, kad tā jautā jums, ja vēlaties ārstēt to.

Kad īsā skenēšana ir pabeigta, noklikšķiniet uz Settings> Change Settings
Under Scanning tab Izņemiet Heiristisko analīze un noklikšķiniet uz OK
Atpakaļ galvenajā logā izvēlieties Complete scan pogu un pēc tam noklikšķiniet uz Green Arrow Start Scanning poga pa labi un skenēšanas sāksies.
Click Jā visiem ja tā jautā, vai vēlaties izārstēt / pārvietot failu (s).
Kad skenēšana ir darīts.
Ar Dr.Web CureIt izvēlni kreisajā augšējā stūrī noklikšķiniet uz Fails un izvēlieties Saglabāt ziņojumu sarakstu.
Saglabāt DrWeb.csv ziņot savam Desktop.
Iziet Dr.Web Cureit.
Svarīgi! Pārstartēt datoru, jo tas varētu būt iespējams, ka failu izmantošana būs jāpārvieto / Svītrots laikā reboot.

* Pēc reboot, Right-click Dr.Web piesakieties darbvirsmas un izvēlēties Open With> Bloknots
* Nokopējiet un ielīmējiet šo log in nākamajā atbildē

**hopthwoks** · #10 Maijs 27, 2009, 20:00

Will do. neesat pārliecināts, cik ilgs laiks paies, lai es varētu atgriezties pie jums ar ziņojumu. Vecs dators nav ļaujot man redzēt froum. kaut kas nav kārtībā ar IE7, bet strādās ap, ka pagaidām.