[hopthwoks]

Foi escrita em linha um e-mail tinha um tal aconteça. Eu tenho o que parecia ser pequena nota cartão curso de canto a canto com um pequeno quadrado azul no canto superior esquerdo e uma linha azul correndo por elas. Todos os ícones desapareceram, teclado e mouse não iria funcionar. A única maneira que eu poderia retirar-se para desligar a energia.
Quando chegou a casa do trabalho e transformou o computador de volta a todos os que recebo é uma tela preta.
Então, eu tenho tentado todos os seguintes.
Primeira removido o cabo para o monitor e se o ensaio sobre a luz do monitor. é verificada com o PC antigo e está a trabalhar bem. Então tinha que remover o ventilador da CPU (o presente em um pc é como um ventilador, em seguida, mais um fã.) I costumado a ver se eu podia ouvir o processador fã trabalho. Trata-se de trabalhar bem. Então, eu estava indo para tentar um memtest, mas não podia ficar em cima do moniter assim eu não sei se ele estava correndo ou não.
Removidos todos os poderes para o PC ea bateria para este tornaria bip. não tem poder apitar quando foi agarrado backup. E eu também notei que quando todos os cabos estão ligados e de poder está ligado o teclado eo mouse não funcionam ..
Quando eu recebo o virus software descarregado no PC antigo vou verificar para ver se o disco rígido ainda funciona.
Como eu tinha para hijacks arquivo correu um pouco antes, mas isso aconteceu foi com WinPatrol e foi guardado para o ficheiro. Se eu conseguir a unidade de disco rígido para o trabalho neste computador antigo vou publicá-la.

[evilfantasy]

Sem os registros não se pode fazer uma determinação se é malware ou não.

[hopthwoks]

Irá trabalhar em obter o arquivo de log. Disco rígido dose trabalhos em computador antigo.

[hopthwoks]

Aqui está o log que foi decorreu pouco antes do acidente.

Log criado pelo WinPatrol PLUS versão 16.0.2009.2:16.0.2009.2
Scan guardado em 11:57:58, em 5/13/2009
Plataforma: Windows XP SP3 Service Pack 3 (Build 2600)
MSIE: Internet Explorer (8.00.6001.18372)
Boot mode: Normal
Executando processos:
C: \ WINDOWS \ system32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ ARQUIVOS DE PROGRAMAS \ Comodo \ Comodo Internet Security \ cmdagent.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Common Files \ AOL \ ACS \ AOLacsd.exe
C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe
C: \ WINDOWS \ ARSERVICE.EXE
C: \ WINDOWS \ explorer.exe
C: \ WINDOWS \ system32 \ bgsvcgen.exe
C: \ WINDOWS \ ehome \ ehrecvr.exe
C: \ WINDOWS \ ehome \ ehSched.exe
C: \ PROGRAM FILES \ SPOTMAU WINCARES 2007 \ FOLDERPROTECTSERVICE.EXE
C: \ PROGRAM FILES \ Java \ jre6 \ bin \ jqs.exe
C: \ PROGRAM FILES \ MALWAREBYTES 'anti-malware \ MBAMSERVICE.EXE
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ Program Files \ Common Files \ New Boundary \ PrismXL \ PRISMXL.SYS
C: \ WINDOWS \ system32 \ atwtusb.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ PROGRAM FILES \ Digital Media Reader \ READERICON45G.EXE
C: \ WINDOWS \ RTHDCPL.exe
C: \ WINDOWS \ arpwrmsg.exe
C: \ PROGRAM FILES \ LEXMARK 5200 SERIE \ lxbtbmgr.exe
C: \ WINDOWS \ ehome \ ehmsas.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ PROGRAM FILES \ QUICKTIME \ qttask.exe
C: \ PROGRAM FILES \ LEXMARK 5200 SERIE \ lxbtbmon.exe
C: \ Program Files \ Common Files \ AOL \ 1229613011 \ EE \ AOLSOFTWARE.EXE
C: \ ARQUIVOS DE PROGRAMAS \ Comodo \ SafeSurf \ cssurf.exe
C: \ ARQUIVOS DE PROGRAMAS \ Comodo \ Comodo Internet Security \ cfp.exe
C: \ PROGRAM FILES \ Java \ jre6 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ WTMKM.exe
C: \ Program Files \ Common Files \ Ulead SISTEMAS \ AUTODETECTOR \ Monitor.exe
C: \ PROGRAM FILES \ BILLP ESTUDIOS \ WinPatrol \ WINPATROL.EXE
C: \ Arquivos de Programas \ Messenger \ msmsgs.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ WINDOWS \ system32 \ SEARCHINDEXER.EXE
C: \ PROGRAM FILES \ FILEHIPPO.COM \ UPDATECHECKER.EXE
C: \ PROGRAM FILES \ FINEPIXVIEWER \ QUICKDCF2.EXE
C: \ Arquivos de programas \ Windows Desktop Search \ WINDOWSSEARCH.EXE
C: \ WINDOWS \ system32 \ Dllhost.exe
C: \ PROGRAM FILES \ AMERICA ONLINE 9.0 \ waol.exe
C: \ PROGRAM FILES \ AMERICA ONLINE 9.0 \ shellmon.exe
C: \ PROGRAM FILES \ BILLP ESTUDIOS \ WinPatrol \ WINPATROLEX.EXE
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.comodo.com/search/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Link Helper - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: VIPTToolbarManager Class - (1A2641AE-2C42-4C51-A05F-8ECEC3FDC94D) - C: \ Program Files \ Visual IP Trace 2008 \ VisualIPTraceIE.dll
O2 - BHO: AskBar BHO - (201f27d4-3704-41d6-89c1-aa35e39143ed) - C: \ Program Files \ AskBarDis \ bar \ bin \ askBar.dll
O2 - BHO: EntDownloadHelper Class - (2956DD50-4F3E-4C20-81D1-FF36435FF288) - C: \ Program Files \ Enterra \ Download Manager \ edm.dll
O2 - BHO: AOL Toolbar Loader - (7C554162-8CB7-45A4-B8F4-8EA1C75885F9) - C: \ Program Files \ AOL Toolbar \ aoltb.dll
O2 - BHO: URLHooker2 Class - (93935F7F-9C88-42F8-8445-95251D27FABC) - C: \ Program Files \ Flash Video Downloader \ URLHooker.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 2.1.1119.1736 \ s wg.dll
O2 - BHO: CBrowserHelperObject Objeto - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - c: \ windows \ system32 \ BAE.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ implantar \ jqs \ IE \ jqs_plugin.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar2.dll
O3 - Toolbar: Enterra Download Manager - (B5147546-9359-4D9B-8B36-F54C54555799) - C: \ Program Files \ Enterra \ Download Manager \ edm.dll
O3 - Toolbar: Visual IP Trace - (E70C26AE-DFF1-40A8-8D37-19180F56F0AA) - C: \ Program Files \ Visual IP Trace 2008 \ VisualIPTraceIE.dll
O3 - Toolbar: AOL Toolbar - (DE9C389F-3316-41A7-809B-AA305ED9D922) - C: \ Program Files \ AOL Toolbar \ aoltb.dll
O3 - Toolbar: Ask Toolbar - (3041d03e-fd4b-44e0-b742-2d9b88305f98) - C: \ Program Files \ AskBarDis \ bar \ bin \ askBar.dll
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [readericon] C: \ Program Files \ Digital Media Reader \ readericon45G.exe
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [NvCplDaemon] C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [Power AlwaysReady Mensagem APP] ARPWRMSG.EXE
O4 - HKLM \ .. \ Run: [Lexmark 5200 series] C: \ Program Files \ Lexmark 5200 series \ lxbtbmgr.exe
O4 - HKLM \ .. \ Run: [LXBTCATS] rundll32 C: \ WINDOWS \ system32 \ spool \ DRIVERS \ W32X86 \ 3 \ LXBTtim e.dll, _RunDLLEntry @ 16
O4 - HKLM \ .. \ Run: [QuickTime Task] C: \ Program Files \ QuickTime \ qttask.exe-atboottime
O4 - HKLM \ .. \ Run: [NvMediaCenter] C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [HostManager] C: \ Program Files \ Common Files \ AOL \ 1229613011 \ EE \ AOLSoftware.exe
O4 - HKLM \ .. \ Run: [AOLDialer] C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe
O4 - HKLM \ .. \ Run: [Pure Networks Port Magic] C: \ PROGRA ~ 1 \ PURENE ~ 1 \ PORTMA ~ 1 \ PortAOL.exe-Run
O4 - HKLM \ .. \ Run: [REGSHAVE] C: \ Program Files \ REGSHAVE \ REGSHAVE.EXE / AUTORUN
O4 - HKLM \ .. \ Run: [KernelFaultCheck]% systemroot% \ system32 \ dumprep 0-k
O4 - HKLM \ .. \ Run: [Windows Defender] C: \ Program Files \ Windows Defender \ MSASCui.exe-hide
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] C: \ Arquivos de Programas \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe
O4 - HKLM \ .. \ Run: [Malwarebytes' Anti-Malware] C: \ Program Files \ Malwarebytes' Anti-Malware \ mbamgui.exe / starttray
O4 - HKLM \ .. \ Run: [Comodo SafeSurf] C: \ Program Files \ Comodo \ SafeSurf \ cssurf.exe-s
O4 - HKLM \ .. \ Run: [Comodo Internet Security] C: \ Program Files \ Comodo \ Comodo Internet Security \ cfp.exe-h
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
O4 - HKLM \ .. \ Run: [MacrokeyManager] WTMKM.exe
O4 - HKLM \ .. \ Run: [Ulead AutoDetector v2] C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ Monitor.exe
O4 - HKLM \ .. \ Run: [WinPatrol PLUS] C: \ Program Files \ BillP Studios \ WinPatrol \ winpatrol.exe-expressboot
O4 - HKLM \ .. \ RunOnce: [NSSInstallation] C: \ WINDOWS \ system32 \ Adobe \ Shockwave 11 \ nssstub.exe / RunOnce
O4 - HKCU \ .. \ Run: [MSMSGS] C: \ Program Files \ Messenger \ msmsgs.exe / background
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [filehippo.com] C: \ Program Files \ filehippo.com \ UpdateChecker.exe / antecedentes
O4 - Global Startup: ExifLauncher2.lnk = C: \ Program Files \ FinePixViewer \ QuickDCF2.exe
O4 - Global Startup: Windows Search.lnk = C: \ Program Files \ Windows Desktop Search \ WindowsSearch.exe
O8 - Extra context menu item: & AOL Toolbar Search - C: \ Documents and Settings \ All Users \ Application Data \ AOL \ ieToolbar \ recursos \ en-US \ local \ search.html
O8 - Extra context menu item: & Download pela Enterra Download Manager - res: / / C: \ Program Files \ Enterra \ Download Manager \ edm.dll/3000
O9 - Extra button: Enterra Download Manager - (1AB6CC97-17C1-4207-BC51-5C9D435A338E) - res: / / C: \ Program Files \ Enterra \ Download Manager \ edm.dll/3002
O9 - Extra button: (no name) - (85d1f590-48F4-11d9-9669-0800200c9a66) -% windir% \ bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - (85d1f590-48F4-11d9-9669-0800200c9a66) -% windir% \ bdoscandel.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra button: FWI Luta Blindagem - (44E50755-EAC0-49ea-B52D-37372157D100) - C: \ Program Files \ FWI \ FraudShield \ FWIFraudShield.exe (HKCU)
O9 - Extra button: Flash Video Downloader - (df7831dd-a048-4336-8cc8-266a03f00d63) - C: \ Program Files \ Flash Video Downloader \ FlashRunner.exe (HKCU)
O11 - Options group: [Java (Sun)] Java (domingo) - C: \ Program Files \ Java \ jre6 \ bin
O11 - Options group: [] --
O14 - IERESET.INF: START_PAGE_URL = http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
O14 - IERESET.INF: SEARCH_PAGE_URL = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
O14 - IERESET.INF: HKCU, Start Page =% START_PAGE_URL%
O14 - IERESET.INF: HKLM, Default_Page_URL =% START_PAGE_URL%
O14 - IERESET.INF: HKLM, Default_Search_URL =% SEARCH_PAGE_URL%
O14 - IERESET.INF: HKLM, Search Page =% SEARCH_PAGE_URL%
O14 - IERESET.INF: HKCU, Search Page =% SEARCH_PAGE_URL%
Ø15 - Trusted Zone: aol.com
O16 - DPF: (5ED80217-570B-4DA9-BF44-BE107C0EC166) (Windows Live Safety Center Base Module) -- http://cdn.scan.onecare.live.com/res...scbase5036.cab
O16 - DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) (Java Plug-in 1.6.0_13) -- http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
O16 - DPF: (A90A5822-F108-45AD-8482-9BC8B12DD539) (Crucial cpcScan) -- http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: (B1E2B96C-12FE-45E2-BEF1-44A219113CDD) (SABScanProcesses Classe) -- http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: (BB21F850-63F4-4EC9-BF9D-565BD30C9AE9) (a-squared Scanner) -- http://ax.emsisoft.com/asquared.cab
O16 - DPF: (CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA) (Java Plug-in 1.5.0_02) -- http://java.sun.com/update/1.5.0/jin...ndows-i586.cab
O16 - DPF: (CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA) (Java Plug-in 1.6.0_05) -- http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
O16 - DPF: (CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA) (Java Plug-in 1.6.0_07) -- http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
O16 - DPF: (CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA) (Java Plug-in 1.6.0_13) -- http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
O16 - DPF: (CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA) (Java Plug-in 1.6.0_13) -- http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
O16 - DPF: (E8F628B5-259A-4734-97EE-BA914D7BE941) (Driver Agent ActiveX Control) -- http://plugin.driveragent.com/files/driveragent.cab
O21 - WPDShServiceObj - Classe WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service - AOL LLC - C: \ Program Files \ Common Files \ AOL \ ACS \ AOLacsd.exe
O23 - Service: AOL TopSpeed Monitor - America Online, Inc - C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe
O23 - Service: B's Recorder GOLD Library General Public Service - BHA Corporation - C: \ WINDOWS \ system32 \ bgsvcgen.exe
O23 - Service: Comodo Internet Security Helper Service - - C: \ Program Files \ Comodo \ Comodo Internet Security \ cmdagent.exe
O23 - Service: FolderProtectService - - C: \ Program Files \ Spotmau WinCares 2007 \ FolderProtectService.exe
O23 - Service: Google Updater Service - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: Java Quick Starter - - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe-service-config C: \ Program Files \ Java \ jre6 \ lib \ implantar \ jqs \ jqs.conf
O23 - Service: lxbt_device - - C: \ WINDOWS \ system32 \ lxbtcoms.exe-service
O23 - Service: MBAMService - Malwarebytes Corporation - C: \ Program Files \ Malwarebytes' Anti-Malware \ mbamservice.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: WTService - - C: \ WINDOWS \ system32 \ atwtusb.exe-s
Informações adicionais WinPatrol --- ---
Default Browser: Windows ® Internet Explorer - Internet Explorer versão 8.00.6001.18372
MSIE: Internet Explorer (8.00.6001.18372)
25 IE cookies da pasta C: \ Documents and Settings \ Owner.YOUR-DC0C6E8137 \ Cookies \
WP00 - HKLM \ CS1: BootExecute = autocheck autochk *
WP00 - HKLM \ CCS: BootExecute = autocheck autochk *
WP00 - HKLM \ CS2: BootExecute = autocheck autochk *
WP00 - HKLM \ CS3: BootExecute = autocheck autochk *
WP02 - HKLM \ CCS: Command = C: \ WINDOWS \ system32 \ cmd.exe
WP03 - Windows Automatic Update = 4: Transferir automaticamente as actualizações recomendadas para o meu computador e instalá-los.

WP08 - HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ URL \ DefaultPrefix: Padrão = http://
WP08 - HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ URL \ Prefixes: http:// www =
WP31 - Tarefas agendadas: [Uniblue SpeedUpMyPC.job] C: \ Program Files \ Uniblue \ SpeedUpMyPC 3 \ SpeedUpMyPC.exe Nunca
WP31 - Tarefas agendadas: [Uniblue SpeedUpMyPC Nag.job] C: \ Program Files \ Uniblue \ SpeedUpMyPC 3 \ SpeedUpMyPC.exe Nunca
WP31 - Tarefas agendadas: [NSSstub.job] C: \ WINDOWS \ system32 \ Adobe \ Shockwave 11 \ nssstub.exe 05/13/2009 11:30
WP31 - Tarefas agendadas: [Driver Robot.job] C: \ Program Files \ Driver Robot \ DriverRobot.exe Nunca
WP31 - Tarefas agendadas: [Básico limpa-up.job] C: \ Program Files \ Panda Security \ Panda Global Protection 2009 \ PlaTasks.exe Nunca
WP31 - Tarefas agendadas: [User_Feed_Synchronization-(FD03A801-5427-4516-93CD-BC74874B5889). Tarefa] C: \ WINDOWS \ system32 \ msfeedssync.exe 05/13/2009 11:42
WP16 - ActiveX: (00EF2092-6AC5-47C0-BD25-CF2D5D657FEB) [Google Script Objeto] C: \ Arquivos de Programas \ Google \ GOOGLETOOLBAR2.DLL 4, 0, 1601, 4978
WP16 - ActiveX: (17492023-C23A-453E-A040-C7C580BBF700) [Windows Genuine Advantage Validation Tool] C: \ WINDOWS \ system32 \ LegitCheckControl.dll 1.7.0069.2
WP16 - ActiveX: (19916E01-B44E-94A4-4E31-4696DF46157B) [InformationCardSigninHelper Class] C: \ WINDOWS \ system32 \ icardie.dll 8.00.6001.18372
WP16 - ActiveX: (25336920-03F9-11CF-8FD0-00AA00686F13) [documento HTML] C: \ WINDOWS \ system32 \ mshtml.dll 8.00.6001.18372
WP16 - ActiveX: (2933BF90-7B36-11D2-B20E-00C04F983E60) [XML DOM Document] C: \ WINDOWS \ system32 \ msxml3.dll 8.100.1048.0
WP16 - ActiveX: (2D360201-FFF5-11D1-8D03-00A0C959BC0A) [DHTML Edit Control Safe para Scripting para IE5] C: \ Program Files \ Common Files \ Microsoft Shared \ Triedit \ Dhtmled.ocx 6.01.9234
WP16 - ActiveX: (48123BC4-99D9-11D1-A6B3-00C04FD91555) [documento XML] C: \ WINDOWS \ system32 \ msxml3.dll 8.100.1048.0
WP16 - ActiveX: (4E430174-1673-4FF3-BF28-A3B37F6573E7) [Windows Desktop Search Combo Control] C: \ Arquivos de programas \ Windows Desktop Search \ wdsShell.dll 7.0.6001.16503
WP16 - ActiveX: (4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2) [Microsoft Terminal Services Client Control (Redist)] C: \ WINDOWS \ system32 \ mstscax.dll 6.0.6001.18000
WP16 - ActiveX: (4EDCB26C-D24C-4e72-AF07-B576699AC0DE) [Microsoft Terminal Services Client Control (Redist)] C: \ WINDOWS \ system32 \ mstscax.dll 6.0.6001.18000
WP16 - ActiveX: (63610B21-6B0D-46C5-909D-3BD000B9A5A9) [ToolbarParams Class] C: \ PROGRAM FILES \ AOL Toolbar \ aoltb.dll 5.13.4.1
WP16 - ActiveX: (6414512B-B978-451D-A0D8-FCFDF33E833C) [WUWebControl Class] C: \ WINDOWS \ system32 \ wuweb.dll 7.2.6001.788
WP16 - ActiveX: (6BF52A52-394A-11D3-B153-00C04F79FAA6) [Windows Media Player] C: \ WINDOWS \ system32 \ Wmp.dll 11.0.5721.5260
WP16 - ActiveX: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) [MUWebControl Class] C: \ WINDOWS \ system32 \ muweb.dll 7.2.6001.788
WP16 - ActiveX: (72267F6A-A6F9-11D0-BC94-00C04FB67863) [Active Desktop Mover] C: \ WINDOWS \ system32 \ shell32.dll 6.00.2900.5622
WP16 - ActiveX: (7390f3d8-0439-4c05-91e3-cf5cb290c3d0) [Microsoft Terminal Services Client Control (Redist)] C: \ WINDOWS \ system32 \ mstscax.dll 6.0.6001.18000
WP16 - ActiveX: (75565ED2-1560-4F15-B841-20358DE6A0D1) [ImageControl Class] C: \ WINDOWS \ system32 \ mfimgvwr.ocx 2.0.0.1
WP16 - ActiveX: (7584c670-2274-4efb-b00b-d6aaba6d3850) [Microsoft Terminal Services Client Control (Redist)] C: \ WINDOWS \ system32 \ mstscax.dll 6.0.6001.18000
WP16 - ActiveX: (8856f961-340a-11d0-a96b-00c04fd705a2) [Microsoft Web Browser] C: \ WINDOWS \ system32 \ Ieframe.dll 8.00.6001.18372
WP16 - ActiveX: (88D969C0-F192-11D4-A65F-0040963251E5) [XML DOM Document 4,0] C: \ WINDOWS \ system32 \ msxml4.dll 4.20.9870.0
WP16 - ActiveX: (88D969C5-F192-11D4-A65F-0040963251E5) [XML HTTP 4,0] C: \ WINDOWS \ system32 \ msxml4.dll 4.20.9870.0
WP16 - ActiveX: (88D969EA-F192-11D4-A65F-0040963251E5) [XML HTTP 5,0] C: \ Program Files \ Common Files \ Microsoft Shared \ OFFICE11 \ msxml5.dll 5.20.1087.0
WP16 - ActiveX: (8AD9C840-044E-11D1-B3E9-00805F499D93) [Java Plug-in 1.6.0_13] C: \ PROGRAM FILES \ Java \ jre6 \ bin \ jp2iexp.dll
WP16 - ActiveX: (9059f30f-4eb1-4bd2-9fdc-36f43a218f4a) [Microsoft Terminal Services Client Control (Redist)] C: \ WINDOWS \ system32 \ mstscax.dll 6.0.6001.18000
WP16 - ActiveX: (B1E2B96C-12FE-45E2-BEF1-44A219113CDD) [SABScanProcesses Class] C: \ Windows \ Downloaded Program Files \ sabspx.dll 1.0.0.1
WP16 - ActiveX: (BB21F850-63F4-4EC9-BF9D-565BD30C9AE9) [a-squared Scanner] C: \ WINDOWS \ Downloaded Program Files \ asquared.ocx 4.0.0.0
WP16 - ActiveX: (CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA) [Java Plug-in 1.6.0_05] C: \ PROGRAM FILES \ Java \ jre6 \ bin \ jp2iexp.dll
WP16 - ActiveX: (CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA) [Java Plug-in 1.6.0_07] C: \ PROGRAM FILES \ Java \ jre6 \ bin \ jp2iexp.dll
WP16 - ActiveX: (CFBFAE00-17A6-11D0-99CB-00C04FD64497) [Microsoft Url Search Hook] C: \ WINDOWS \ system32 \ Ieframe.dll 8.00.6001.18372
WP16 - ActiveX: (D27CDB6E-AE6D-11CF-96B8-444553540000) [Shockwave Flash Object] C: \ WINDOWS \ system32 \ Macromed \ Flash \ Flash10b.ocx 10,0,22,87
WP16 - ActiveX: (DFEAF541-F3E1-4C24-acac-99C30715084A) [Microsoft Silverlight] C: \ Arquivos de Programas \ Microsoft SILVERLIGHT \ 2.0.40115.0 \ npctrl.dll 2.0.40115.0
WP16 - ActiveX: (E8F628B5-259A-4734-97EE-BA914D7BE941) [Driver Agent ActiveX Control] C: \ Windows \ Downloaded Program Files \ DRIVERAGENT.OCX 1.0.0.0
WP16 - ActiveX: (EA756889-2338-43DB-8F07-D1CA6FB9C90D) [IAOLTBSearch Class] C: \ PROGRAM FILES \ AOL Toolbar \ aoltb.dll 5.13.4.1
WP16 - ActiveX: (ED8C108E-4349-11D2-91A4-00C04F7969E8) [XML HTTP Request] C: \ WINDOWS \ system32 \ msxml3.dll 8.100.1048.0
WP16 - ActiveX: (F5078F32-C551-11d3-89b9-0000f81fe221) [XML DOM Document 3,0] C: \ WINDOWS \ system32 \ msxml3.dll 8.100.1048.0
WP16 - ActiveX: (F6D90F11-9C73-11D3-B32E-00C04F990BB4) [XML DOM Document] C: \ WINDOWS \ system32 \ msxml3.dll 8.100.1048.0
WP16 - ActiveX: (F6D90F16-9C73-11D3-B32E-00C04F990BB4) [XML HTTP] C: \ WINDOWS \ system32 \ msxml3.dll 8.100.1048.0
WP16 - ActiveX: (DFEAF541-F3E1-4c24-acac-99C30715084A) [Microsoft Silverlight] C: \ Arquivos de Programas \ Microsoft SILVERLIGHT \ 2.0.40115.0 \ npctrl.dll 2.0.40115.0
WP16 - ActiveX: DFEAF541-F3E1-4c24-acac-99C30715084A [Microsoft Silverlight] C: \ Arquivos de Programas \ Microsoft SILVERLIGHT \ 2.0.40115.0 \ npctrl.dll 2.0.40115.0
WP16 - ActiveX: (05589fa1-c356-11ce-bf01-00aa0055595a) [ActiveMovieControl Objeto] C: \ WINDOWS \ system32 \ wmpdxm.dll 11.0.5721.5145
WP16 - ActiveX: (0713E8A2-850A-101B-AFC0-4210102A8DA7) [Microsoft TreeView Control, versão 5.0 (SP2)] C: \ WINDOWS \ system32 \ Comctl32.ocx 5.01.4319
WP16 - ActiveX: (0713E8D2-850A-101B-AFC0-4210102A8DA7) [Microsoft progressão Control, versão 5.0 (SP2)] C: \ WINDOWS \ system32 \ Comctl32.ocx 5.01.4319
WP16 - ActiveX: (233C1507-6A77-46A4-9443-F871F945D258) [Shockwave ActiveX Control] C: \ WINDOWS \ system32 \ Adobe \ Director \ SwDir.dll 11,5
WP16 - ActiveX: (17492023-C23A-453E-A040-C7C580BBF700) [Windows Genuine Advantage Validation Tool] C: \ WINDOWS \ system32 \ LegitCheckControl.dll 1.7.0069.2
WP16 - ActiveX: (1D2B4F40-1F10-11D1-9E88-00C04FDCAB92) [ThumbCtl Class] C: \ WINDOWS \ system32 \ webvw.dll 6.00.2900.5512
WP16 - ActiveX: (DFEAF541-F3E1-4c24-acac-99C30715084A) [Microsoft Silverlight] C: \ Arquivos de Programas \ Microsoft SILVERLIGHT \ 2.0.40115.0 \ npctrl.dll 2.0.40115.0
WP16 - ActiveX: (52A2AAAE-085D-4187-97EA-8C30DB990436) [HHCTRL Objeto] C: \ WINDOWS \ system32 \ hhctrl.ocx 5.2.3790.4110
WP16 - ActiveX: (58DA8D8A-9D6A-101B-AFC0-4210102A8DA7) [Microsoft ListView Control, versão 5.0 (SP2)] C: \ WINDOWS \ system32 \ Comctl32.ocx 5.01.4319
WP16 - ActiveX: (58DA8D8F-9D6A-101B-AFC0-4210102A8DA7) [Microsoft Imagelist Control, versão 5.0 (SP2)] C: \ WINDOWS \ system32 \ Comctl32.ocx 5.01.4319
WP16 - ActiveX: (6B7E638F-850A-101B-AFC0-4210102A8DA7) [Microsoft estado Control, versão 5.0 (SP2)] C: \ WINDOWS \ system32 \ Comctl32.ocx 5.01.4319
WP16 - ActiveX: (8856f961-340a-11d0-a96b-00c04fd705a2) [Microsoft Web Browser] C: \ WINDOWS \ system32 \ Ieframe.dll 8.00.6001.18372
WP16 - ActiveX: (8BD21D50-EC42-11CE-9E0D-00AA006002F3) [Microsoft Forms 2.0 OptionButton] C: \ WINDOWS \ system32 \ FM20.dll 11.0.6550
WP16 - ActiveX: (AE24FDAE-03C6-11D1-8B76-0080C744F389) [Microsoft Scriptlet Componente] C: \ WINDOWS \ system32 \ mshtml.dll 8.00.6001.18372
WP16 - ActiveX: (CA8A9780-280D-11CF-A24D-444553540000) [PDF Adobe Reader] C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroPDF.dll
WP16 - ActiveX: (CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA) [RealPlayer G2 Control] C: \ WINDOWS \ system32 \ rmoc3260.dll 6.0.8.1266
WP16 - ActiveX: (D27CDB6E-AE6D-11CF-96B8-444553540000) [Shockwave Flash Object] C: \ WINDOWS \ system32 \ Macromed \ Flash \ Flash10b.ocx 10,0,22,87
WP16 - ActiveX: (E5DF9D10-3B52-11D1-83E8-00A0C90DC849) [WebViewFolderIcon Class] C: \ WINDOWS \ system32 \ webvw.dll 6.00.2900.5512
WP32 - Hidden File: C: \ boot.ini
WP32 - Hidden File: C: \ IO.SYS
WP32 - Hidden File: C: \ msdos.sys
WP32 - Hidden File: C: \ NTDETECT.COM
WP32 - Hidden File: C: \ ntldr
WP32 - Hidden File: C: \ pagefile.sys
WP32 - Hidden File: C: \ UTILIZADOR
WP32 - Hidden File: C: \ WINDOWS \ WindowsShell.Manifest
WP32 - Hidden File: C: \ WINDOWS \ winnt.bmp
WP32 - Hidden File: C: \ WINDOWS \ winnt256.bmp
WP32 - Hidden File: C: \ WINDOWS \ system32 \ cdplayer.exe.manifest
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ default.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ default.tmp.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ SAM.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ SAM.tmp.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ SECURITY.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ SECURITY.tmp.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ software.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ software.tmp.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ system.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ system.tmp.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ TempKey.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ config \ userdiff.LOG
WP32 - Hidden File: C: \ WINDOWS \ system32 \ drivers \ hosts
WP32 - Hidden File: C: \ WINDOWS \ system32 \ logonui.exe.manifest
WP32 - Hidden File: C: \ WINDOWS \ system32 \ ncpa.cpl.manifest
WP32 - Hidden File: C: \ WINDOWS \ system32 \ nwc.cpl.manifest
WP32 - Hidden File: C: \ WINDOWS \ system32 \ Restore \ Filelist.xml
WP32 - Hidden File: C: \ WINDOWS \ system32 \ sapi.cpl.manifest
WP32 - Hidden File: C: \ WINDOWS \ system32 \ WindowsLogon.manifest
WP32 - Hidden File: C: \ WINDOWS \ system32 \ wuaucpl.cpl.manifest
WP32 - Hidden File: C: \ Program Files \ Common Files \ Services \ Thumbs.db
WP32 - Hidden File: C: \ boot.ini
WP32 - Hidden File: C: \ IO.SYS
WP32 - Hidden File: C: \ msdos.sys
WP32 - Hidden File: C: \ NTDETECT.COM
WP32 - Hidden File: C: \ ntldr
WP32 - Hidden File: C: \ pagefile.sys
WP32 - Hidden File: C: \ UTILIZADOR
WP33 - Tipo de Arquivo. CAT: [Segurança Catálogo] rundll32.exe cryptext.dll, CryptExtOpenCAT% 1
WP33 - Tipo de Arquivo. CHM: [Compiled HTML Help file] C: \ Windows \ HH.exe% 1
WP33 - Tipo de Arquivo. COM: [MS-DOS Application]% 1% *
WP33 - Tipo de Arquivo. CMD: [Windows NT Command Script]% 1% *
WP33 - Tipo de Arquivo. EML: [Internet E-Mail Mensagem] C: \ Program Files \ Outlook Express \ msimn.exe / eml:% 1
WP33 - Tipo de Arquivo. EXE: [Pedido]% 1% *
WP33 - Tipo de arquivo. INF: [Setup Informações] C: \ WINDOWS \ System32 \ NOTEPAD.EXE% 1
WP33 - Tipo de Arquivo. JS: [JScript Script File] C: \ WINDOWS \ System32 \ Wscript.exe% 1% *
WP33 - Tipo de Arquivo. LOG: [Text Document] C: \ WINDOWS \ system32 \ NOTEPAD.EXE% 1
WP33 - Tipo de Arquivo. MSI: [pacote Windows Installer] C: \ WINDOWS \ System32 \ msiexec.exe / i% * 1%
WP33 - Tipo de Arquivo. MID: [MIDI Sequence] C: \ Arquivos de Programas \ Windows Media Player \ Wmplayer.exe / Abrir% L
WP33 - Tipo de Arquivo. MP3: [formato MP3 Sound] C: \ Arquivos de Programas \ Windows Media Player \ Wmplayer.exe / prefetch: 6 / Abrir% L
WP33 - Tipo de Arquivo. FIP: [Atalho para programa do MS-DOS]% 1% *
WP33 - Tipo de Arquivo. RAM: [RealPlayer Arquivo] C: \ Program Files \ Real \ RealPlayer \ RealPlay.exe / m audio / x-pn-RealAudio% 1
WP33 - Tipo de Arquivo. REG: [Registo Entries] regedit.exe% 1
WP33 - Tipo de Arquivo. RTF: [Rich Text Document] C: \ Program Files \ Windows NT \ Acessórios \ WORDPAD.EXE% 1
WP33 - Tipo de Arquivo. SCR: [Screen Saver]% 1 / S
WP33 - Tipo de Arquivo. TXT: [Text Document] C: \ WINDOWS \ system32 \ NOTEPAD.EXE% 1
WP33 - Tipo de Arquivo. URL: [Internet Atalho] rundll32.exe Ieframe.dll, OpenURL% l
WP33 - Tipo de Arquivo. VBS: [VBScript Script File] C: \ WINDOWS \ System32 \ Wscript.exe% 1% *
WP33 - Tipo de Arquivo. VBE: [VBScript Encoded Script File] C: \ WINDOWS \ System32 \ Wscript.exe% 1% *
WP33 - Tipo de Arquivo. FSM: [Windows Script File] C: \ WINDOWS \ System32 \ Wscript.exe% 1% *
WP33 - Tipo de Arquivo. WSH: [Windows Script Host Settings Arquivo] C: \ WINDOWS \ System32 \ Wscript.exe% 1% *
Memória atualmente em uso: 18%
Memória Física Free: 2097151 KB
Paginação Arquivo Free: 4194303 KB
Memória Virtual Livre: 2048264 KB

--
Fim do arquivo

[evilfantasy]

Eu não vejo nada que possa estar causando os problemas que está tendo. Tem certeza de que a unidade não está passando mal?

[hopthwoks]

Neste momento tudo é possível.
Quando você diz que quer dizer a unidade de HD que está executando multa sobre o computador antigo?

[evilfantasy]

Sim o HD. Pode fazer uma varredura completa do vírus sobre ela? Isso seria mais fiável, em seguida, uma HJT scan.

[hopthwoks]

Lamento que tenha demorado tanto tempo para voltar EF. Teve problema com o computador antigo. O que você gosta de mim a correr neste momento vou tentar alguma coisa, mas comboFix.

[evilfantasy]

Baixar DrWeb CureIt E salve-o em seu desktop. Digitalizar com o DrWeb-CureIt como segue:

• Dê um duplo clique sobre drweb-cureit.exe e, em seguida, clique em Iniciar
• Um aviso irá aparecer, clique OK.
• Isto inicia um breve exame que fará a varredura dos arquivos atualmente em execução na memória.
• Se você receber uma solicitação para comprar a versão completa só sair pela janela. O scanner ainda funcionará sem comprar a versão completa
• Se, ou quando algo for encontrado, clique no Sim botão quando ele pergunta se você deseja curar-lo.

• Após ter terminado a curto scan, clique em Configurações> Alterar Definições
• Sob a Digitalizando separador Desmarque Análise heurística e clique em OK
• Voltar à janela principal, selecione o Varredura completa e, em seguida, clique no botão Green Arrow Iniciar Digitalizando botão da direita e irá iniciar o scan.
• Clique Sim para todos se ele pergunta se você quer curar / mover qualquer arquivo (s).
• Quando o exame é feito.
• Dr.Web CureIt No menu na parte superior esquerda, clique em Arquivo e escolha Salvar relatório lista.
• Salve o DrWeb.csv relatório para o seu Desktop.
• Sair Dr.Web Cureit.
• Importante! Reinicie o computador, pois poderá ser possível que os arquivos em uso serão movidos / apagados durante a reinicialização.

* Depois de reiniciar, Botão direito do mouse Dr.Web o log na área de trabalho e escolha Abrir com> Bloco de notas
* Copie e cole esse log na próxima resposta

[hopthwoks]

Fará. não sei quanto tempo vai demorar para eu voltar para você com o relatório. Old computador não está permitindo-me a ver o froum. algo errado com o IE7, mas vai trabalhar em torno de que, para o momento.