Внезапно рестартиране на компа и странен процес в Таск Мениджъра

[freegirl]

Гледам cи аз еди клип в ВиБокс7 и внезапно компютъра ми се изключва.Рестартира се. След това в Task Manager-a ми се появява странен процес savedump.exe .Преди малко процеса изчезна...Защо ми се рестартира компа сам?И има ли връзка този процес?

 

Аз се порових в нета и прочетох че тва е проблем с захранването,и при рестартирането на компа се запаметява някакъв файл...Някой ще ми обясни ли по-подробно?

[Гост tnn]

Гледам и аз еди клип в ВиБокс7 и внезапно компютъра ми се изключва.Рестартира се. След това в Task Manager-a ми се появява странен процес savedump.exe .Преди малко процеса изчезна...Защо ми се рестартира компа сам?И има ли връзка този процес?

То с тия безплатни момичета как да не си заразиш системата - действай стандартно .... Например можеш да изтеглиш безплатния Dr WEB Cureit и да стартираш пълно сканиране - дано е достатъчно !

[Night_Raven]

Това може да се дължи на много неща. По принцип е добре да сканираш с антивирусна, ако имаш такава. Можеш да пуснеш тук и LOG файлове на HijackThis и Autoruns.

Изтегли HijackThis 1.99.1 (213KB), която съм преименувал нарочно, стартирай я и кликни Do a system scan and save a logfile. Това ще създаде текстов файл в същата папка. Копирай съдържанието му тук или прикачи файла към темата, както ти е по-удобно.

Изтегли Autoruns, след това стартирай програмата и направи следното:

1) избери Options -> Hide Microsoft Entries;

2) кликни File -> Refresh;

3) кликни File -> Save as;

4) запази файла някъде и след това го прикачи към темата или му копирай съдържанието.

[freegirl]

Аз сканирах с една програма против спайуеар,нищо не намери.Сега сканирам с Dr WEB Cureit,на 81% е,няма открити вируси за сега.Сега ще изтегля тези които ми каза.

 

Ето какво излезе:

Logfile of HijackThis v1.99.1

Scan saved at 9:17:10 PM, on 4/25/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\VMSnap5.EXE

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe

C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe

C:\WINDOWS\system32\WgaTray.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\nia\Desktop\setup.exe

C:\DOCUME~1\nia\LOCALS~1\Temp\RarSFX2\_start.exe

C:\DOCUME~1\nia\LOCALS~1\Temp\RarSFX2\setup.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Documents and Settings\nia\Desktop\alabala.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vbox7.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66006

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66006

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [VMSnap5] C:\WINDOWS\VMSnap5.EXE

O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE

O4 - HKLM\..\Run: [bigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [slide.exe] c:\program files\slide\slide.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM

O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: I?aaaae - {60237576-b24c-4ba9-9740-c9f3ec9db557} - C:\PROGRA~1\SkyCode\WEBTRA~1\wt2ie.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{1FF6E40C-D0F7-4705-A756-AD3CC785C3AD}: NameServer = 85.187.214.34 85.187.214.34

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: crd - Unknown owner - C:\DOCUME~1\nia\LOCALS~1\Temp\IXP001.TMP\poststp.exe (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

 

Ето и от Ауторънс:

 

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ AVG7_CC AVG Control Center GRISOFT, s.r.o. c:\program files\grisoft\avg7\avgcc.exe

+ avgnt Antivirus System Tray Tool Avira GmbH c:\program files\antivir personaledition classic\avgnt.exe

+ BigDog305 File not found: C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)

+ Domino File not found: C:\WINDOWS\Domino.EXE

+ NeroFilterCheck NeroCheck Ahead Software Gmbh c:\windows\system32\nerocheck.exe

+ NvCplDaemon NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

+ NvMediaCenter NVIDIA Media Center Library NVIDIA Corporation c:\windows\system32\nvmctray.dll

+ nwiz NVIDIA nView Wizard, Version 110.48 NVIDIA Corporation c:\windows\system32\nwiz.exe

+ SoundMan Realtek Sound Manager Realtek Semiconductor Corp. c:\windows\soundman.exe

+ SunJavaUpdateSched Java Platform SE binary Sun Microsystems, Inc. c:\program files\java\jre1.6.0_03\bin\jusched.exe

+ VMSnap5 Vimicro Vimicro c:\windows\vmsnap5.exe

+ WinampAgent c:\program files\winamp\winampa.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup

+ SnagIt 8.lnk SnagIt 8 TechSmith Corporation c:\program files\techsmith\snagit 8\snagit32.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

+ Skype Skype. Take a deep breath Skype Technologies S.A. c:\program files\skype\phone\skype.exe

+ slide.exe File not found: c:\program files\slide\slide.exe

+ swg GoogleToolbarNotifier Google Inc. c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe

HKLM\SOFTWARE\Classes\Protocols\Handler

+ skype4com Skype for COM API Skype Technologies c:\program files\common files\skype\skype4com.dll

HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components

+ 0 File not found: http://i140.photobucket.com/albums/r6/cwm1...796984754-2.jpg

+ 1 File not found: http://fenkata.znih.com/images/users/fenkata_small.jpg

+ 2 File not found: About:Home

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers

+ AVG7 Shell Extension AVG Shell Extension GRISOFT, s.r.o. c:\program files\grisoft\avg7\avgse.dll

+ PowerConverter Power MP3 WMA Converter Shell Extension. CooolSoft c:\program files\power mp3 wma converter\shellext.dll

+ Shell Extension for Malware scanning ShlExt.dll Avira GmbH c:\program files\antivir personaledition classic\shlext.dll

+ SnagItMainShellExt SnagIt Shell Extension DLL TechSmith Corporation c:\program files\techsmith\snagit 8\snagitshellext.dll

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers

+ AVG7 Shell Extension AVG Shell Extension GRISOFT, s.r.o. c:\program files\grisoft\avg7\avgse.dll

+ Shell Extension for Malware scanning ShlExt.dll Avira GmbH c:\program files\antivir personaledition classic\shlext.dll

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers

+ SnagItMainShellExt SnagIt Shell Extension DLL TechSmith Corporation c:\program files\techsmith\snagit 8\snagitshellext.dll

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers

+ 00nView NVIDIA Desktop Explorer, Version 110.48 NVIDIA Corporation c:\windows\system32\nvshell.dll

+ NvCplDesktopContext NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ AVG7 Find Extension AVG Shell Extension GRISOFT, s.r.o. c:\program files\grisoft\avg7\avgse.dll

+ AVG7 Shell Extension AVG Shell Extension GRISOFT, s.r.o. c:\program files\grisoft\avg7\avgse.dll

+ Desktop Explorer NVIDIA Desktop Explorer, Version 110.48 NVIDIA Corporation c:\windows\system32\nvshell.dll

+ Desktop Explorer Menu NVIDIA Desktop Explorer, Version 110.48 NVIDIA Corporation c:\windows\system32\nvshell.dll

+ Display Panning CPL Extension File not found: deskpan.dll

+ HyperTerminal Icon Ext HyperTerminal Applet Library Hilgraeve, Inc. c:\windows\system32\hticons.dll

+ NvCpl DesktopContext Class NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

+ nView Desktop Context Menu NVIDIA Desktop Explorer, Version 110.48 NVIDIA Corporation c:\windows\system32\nvshell.dll

+ Play on my TV helper NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll

+ PowerConverter Power MP3 WMA Converter Shell Extension. CooolSoft c:\program files\power mp3 wma converter\shellext.dll

+ Shell Extension for Malware scanning ShlExt.dll Avira GmbH c:\program files\antivir personaledition classic\shlext.dll

+ SnagIt SnagIt Add-in for Internet Explorer TechSmith Corporation c:\program files\techsmith\snagit 8\snagitieaddin.dll

+ SnagIt Shell Extension SnagIt Shell Extension DLL TechSmith Corporation c:\program files\techsmith\snagit 8\snagitshellext.dll

+ WinRAR shell extension c:\program files\winrar\rarext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ Google Toolbar Helper Google IE Client Toolbar Google Inc. c:\program files\google\googletoolbar1.dll

+ Google Toolbar Notifier BHO GoogleToolbarNotifier Google Inc. c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll

+ Megaupload Toolbar MegaUpload Toolbar MEGAUPLOAD c:\program files\megauploadtoolbar\megauploadtoolbar.dll

+ SnagIt Toolbar Loader SnagIt Browser Helper Object for Internet Explorer TechSmith Corporation c:\program files\techsmith\snagit 8\snagitbho.dll

+ SSVHelper Class Java Platform SE binary Sun Microsystems, Inc. c:\program files\java\jre1.6.0_05\bin\ssv.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar

+ &Google Google IE Client Toolbar Google Inc. c:\program files\google\googletoolbar1.dll

+ SnagIt SnagIt Add-in for Internet Explorer TechSmith Corporation c:\program files\techsmith\snagit 8\snagitieaddin.dll

HKLM\System\CurrentControlSet\Services

+ AntiVirScheduler Service to schedule AntiVir jobs and updates. Avira GmbH c:\program files\antivir personaledition classic\sched.exe

+ AntiVirService Offers permanent protection against viruses and malware with the AntiVir search engine. Avira GmbH c:\program files\antivir personaledition classic\avguard.exe

+ Avg7Alrt AVG Alert Manager GRISOFT, s.r.o. c:\program files\grisoft\avg7\avgamsvr.exe

+ Avg7UpdSvc AVG Update Service GRISOFT, s.r.o. c:\program files\grisoft\avg7\avgupsvc.exe

+ crd File not found: C:\DOCUME~1\nia\LOCALS~1\Temp\IXP001.TMP\poststp.exe

+ NVSvc Provides system and desktop level support to the NVIDIA display driver NVIDIA Corporation c:\windows\system32\nvsvc32.exe

HKLM\System\CurrentControlSet\Services

+ ALCXWDM Realtek AC'97 Audio Driver (WDM) Realtek Semiconductor Corp. c:\windows\system32\drivers\alcxwdm.sys

+ Avg7Core AVG Scanning Engine GRISOFT, s.r.o. c:\windows\system32\drivers\avg7core.sys

+ Avg7RsW AVG Resident Shield Unload Helper GRISOFT, s.r.o. c:\windows\system32\drivers\avg7rsw.sys

+ Avg7RsXP AVG Resident Anti-Virus Shield GRISOFT, s.r.o. c:\windows\system32\drivers\avg7rsxp.sys

+ AvgClean AVG7 Clean Driver GRISOFT, s.r.o. c:\windows\system32\drivers\avgclean.sys

+ avgio Avira AntiVir Support for Minifilter Avira GmbH c:\program files\antivir personaledition classic\avgio.sys

+ avgntflt Avira AntiVir PersonalEdition Classic mini-filter used for on-access scan to provide real-time antivirus security. Avira GmbH c:\program files\antivir personaledition classic\avgntflt.sys

+ avipbb %avipbbServiceDesc% Avira GmbH c:\windows\system32\drivers\avipbb.sys

+ BIOS I/O Interface driver file BIOSTAR Group c:\windows\system32\drivers\bios.sys

+ Changer File not found: C:\WINDOWS\System32\Drivers\Changer.sys

+ FETND5BV NDIS 5.0 miniport driver VIA Technologies, Inc. c:\windows\system32\drivers\fetnd5bv.sys

+ FETNDIS NDIS 5.0 miniport driver VIA Technologies, Inc. c:\windows\system32\drivers\fetnd5.sys

+ i2omgmt File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys

+ k750bus Sony Ericsson 750 Driver MCCI c:\windows\system32\drivers\k750bus.sys

+ k750mdfl Sony Ericsson 750 USB WMC Modem Filter MCCI c:\windows\system32\drivers\k750mdfl.sys

+ k750mdm Sony Ericsson 750 USB WMC Modem Drivers MCCI c:\windows\system32\drivers\k750mdm.sys

+ k750mgmt Sony Ericsson 750 USB WMC Device Management Drivers MCCI c:\windows\system32\drivers\k750mgmt.sys

+ k750obex Sony Ericsson 750 USB WMC OBEX Interface Drivers MCCI c:\windows\system32\drivers\k750obex.sys

+ lbrtfdc File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys

+ NPF npf.sys (NT5/6 x86) Kernel Driver CACE Technologies c:\windows\system32\drivers\npf.sys

+ nv NVIDIA Compatible Windows 2000 Miniport Driver, Version 91.47 NVIDIA Corporation c:\windows\system32\drivers\nv4_mini.sys

+ PCIDump File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys

+ PDCOMP File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys

+ PDFRAME File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys

+ PDRELI File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys

+ PDRFRAME File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys

+ Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys

+ PxHelp20 Px Engine Device Driver for Windows 2000/XP Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys

+ SE27bus Sony Ericsson Device 039 Driver Driver MCCI c:\windows\system32\drivers\se27bus.sys

+ SE27mdfl Sony Ericsson Device 039 USB WMC Modem Filter MCCI c:\windows\system32\drivers\se27mdfl.sys

+ SE27mdm Sony Ericsson Device 039 USB WMC Modem Driver MCCI c:\windows\system32\drivers\se27mdm.sys

+ SE27mgmt Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM) MCCI c:\windows\system32\drivers\se27mgmt.sys

+ se27nd5 Sony Ericsson Device 039 USB Ethernet Emulation (NDIS 5 Miniport) MCCI c:\windows\system32\drivers\se27nd5.sys

+ SE27obex Sony Ericsson Device 039 USB WMC OBEX Interface MCCI c:\windows\system32\drivers\se27obex.sys

+ se27unic Sony Ericsson Device 039 USB Ethernet Emulation MCCI c:\windows\system32\drivers\se27unic.sys

+ Secdrv SafeDisc driver Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. c:\windows\system32\drivers\secdrv.sys

+ ssmdrv Avira Snapshot Driver Avira GmbH c:\windows\system32\drivers\ssmdrv.sys

+ videX32 VIA Generic PCI IDE Bus Driver VIA Technologies, Inc. c:\windows\system32\drivers\videx32.sys

+ WDICA File not found: C:\WINDOWS\System32\Drivers\WDICA.sys

+ xfilt ATA/ATAPI devices hot-plug monitor VIA Technologies,Inc c:\windows\system32\drivers\xfilt.sys

+ ZSMC0305 Video streaming and Capture Device Driver Vimicro Corporation c:\windows\system32\drivers\usbvm305.sys

HKCU\Control Panel\Desktop\Scrnsave.exe

+ C:\WINDOWS\system32\MUSICI~1.SCR File not found: C:\WINDOWS\system32\MUSICI~1.SCR

[Night_Raven]

Започвам подред.

 

1. Виждам, че имаш едновременно работещи две антивирусни - AVG Anti-Virus и Avira AntiVir. Наличието на повече от една антивирусна с резидентна защита е нещо МНОГО ГЛУПАВО и КРАЙНО НЕПРЕПОРЪЧИТЕЛНО. Харесай си една от тях и я остави, а другата я деинсталирай. Можеш да не рестартираш ведната, за да извършиш останалите неща описани тук.

 

2. В HijackThis можеш да поставиш отметки на следните обекти, след което да натиснеш Fix checked и да потвърдиш на въпроса:

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66006

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66006

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

Не спирай HijackThis.

 

3. В Autoruns можеш да махнеш отметките на следните обекти:

+ BigDog305 File not found: C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)

+ Domino File not found: C:\WINDOWS\Domino.EXE

+ slide.exe File not found: c:\program files\slide\slide.exe

+ crd File not found: C:\DOCUME~1\nia\LOCALS~1\Temp\IXP001.TMP\poststp.exe

+ C:\WINDOWS\system32\MUSICI~1.SCR File not found: C:\WINDOWS\system32\MUSICI~1.SCR

4. Изкарай Task Manager и прекрати всички процеси на име setup.exe и _start.exe, които откриеш, освен ако не си 100% сигурна, че не са ти нужни и не знаеш точно за какво са. Изтегли ATF Cleaner (50KB), стартирай я, постави отметки на Windows Temp, Current User Temp и Temporary Internet Files и кликни Empty Selected.

 

5. Отвори панела с услугите (Start -> Run -> services.msc -> OK), намери услугата crd, кликни два пъти върху нея кликни Stop и от падащото меню избери Disabled. След това в HijackThis кликни Config -> Misc Tools -> Delete an NT service..., в полето напиши crd, кликни OK и потвърди с OK/Yes на всички въпроси. Ако компютърът не се рестартира сам, направи го ръчно.

[freegirl]

Направих всичко което ми каза. Благодаря ти много!

И изтрих едната антивирусна.

[Pe6o]

http://img08.imgshare.eu/i/peshobg1/savedump1_f3e3d.jpg

http://img06.imgshare.eu/i/peshobg1/savedump_b478a.jpg

 

VY73!