Вход на сайт
помогите с ноутбуком
390 просмотров
Перейти к просмотру всей ветки
в ответ ellegenn 02.05.10 01:04, Последний раз изменено 06.05.10 18:51 (ellegenn)
Прошу у всех ещё раз помощи по ремонту:
Использовал ---AVZ Antiviral Toolkit log; AVZ version is 4.32
Помогает она в таком случае, или надо что-то другое использовать?
..........
До меню где конто ноут грузится ,но стоит выбрать любого пользователя- перезагрузка или синий экран:
*** STOP : 0x00000024(0x001902FE,0xF79D794C,0xF79D7648,0xF1ED31F2)
***Zuhussdn5.sys- adress F1ED31F2 base at F1EC6000,datestamp 4b4789ac
в безопасны режим не зайдёшь - без конца мигает полоска на ч.экране ждал более 2 часа
..........
вот отчёт этой программы:
и похоже повреждены драйвера . Есть капсула для переустановки под буквой Е:\-Рековери в формате фат-32 ,но она кокая-то не полая , урезанная и при старте нет возможности выбрать переустановку снеё, пробовал все Ф1- до Ф12 и эск клавишу тоже.
Есть на этой же фесплате диск Д:\-Бакап и папка с драйверами , но как их усановить без мастеа устройств я не знаю , как их переустановить и каие переустанавливать ; для просмора я испоьзую ЕДР 2005 , может с AVZ Antiviral тоже можно не знаю.
..........
Attention !!! Database was last updated 8/21/2009 it is necessary to update the database (via File - Database update)
AVZ Antiviral Toolkit log; AVZ version is 4.32
Scanning started at 5/6/2010 1:07:41 PM
Database loaded: signatures - 237871, NN profile(s) - 2, malware removal microprograms - 56, signature database released 21.08.2009 14:23
Heuristic microprograms loaded: 374
PVS microprograms loaded: 9
Digital signatures of system files loaded: 135524
Heuristic analyzer mode: Medium heuristics mode
Malware removal mode: enabled
Windows version is: 5.2.3790, ; AVZ is run with administrator rights
System Restore: enabled
1. Searching for Rootkits and other software intercepting API functions
1.1 Searching for user-mode API hooks
Analysis: kernel32.dll, export table found in section .text
Analysis: ntdll.dll, export table found in section .text
Analysis: user32.dll, export table found in section .text
Analysis: advapi32.dll, export table found in section .text
Analysis: ws2_32.dll, export table found in section .text
Analysis: wininet.dll, export table found in section .text
Analysis: rasapi32.dll, export table found in section .text
Analysis: urlmon.dll, export table found in section .text
Analysis: netapi32.dll, export table found in section .text
1.2 Searching for kernel-mode API hooks
Error loading driver - operation interrupted [C0000034]
1.4 Searching for masking processes and drivers
Checking not performed: extended monitoring driver (AVZPM) is not installed
Error loading driver - operation interrupted [C0000034]
2. Scanning RAM
Number of processes found: 13
Number of modules loaded: 89
Scanning RAM - complete
3. Scanning disks
C:\WINDOWS\ServicePackFiles\i386\tdc.ocx >>> suspicion for Trojan.Win32.Obfuscated.gx ( 053750B3 01AEF965 0005F0DD 00218FA4 61440)
4. Checking Winsock Layered Service Provider (SPI/LSP)
LSP settings checked. No errors detected
5. Searching for keyboard/mouse/windows events hooks (Keyloggers, Trojan DLLs)
6. Searching for opened TCP/UDP ports used by malicious software
Checking - disabled by user
7. Heuristic system check
>>> G:\I386\system32\explorer.exe HSC: suspicion for File with suspicious name (high degree of probability)
Checking - complete
8. Searching for vulnerabilities
>> Services: potentially dangerous service allowed: Messenger (Messenger)
>> Services: potentially dangerous service allowed: Alerter (Alerter)
> Services: please bear in mind that the set of services depends on the use of the PC (home PC, office PC connected to corporate network, etc)!
>> Security: administrative shares (C$, D$ ...) are enabled
>>> Security: Internet Explorer allows ActiveX, not marked as safe
>>> Security: block ActiveX, not marked as safe, in Internet Explorer
>>> Security: Internet Explorer allows unsigned ActiveX elements
>>> Security: Internet Explorer allows automatic queries of ActiveX administrative elements
>>> Security: Internet Explorer allows running files and applications in IFRAME window without asking user
>> Security: terminal connections to the PC are allowed
>> Security: sending Remote Assistant queries is enabled
Checking - complete
9. Troubleshooting wizard
>> Protocol prefixes are modified
>> Internet Explorer - ActiveX, not marked as safe, are allowed
>> Internet Explorer - signed ActiveX elements are allowed without asking user
>> Internet Explorer - unsigned ActiveX elements are allowed
>> Internet Explorer - automatic queries of ActiveX operating elements are allowed
>> Internet Explorer - running programs and files in IFRAME window is allowed
>> HDD autorun is allowed
>> Network drives autorun is allowed
>> Removable media autorun is allowed
Checking - complete
Files scanned: 108980, extracted from archives: 78531, malicious software found 0, suspicions - 1
Scanning finished at 5/6/2010 1:29:01 PM
Time of scanning: 00:21:23
If you have a suspicion on presence of viruses or questions on the suspected objects,
you can address http://virusinfo.info conference
Использовал ---AVZ Antiviral Toolkit log; AVZ version is 4.32
Помогает она в таком случае, или надо что-то другое использовать?
..........
До меню где конто ноут грузится ,но стоит выбрать любого пользователя- перезагрузка или синий экран:
*** STOP : 0x00000024(0x001902FE,0xF79D794C,0xF79D7648,0xF1ED31F2)
***Zuhussdn5.sys- adress F1ED31F2 base at F1EC6000,datestamp 4b4789ac
в безопасны режим не зайдёшь - без конца мигает полоска на ч.экране ждал более 2 часа
..........
вот отчёт этой программы:
и похоже повреждены драйвера . Есть капсула для переустановки под буквой Е:\-Рековери в формате фат-32 ,но она кокая-то не полая , урезанная и при старте нет возможности выбрать переустановку снеё, пробовал все Ф1- до Ф12 и эск клавишу тоже.
Есть на этой же фесплате диск Д:\-Бакап и папка с драйверами , но как их усановить без мастеа устройств я не знаю , как их переустановить и каие переустанавливать ; для просмора я испоьзую ЕДР 2005 , может с AVZ Antiviral тоже можно не знаю.
..........
Attention !!! Database was last updated 8/21/2009 it is necessary to update the database (via File - Database update)
AVZ Antiviral Toolkit log; AVZ version is 4.32
Scanning started at 5/6/2010 1:07:41 PM
Database loaded: signatures - 237871, NN profile(s) - 2, malware removal microprograms - 56, signature database released 21.08.2009 14:23
Heuristic microprograms loaded: 374
PVS microprograms loaded: 9
Digital signatures of system files loaded: 135524
Heuristic analyzer mode: Medium heuristics mode
Malware removal mode: enabled
Windows version is: 5.2.3790, ; AVZ is run with administrator rights
System Restore: enabled
1. Searching for Rootkits and other software intercepting API functions
1.1 Searching for user-mode API hooks
Analysis: kernel32.dll, export table found in section .text
Analysis: ntdll.dll, export table found in section .text
Analysis: user32.dll, export table found in section .text
Analysis: advapi32.dll, export table found in section .text
Analysis: ws2_32.dll, export table found in section .text
Analysis: wininet.dll, export table found in section .text
Analysis: rasapi32.dll, export table found in section .text
Analysis: urlmon.dll, export table found in section .text
Analysis: netapi32.dll, export table found in section .text
1.2 Searching for kernel-mode API hooks
Error loading driver - operation interrupted [C0000034]
1.4 Searching for masking processes and drivers
Checking not performed: extended monitoring driver (AVZPM) is not installed
Error loading driver - operation interrupted [C0000034]
2. Scanning RAM
Number of processes found: 13
Number of modules loaded: 89
Scanning RAM - complete
3. Scanning disks
C:\WINDOWS\ServicePackFiles\i386\tdc.ocx >>> suspicion for Trojan.Win32.Obfuscated.gx ( 053750B3 01AEF965 0005F0DD 00218FA4 61440)
4. Checking Winsock Layered Service Provider (SPI/LSP)
LSP settings checked. No errors detected
5. Searching for keyboard/mouse/windows events hooks (Keyloggers, Trojan DLLs)
6. Searching for opened TCP/UDP ports used by malicious software
Checking - disabled by user
7. Heuristic system check
>>> G:\I386\system32\explorer.exe HSC: suspicion for File with suspicious name (high degree of probability)
Checking - complete
8. Searching for vulnerabilities
>> Services: potentially dangerous service allowed: Messenger (Messenger)
>> Services: potentially dangerous service allowed: Alerter (Alerter)
> Services: please bear in mind that the set of services depends on the use of the PC (home PC, office PC connected to corporate network, etc)!
>> Security: administrative shares (C$, D$ ...) are enabled
>>> Security: Internet Explorer allows ActiveX, not marked as safe
>>> Security: block ActiveX, not marked as safe, in Internet Explorer
>>> Security: Internet Explorer allows unsigned ActiveX elements
>>> Security: Internet Explorer allows automatic queries of ActiveX administrative elements
>>> Security: Internet Explorer allows running files and applications in IFRAME window without asking user
>> Security: terminal connections to the PC are allowed
>> Security: sending Remote Assistant queries is enabled
Checking - complete
9. Troubleshooting wizard
>> Protocol prefixes are modified
>> Internet Explorer - ActiveX, not marked as safe, are allowed
>> Internet Explorer - signed ActiveX elements are allowed without asking user
>> Internet Explorer - unsigned ActiveX elements are allowed
>> Internet Explorer - automatic queries of ActiveX operating elements are allowed
>> Internet Explorer - running programs and files in IFRAME window is allowed
>> HDD autorun is allowed
>> Network drives autorun is allowed
>> Removable media autorun is allowed
Checking - complete
Files scanned: 108980, extracted from archives: 78531, malicious software found 0, suspicions - 1
Scanning finished at 5/6/2010 1:29:01 PM
Time of scanning: 00:21:23
If you have a suspicion on presence of viruses or questions on the suspected objects,
you can address http://virusinfo.info conference
да будет свет