Wyskakuje mi taki oto bład:
Wyskakuje kiedy próbuje wejść w dysk D i C.
Próbowałem defragmentowac dysk C i naprawianie systemu przez płyte instalacyjna Windowsa XP home edytion ale nic z tego.
Wyskakuje mi taki oto bład:
Wyskakuje kiedy próbuje wejść w dysk D i C.
Próbowałem defragmentowac dysk C i naprawianie systemu przez płyte instalacyjna Windowsa XP home edytion ale nic z tego.
Daj loga z Combofix i Hijackthis
kolejnośc jak podałem
Log z combofix: http://wklej.org/id/794e2cbcfd
i Hijackthis: http://wklej.org/id/08049d75e7
Aha jak próbowałem włączyć usługe WYSZUKAJ to wyskakuje tylko okienko:
fix w hijackthis
Pobierz ComboFix, ale nie uruchamiaj
Wklej do notatnika:
File::
C:\WINDOWS\qnmargoldpq.dll
C:\WINDOWS\system32\tscupgrd.exe
C:\WINDOWS\wdpoefan.dll
C:\WINDOWS\vadokmxt.dll
C:\WINDOWS\dpevflbg.dll
C:\WINDOWS\olgdqarf.exe
C:\WINDOWS\wxvgsdbq.exe
Plik -> zapisz jako -> CFScript.txt (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe)
Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu ->
Powinno się rozpocząć usuwanie i powstanie log, daj ten log na forum.
Log wyglada na czysty
Przeskanuj komputer tym (uruchom przez IE) http://www.kaspersky.pl/virusscanner.html Daj raport z niego na forum
Usuń ręcznie folder C: \Qoobox
usuń instalkę Combofix z dysku.
Log jest czysty, komputer jest wolny od wirusów
Dziękuje za pomoc wszystko już działa
Hello, guys I have the exactly same problem. I couldnt understand very well (cause I dont know polish) but i suppose if I use combo fix my log file wont be the same to follow your steps and fix the problem.
tnks
i hope it is not a problem that i post this in english
W dniu 27.04.2008 , o godzinie 12:46 został dopisany post przez deniiise
Hello, guys I have the exactly same problem. I couldnt understand very well (cause I dont know polish) but i suppose if I use combo fix my log file wont be the same to follow your steps and fix the problem.
tnks
i hope it is not a problem that i post this in english
I’ve got problem to run Internet Explorer 6 SP1. just after starting IE it crashed… application eventlog comes out with this error:
Event Type:Error
Event Source:Application Error
Event Category:None
Event ID:1000
Date:4/28/2008
Time:7:40:23 AM
User:N/A
Computer:
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module qnmargoldpq.dll, version 0.0.0.0, fault address 0x00016d35.
I’ve asked my colleague if I can use his version of dll, but he haven’t found it installed on his PC… so I just removed (still have a copy, just in case) the C:\WINDOWS\qnmargoldpq.dll and now IE is running fine…
so far no other problems.
my suspicion is some kind of virus or malware, but the symantec antivirus is a crap as several times before (well, company standards and policies disallow to use other AV soft)…
google is unable to find any other valuable info regarding this dll so it really seems to be useless… even the version of the dll is 0.0.0.0…
UPDATE - found some info on some Polish forum viewtopic.php?f=2&p=1576795 … more files identified, all of them present on my system, modification date of all of them 25th April… sending them to Symantec -
confirming that this is kind of Trojan Virus: Trojan.Zlob
filename: wdpoefan.dll
machine: Machine
result: This file is detected as Trojan.Zlob. http://www.symantec.com/avcenter/venc/d … .zlob.html
filename: vadokmxt.dll
machine: Machine
result: This file is detected as Trojan.Zlob. http://www.symantec.com/avcenter/venc/d … .zlob.html
filename: qnmargoldpq.dll
machine: Machine
result: This file is detected as Trojan.Zlob. http://www.symantec.com/avcenter/venc/d … .zlob.html
filename: dpevflbg.dll
machine: Machine
result: This file is detected as Trojan.Zlob. http://www.symantec.com/avcenter/venc/d … .zlob.html
filename: olgdqarf.exe
machine: Machine
result: This file is detected as Trojan.Zlob. http://www.symantec.com/avcenter/venc/d … .zlob.html
filename: wxvgsdbq.exe
machine: Machine
result: This file is detected as Trojan.Zlob. http://www.symantec.com/avcenter/venc/d … .zlob.html
ANYONE USING SYMANTEC ANTIVIRUS SHOULD BE ABLE TO CLEAN THIS INFECTION:
Please follow the instruction at the end of this email message to install the latest available definitions.
Symantec Security Response has determined that the sample(s) that you provided are infected with a virus, worm, or Trojan. We have created RapidRelease definitions that will detect this threat. Please follow the instruction at the end of this email message to download and install the latest RapidRelease definitions.
Symantec is now building a new set of definitions to include the threat you have submitted. The approximate time to complete this process is one hour. We recommend checking the ftp site periodically over the next 60 to 90 minutes to download these definitions as soon as they are available.
Downloading and Installing RapidRelease Definitions:
Open your Web browser. If you are using a dial-up connection, connect to any Web site, such as: http://securityresponse.symantec.com/
Copy and paste the address ftp://ftp.symantec.com/public/english_u … /sequence/ into the address bar of your Web browser and then press Enter.(this could take a minute or so if you have a slow connection) 3. Now select 81036 folder or a higher. Open the folder.
Select the file symrapidreleasedefsx86.exe 5. When a download dialog box appears, save the file to the Windows desktop.
Double-click the downloaded file and follow the prompts.
Virus definition detail:
Sequence Number: 81036
Defs Version: 100428d
Extended Version: 04/28/2008 rev.4
I’ve just installed latest definicions and will scan those files…