Ciągły restart komputera

misiu1 · 8 Listopad 2007 21:12

Witam. Mam problem. Komputer co jakiś czas się restartuje, NOD32 nic nie wykrywa, skanowałem evido i spybotem bez rezultatu. Proszę o pomoc

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:01:08, on 2007-11-08 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Winamp\winamp.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O4 - HKLM…\Run: [skyTel] SkyTel.EXE O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM…\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [nod32kui] “C:\Program Files\Eset\nod32kui.exe” /WAITSERVICE O4 - HKLM…\Run: [sony Ericsson PC Suite] “C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe” /startoptions O4 - HKLM…\Run: [RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” O4 - HKLM…\Run: [LanguageShortcut] “C:\Program Files\CyberLink\PowerDVD\Language\Language.exe” O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM…\Run: [!AVG Anti-Spyware] “C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” /minimized O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’) O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’) O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’) O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’) O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe – End of file - 5220 bytes

LostWorld · 8 Listopad 2007 21:17

W logu jest okej.

Daj log z Combofix

Opis użycia ComboFix jest na tej stronie z linku.

Log może być długi, więc zapisz go sobie gdzieś, a potem wklej na http://wklej.org/, a tu daj tylko link

misiu1 · 9 Listopad 2007 18:47

Przepraszam, że tak długo.

Przy zamykaniu programu Spybot pojawił sie komunikat:

czy to normalne

daję log z Combofixa, niestety tutaj w całości, strona podana do wklejenia not found.

ComboFix 07-11-08.1 - Adam 2007-11-09 19:31:21.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.583 [GMT 1:00] Running from: C:\Documents and Settings\Adam\Pulpit\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2007-10-09 to 2007-11-09 ))))))))))))))))))))))))))))))) . 2007-11-09 19:30 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-11-08 21:55 2007-11-08 21:04 2007-11-06 21:20 2007-11-04 21:21 2007-11-04 21:20 2007-11-04 21:11 2007-10-28 14:39 2007-10-27 14:49 2007-10-19 18:29 2007-10-19 18:28 2007-10-19 18:28 2007-10-19 18:28 2007-10-19 18:28 2007-10-19 18:28 2007-10-19 18:24 2007-10-18 16:48 2007-10-16 20:44 1,415,680 --a------ C:\WINDOWS\system32\WMV9VCM.dll 2007-10-16 20:44 921,600 --a------ C:\WINDOWS\system32\vorbisenc.dll 2007-10-16 20:44 237,568 --a------ C:\WINDOWS\system32\OggDS.dll 2007-10-16 20:44 188,416 --a------ C:\WINDOWS\system32\vorbis.dll 2007-10-16 20:44 45,056 --a------ C:\WINDOWS\system32\ogg.dll 2007-10-16 20:43 245,760 --a------ C:\WINDOWS\system32\mplvpx.dll 2007-10-16 20:43 9,216 --a------ C:\WINDOWS\system32\cpuinf32.dll 2007-10-16 20:42 1,559,040 --a------ C:\WINDOWS\system32\xvidcore.dll 2007-10-16 20:42 740,442 --a------ C:\WINDOWS\system32\DivX.dll 2007-10-11 16:56 2007-10-11 16:55 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-08 21:27 --------- d-----w C:\Documents and Settings\Adam\Dane aplikacji\Skype 2007-11-04 20:18 --------- d–h--w C:\Program Files\InstallShield Installation Information 2007-10-19 17:25 89,872 ----a-w C:\WINDOWS\system32\drivers\k750mdm.sys 2007-10-19 17:25 81,728 ----a-w C:\WINDOWS\system32\drivers\k750mgmt.sys 2007-10-19 17:25 79,488 ----a-w C:\WINDOWS\system32\drivers\k750obex.sys 2007-10-19 17:25 6,576 ----a-w C:\WINDOWS\system32\drivers\k750mdfl.sys 2007-10-19 17:25 6,144 ----a-w C:\WINDOWS\system32\drivers\k750cmnt.sys 2007-10-19 17:25 6,144 ----a-w C:\WINDOWS\system32\drivers\k750cm.sys 2007-10-19 17:25 55,216 ----a-w C:\WINDOWS\system32\drivers\k750bus.sys 2007-10-19 17:25 5,744 ----a-w C:\WINDOWS\system32\drivers\k750whnt.sys 2007-10-19 17:25 5,744 ----a-w C:\WINDOWS\system32\drivers\k750wh.sys 2007-10-19 17:24 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-10-11 17:11 --------- d-----w C:\Program Files\Gadu-Gadu 2007-10-07 06:05 --------- d-----w C:\Program Files\AidemMedia 2007-09-14 19:43 --------- d-----w C:\Program Files\Java 2007-09-14 19:38 --------- d-----w C:\Program Files\Common Files\Java 2007-09-14 13:53 --------- d-----w C:\Program Files\Dino - Intruzi w Ogrodzie 2007-09-13 19:11 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-09-13 19:02 --------- d-----w C:\Program Files\Ubisoft 2007-09-12 19:01 --------- d-----w C:\Program Files\IrfanView 2007-09-11 19:49 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts 2007-09-11 19:38 --------- d-----w C:\Program Files\Electronic Arts 2007-09-11 01:18 --------- d-----w C:\Program Files\Common Files\Nero 2007-09-11 01:18 --------- d-----w C:\Program Files\Common Files\LightScribe 2007-09-11 01:17 --------- d-----w C:\Program Files\Common Files\Ahead 2007-09-11 01:17 --------- d-----w C:\Program Files\Ahead 2007-09-11 00:04 --------- d-----w C:\Program Files\Common Files\Adobe 2007-09-11 00:02 --------- d-----w C:\Program Files\MarBit 2007-09-11 00:01 --------- d-----w C:\Program Files\Winamp 2007-09-10 23:55 --------- d-----w C:\Program Files\Microsoft.NET 2007-09-10 23:39 --------- d-----w C:\Program Files\Realtek 2007-09-10 23:29 --------- d-----w C:\Program Files\microsoft frontpage 2007-09-10 23:28 --------- d-----w C:\Program Files\Usługi online 2007-09-10 20:49 --------- d-----w C:\Program Files\Skype 2007-09-10 20:49 --------- d-----w C:\Program Files\Common Files\Skype 2007-09-10 20:49 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Skype 2007-09-10 20:12 --------- d-----w C:\Documents and Settings\Adam\Dane aplikacji\Gadu-Gadu 2007-09-10 20:02 502,368 ----a-w C:\WINDOWS\system32\drivers\amon.sys 2007-09-10 20:02 270,336 ----a-w C:\WINDOWS\system32\imon.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “SkyTel”=“SkyTel.EXE” [2006-05-16 11:04 C:\WINDOWS\SkyTel.exe] “RTHDCPL”=“RTHDCPL.EXE” [2006-09-06 04:44 C:\WINDOWS\RTHDCPL.exe] “NvCplDaemon”=“C:\WINDOWS\system32\NvCpl.dll” [2007-03-07 01:49] “nwiz”=“nwiz.exe” [2007-03-07 01:49 C:\WINDOWS\system32\nwiz.exe] “NvMediaCenter”=“C:\WINDOWS\system32\NvMcTray.dll” [2007-03-07 01:49] “WinampAgent”=“C:\Program Files\Winamp\winampa.exe” [2007-05-14 23:22] “NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 10:50] “nod32kui”=“C:\Program Files\Eset\nod32kui.exe” [2007-09-10 21:02] “Sony Ericsson PC Suite”=“C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe” [2005-10-26 15:17] “RemoteControl”=“C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” [2007-01-08 22:26] “LanguageShortcut”=“C:\Program Files\CyberLink\PowerDVD\Language\Language.exe” [2007-01-08 22:17] “!AVG Anti-Spyware”=“C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-03 23:44] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2007-07-09 08:39] “SpybotSD TeaTimer”=“C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe” [] S3 SetupNTGLM7X;SetupNTGLM7X;??\F:\NTGLM7X.sys S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS *Newly Created Service* - CATCHME . ************************************************************************** catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-09 19:31:59 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-09 19:32:13 . — E O F —

Dziękuję za wsparcie

PS: Na razie komputer przez trzy godziny nie restartował

Gutek · 9 Listopad 2007 19:25

Log czysty

misiu1 · 9 Listopad 2007 19:35

Dzięki, a jest taka możliwość, by to jakiś błąd antywirusa był przyczyną, bo tez nie pracował tak normalnie ( znaczy nie aktualizował się, ale juz jest ok ) ?

adam9870 · 9 Listopad 2007 20:19

sprawdź czy masz jakieś minidump’y, a jeśli tak to wklej zawartość najlepiej kilku

http://forum.strefabezpieczenstwa.pl/topics1/183.htm

sprawdź pamięć RAM

http://forum.dobreprogramy.pl/viewtopic.php?t=50125

sprawdź temperatury i napięcia

http://forum.dobreprogramy.pl/viewtopic.php?t=9809

http://forum.dobreprogramy.pl/viewtopic.php?t=88838

dla wykluczenia syfu pokaż dwa logi z Gmer’a wykonane przy takich ustawieniach:

Zakładka Rootkit >>> zaznaczone wszystko oprócz Pokazuj wszystko >>> kliknij Szukaj >>> czekaj cierpliwie aż skończy >>> Kopiuj >>> wklej do posta
Zakładka Rootkit >>> zaznaczone tylko Usługi i Pokazuj wszystko >>> kliknij Szukaj >>> czekaj cierpliwie aż skończy >>> Kopiuj >>> wklej do posta

Jeśli wszystkie logi nie zmieszczą się bezpośrednio do posta, to umieść je w jakimś serwisie hostingowym jako pliki *.txt, a tu tylko zlinkuj.

misiu1 · 22 Listopad 2007 18:59

Przepraszam, że tak długo. Nie miałem dostępu do tego komputera.

Logi z Gmera:

GMER 1.0.13.12551 - http://www.gmer.net Rootkit scan 2007-11-22 19:56:11 Windows 5.1.2600 Dodatek Service Pack 2 ---- User code sections - GMER 1.0.13 ---- .text C:\Program Files\Winamp\winamp.exe[2716] USER32.dll!SetScrollInfo 77D3902C 7 Bytes JMP 015D9E2D C:\Program Files\Winamp\Plugins\gen_jumpex.dll .text C:\Program Files\Winamp\winamp.exe[2716] USER32.dll!GetScrollPos 77D3F66F 5 Bytes JMP 015D9DDD C:\Program Files\Winamp\Plugins\gen_jumpex.dll .text C:\Program Files\Winamp\winamp.exe[2716] USER32.dll!SetScrollRange 77D3F6BB 5 Bytes JMP 015D9E83 C:\Program Files\Winamp\Plugins\gen_jumpex.dll .text C:\Program Files\Winamp\winamp.exe[2716] USER32.dll!SetScrollPos 77D3F780 5 Bytes JMP 015D9E58 C:\Program Files\Winamp\Plugins\gen_jumpex.dll .text C:\Program Files\Winamp\winamp.exe[2716] USER32.dll!GetScrollRange 77D3F7B7 5 Bytes JMP 015D9E02 C:\Program Files\Winamp\Plugins\gen_jumpex.dll .text C:\Program Files\Winamp\winamp.exe[2716] USER32.dll!ShowScrollBar 77D40142 5 Bytes JMP 015D9EB1 C:\Program Files\Winamp\Plugins\gen_jumpex.dll .text C:\Program Files\Winamp\winamp.exe[2716] USER32.dll!GetScrollInfo 77D43A2F 7 Bytes JMP 015D9DB5 C:\Program Files\Winamp\Plugins\gen_jumpex.dll .text C:\Program Files\Winamp\winamp.exe[2716] USER32.dll!EnableScrollBar 77D87BAD 7 Bytes JMP 015D9D8D C:\Program Files\Winamp\Plugins\gen_jumpex.dll AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [bAAFFBCC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [bAAFF7D6] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [bAAFFF94] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [bAB001CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [bAAFFBCC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [bAAFF7D6] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [bAAFFF94] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [bAB001CC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [bAB001CC] amon.sys ---- EOF - GMER 1.0.13 ----

GMER 1.0.13.12551 - http://www.gmer.net Rootkit scan 2007-11-22 19:58:51 Windows 5.1.2600 Dodatek Service Pack 2 ---- Services - GMER 1.0.13 ---- Service [DISABLED] Abiosdsk Service [DISABLED] abp480n5 Service C:\WINDOWS\system32\DRIVERS\ACPI.sys [bOOT] ACPI Service [DISABLED] ACPIEC Service [DISABLED] adpu160m Service C:\WINDOWS\system32\drivers\aec.sys [MANUAL] aec Service C:\WINDOWS\System32\drivers\afd.sys [sYSTEM] AFD Service [DISABLED] Aha154x Service [DISABLED] aic78u2 Service [DISABLED] aic78xx Service C:\WINDOWS\system32\svchost.exe [DISABLED] Alerter Service C:\WINDOWS\System32\alg.exe [MANUAL] ALG Service [DISABLED] AliIde Service C:\WINDOWS\system32\DRIVERS\AmdK8.sys [sYSTEM] AmdK8 Service C:\WINDOWS\system32\drivers\amon.sys [AUTO] AMON Service [DISABLED] amsint Service C:\WINDOWS\system32\svchost.exe [MANUAL] AppMgmt Service [DISABLED] asc Service [DISABLED] asc3350p Service [DISABLED] asc3550 Service C:\WINDOWS\system32\DRIVERS\asyncmac.sys [MANUAL] AsyncMac Service C:\WINDOWS\system32\DRIVERS\atapi.sys [bOOT] atapi Service [DISABLED] Atdisk Service C:\WINDOWS\system32\DRIVERS\atmarpc.sys [MANUAL] Atmarpc Service C:\WINDOWS\System32\svchost.exe [AUTO] AudioSrv Service C:\WINDOWS\system32\DRIVERS\audstub.sys [MANUAL] audstub Service BattC Service [sYSTEM] Beep Service C:\WINDOWS\system32\svchost.exe [AUTO] BITS Service C:\WINDOWS\system32\svchost.exe [AUTO] Browser Service C:\DOCUME~1\Adam\USTAWI~1\Temp\catchme.sys [MANUAL] catchme Service [DISABLED] cbidf2k Service [DISABLED] cd20xrnt Service [sYSTEM] Cdaudio Service [DISABLED] Cdfs Service C:\WINDOWS\system32\DRIVERS\cdrom.sys [sYSTEM] Cdrom Service [sYSTEM] Changer Service C:\WINDOWS\system32\cisvc.exe [MANUAL] CiSvc Service C:\WINDOWS\system32\clipsrv.exe [DISABLED] ClipSrv Service [DISABLED] CmdIde Service C:\WINDOWS\system32\dllhost.exe [MANUAL] COMSysApp Service ContentFilter Service ContentIndex Service [DISABLED] Cpqarray Service C:\WINDOWS\system32\svchost.exe [AUTO] CryptSvc Service [DISABLED] dac2w2k Service [DISABLED] dac960nt Service C:\WINDOWS\system32\svchost.exe [AUTO] DcomLaunch Service C:\WINDOWS\system32\svchost.exe [AUTO] Dhcp Service C:\WINDOWS\system32\DRIVERS\disk.sys [bOOT] Disk Service C:\WINDOWS\System32\dmadmin.exe [MANUAL] dmadmin Service C:\WINDOWS\System32\drivers\dmboot.sys [DISABLED] dmboot Service C:\WINDOWS\System32\drivers\dmio.sys [bOOT] dmio Service C:\WINDOWS\System32\drivers\dmload.sys [bOOT] dmload Service C:\WINDOWS\System32\svchost.exe [AUTO] dmserver Service C:\WINDOWS\system32\drivers\DMusic.sys [MANUAL] DMusic Service C:\WINDOWS\system32\svchost.exe [AUTO] Dnscache Service [DISABLED] dpti2o Service C:\WINDOWS\system32\drivers\drmkaud.sys [MANUAL] drmkaud Service C:\WINDOWS\System32\svchost.exe [AUTO] ERSvc Service C:\WINDOWS\system32\services.exe [AUTO] Eventlog Service C:\WINDOWS\system32\svchost.exe [MANUAL] EventSystem Service [DISABLED] Fastfat Service C:\WINDOWS\System32\svchost.exe [MANUAL] FastUserSwitchingCompatibility Service C:\WINDOWS\system32\DRIVERS\fdc.sys [MANUAL] Fdc Service [sYSTEM] Fips Service C:\WINDOWS\system32\DRIVERS\flpydisk.sys [MANUAL] Flpydisk Service C:\WINDOWS\system32\DRIVERS\fltMgr.sys [bOOT] FltMgr Service [sYSTEM] Fs_Rec Service C:\WINDOWS\system32\DRIVERS\ftdisk.sys [bOOT] Ftdisk Service C:\WINDOWS\System32\DRIVERS\gmer.sys [MANUAL] gmer Service F:\INSTALL\GMSIPCI.SYS [MANUAL] GMSIPCI Service C:\WINDOWS\system32\DRIVERS\msgpc.sys [MANUAL] Gpc Service C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [MANUAL] HDAudBus Service C:\WINDOWS\System32\svchost.exe [AUTO] helpsvc Service C:\WINDOWS\System32\svchost.exe [DISABLED] HidServ Service [DISABLED] hpn Service C:\WINDOWS\System32\Drivers\HTTP.sys [MANUAL] HTTP Service C:\WINDOWS\System32\svchost.exe [MANUAL] HTTPFilter Service [sYSTEM] i2omgmt Service [DISABLED] i2omp Service C:\WINDOWS\system32\DRIVERS\i8042prt.sys [sYSTEM] i8042prt Service C:\WINDOWS\system32\DRIVERS\imapi.sys [sYSTEM] Imapi Service C:\WINDOWS\system32\imapi.exe [MANUAL] ImapiService Service inetaccs Service [DISABLED] ini910u Service Inport Service C:\WINDOWS\system32\drivers\RtkHDAud.sys [MANUAL] IntcAzAudAddService Service [DISABLED] IntelIde Service C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys [MANUAL] Ip6Fw Service C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys [MANUAL] IpFilterDriver Service C:\WINDOWS\system32\DRIVERS\ipinip.sys [MANUAL] IpInIp Service C:\WINDOWS\system32\DRIVERS\ipnat.sys [MANUAL] IpNat Service C:\WINDOWS\system32\DRIVERS\ipsec.sys [sYSTEM] IPSec Service C:\WINDOWS\system32\DRIVERS\irda.sys [AUTO] irda Service C:\WINDOWS\system32\DRIVERS\irenum.sys [MANUAL] IRENUM Service C:\WINDOWS\system32\svchost.exe [AUTO] Irmon Service C:\WINDOWS\system32\DRIVERS\irsir.sys [MANUAL] irsir Service ISAPISearch Service C:\WINDOWS\system32\DRIVERS\isapnp.sys [bOOT] isapnp Service C:\WINDOWS\system32\DRIVERS\k750bus.sys [MANUAL] k750bus Service C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [MANUAL] k750mdfl Service C:\WINDOWS\system32\DRIVERS\k750mdm.sys [MANUAL] k750mdm Service C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [MANUAL] k750mgmt Service C:\WINDOWS\system32\DRIVERS\k750obex.sys [MANUAL] k750obex Service C:\WINDOWS\system32\DRIVERS\kbdclass.sys [sYSTEM] Kbdclass Service C:\WINDOWS\system32\drivers\kmixer.sys [MANUAL] kmixer Service [bOOT] KSecDD Service C:\WINDOWS\system32\svchost.exe [AUTO] lanmanserver Service C:\WINDOWS\system32\svchost.exe [AUTO] lanmanworkstation Service [sYSTEM] lbrtfdc Service ldap Service LicenseService Service C:\Program Files\Common Files\LightScribe\LSSrvc.exe [AUTO] LightScribeService Service C:\WINDOWS\system32\svchost.exe [AUTO] LmHosts Service C:\WINDOWS\system32\svchost.exe [DISABLED] Messenger Service [sYSTEM] mnmdd Service C:\WINDOWS\system32\mnmsrvc.exe [MANUAL] mnmsrvc Service [MANUAL] Modem Service C:\WINDOWS\system32\DRIVERS\mouclass.sys [sYSTEM] Mouclass Service [bOOT] MountMgr Service [DISABLED] mraid35x Service C:\WINDOWS\system32\DRIVERS\mrxdav.sys [MANUAL] MRxDAV Service C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [sYSTEM] MRxSmb Service C:\WINDOWS\system32\msdtc.exe [MANUAL] MSDTC Service [sYSTEM] Msfs Service F:\install4\MSICPL.sys [MANUAL] MSICPL Service C:\WINDOWS\system32\msiexec.exe [MANUAL] MSIServer Service C:\WINDOWS\system32\drivers\MSKSSRV.sys [MANUAL] MSKSSRV Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys [MANUAL] MSPCLOCK Service C:\WINDOWS\system32\drivers\MSPQM.sys [MANUAL] MSPQM Service C:\WINDOWS\system32\DRIVERS\mssmbios.sys [MANUAL] mssmbios Service [bOOT] Mup Service [bOOT] NDIS Service C:\WINDOWS\system32\DRIVERS\ndistapi.sys [MANUAL] NdisTapi Service C:\WINDOWS\system32\DRIVERS\ndisuio.sys [MANUAL] Ndisuio Service C:\WINDOWS\system32\DRIVERS\ndiswan.sys [MANUAL] NdisWan Service [MANUAL] NDProxy Service C:\WINDOWS\system32\DRIVERS\netbios.sys [sYSTEM] NetBIOS Service C:\WINDOWS\system32\DRIVERS\netbt.sys [sYSTEM] NetBT Service C:\WINDOWS\system32\netdde.exe [DISABLED] NetDDE Service C:\WINDOWS\system32\netdde.exe [DISABLED] NetDDEdsdm Service C:\WINDOWS\system32\lsass.exe [MANUAL] Netlogon Service C:\WINDOWS\System32\svchost.exe [MANUAL] Netman Service C:\WINDOWS\system32\svchost.exe [MANUAL] Nla Service C:\Program Files\Eset\nod32krn.exe [AUTO] NOD32krn Service [sYSTEM] Npfs Service F:\NTACCESS.sys [MANUAL] NTACCESS Service [DISABLED] Ntfs Service C:\WINDOWS\system32\lsass.exe [MANUAL] NtLmSsp Service C:\WINDOWS\system32\svchost.exe [MANUAL] NtmsSvc Service [sYSTEM] Null Service C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [MANUAL] nv Service C:\WINDOWS\system32\DRIVERS\nvata.sys [bOOT] nvata Service C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [MANUAL] NVENETFD Service C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [MANUAL] nvnetbus Service C:\WINDOWS\system32\nvsvc32.exe [AUTO] NVSvc Service C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys [MANUAL] NwlnkFlt Service C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys [MANUAL] NwlnkFwd Service C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [MANUAL] ose Service Outlook Service C:\WINDOWS\system32\DRIVERS\parport.sys [MANUAL] Parport Service [bOOT] PartMgr Service [AUTO] ParVdm Service C:\WINDOWS\system32\DRIVERS\pci.sys [bOOT] PCI Service [sYSTEM] PCIDump Service C:\WINDOWS\system32\DRIVERS\pciide.sys [bOOT] PCIIde Service [DISABLED] Pcmcia Service [MANUAL] PDCOMP Service [MANUAL] PDFRAME Service [MANUAL] PDRELI Service [MANUAL] PDRFRAME Service [DISABLED] perc2 Service [DISABLED] perc2hib Service PerfDisk Service PerfNet Service PerfOS Service PerfProc Service C:\WINDOWS\system32\services.exe [AUTO] PlugPlay Service C:\WINDOWS\system32\lsass.exe [AUTO] PolicyAgent Service C:\WINDOWS\system32\DRIVERS\raspptp.sys [MANUAL] PptpMiniport Service C:\WINDOWS\system32\DRIVERS\processr.sys [sYSTEM] Processor Service C:\WINDOWS\system32\lsass.exe [AUTO] ProtectedStorage Service C:\WINDOWS\system32\DRIVERS\psched.sys [MANUAL] PSched Service C:\WINDOWS\system32\DRIVERS\ptilink.sys [MANUAL] Ptilink Service C:\WINDOWS\System32\Drivers\PxHelp20.sys [bOOT] PxHelp20 Service [DISABLED] ql1080 Service [DISABLED] Ql10wnt Service [DISABLED] ql12160 Service [DISABLED] ql1240 Service [DISABLED] ql1280 Service C:\WINDOWS\system32\DRIVERS\rasacd.sys [sYSTEM] RasAcd Service C:\WINDOWS\system32\svchost.exe [MANUAL] RasAuto Service C:\WINDOWS\system32\DRIVERS\rasirda.sys [MANUAL] Rasirda Service C:\WINDOWS\system32\DRIVERS\rasl2tp.sys [MANUAL] Rasl2tp Service C:\WINDOWS\system32\svchost.exe [MANUAL] RasMan Service C:\WINDOWS\system32\DRIVERS\raspppoe.sys [MANUAL] RasPppoe Service C:\WINDOWS\system32\DRIVERS\raspti.sys [MANUAL] Raspti Service C:\WINDOWS\system32\DRIVERS\rdbss.sys [sYSTEM] Rdbss Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [sYSTEM] RDPCDD Service RDPDD Service C:\WINDOWS\system32\DRIVERS\rdpdr.sys [MANUAL] rdpdr Service RDPNP Service [MANUAL] RDPWD Service C:\WINDOWS\system32\sessmgr.exe [MANUAL] RDSessMgr Service C:\WINDOWS\system32\DRIVERS\redbook.sys [sYSTEM] redbook Service C:\WINDOWS\system32\svchost.exe [DISABLED] RemoteAccess Service C:\WINDOWS\system32\svchost.exe [AUTO] RemoteRegistry Service C:\Program Files\CyberLink\Shared Files\RichVideo.exe [AUTO] RichVideo Service C:\WINDOWS\system32\locator.exe [MANUAL] RpcLocator Service C:\WINDOWS\system32\svchost.exe [AUTO] RpcSs Service C:\WINDOWS\system32\rsvp.exe [MANUAL] RSVP Service C:\WINDOWS\system32\lsass.exe [AUTO] SamSs Service C:\WINDOWS\System32\SCardSvr.exe [MANUAL] SCardSvr Service C:\WINDOWS\System32\svchost.exe [AUTO] Schedule Service C:\WINDOWS\system32\DRIVERS\secdrv.sys [MANUAL] Secdrv Service C:\WINDOWS\System32\svchost.exe [AUTO] seclogon Service C:\WINDOWS\system32\svchost.exe [AUTO] SENS Service C:\WINDOWS\system32\DRIVERS\serenum.sys [MANUAL] serenum Service C:\WINDOWS\system32\DRIVERS\serial.sys [sYSTEM] Serial Service F:\NTGLM7X.sys [MANUAL] SetupNTGLM7X Service [sYSTEM] Sfloppy Service C:\WINDOWS\System32\svchost.exe [AUTO] SharedAccess Service C:\WINDOWS\System32\svchost.exe [AUTO] ShellHWDetection Service [DISABLED] Simbad Service [DISABLED] Sparrow Service C:\WINDOWS\system32\drivers\splitter.sys [MANUAL] splitter Service C:\WINDOWS\system32\spoolsv.exe [AUTO] Spooler Service C:\WINDOWS\system32\DRIVERS\sr.sys [bOOT] sr Service C:\WINDOWS\system32\svchost.exe [AUTO] srservice Service C:\WINDOWS\system32\DRIVERS\srv.sys [MANUAL] Srv Service C:\WINDOWS\system32\svchost.exe [MANUAL] SSDPSRV Service C:\WINDOWS\system32\svchost.exe [MANUAL] stisvc Service C:\WINDOWS\system32\DRIVERS\swenum.sys [MANUAL] swenum Service C:\WINDOWS\system32\drivers\swmidi.sys [MANUAL] swmidi Service C:\WINDOWS\system32\dllhost.exe [MANUAL] SwPrv Service [DISABLED] symc810 Service [DISABLED] symc8xx Service [DISABLED] sym_hi Service [DISABLED] sym_u3 Service C:\WINDOWS\system32\drivers\sysaudio.sys [MANUAL] sysaudio Service C:\WINDOWS\system32\smlogsvc.exe [MANUAL] SysmonLog Service C:\WINDOWS\System32\svchost.exe [MANUAL] TapiSrv Service C:\WINDOWS\system32\DRIVERS\tcpip.sys [sYSTEM] Tcpip Service [MANUAL] TDPIPE Service [MANUAL] TDTCP Service C:\WINDOWS\system32\DRIVERS\termdd.sys [sYSTEM] TermDD Service C:\WINDOWS\System32\svchost.exe [MANUAL] TermService Service C:\WINDOWS\System32\svchost.exe [AUTO] Themes Service C:\WINDOWS\system32\tlntsvr.exe [DISABLED] TlntSvr Service [DISABLED] TosIde Service C:\WINDOWS\system32\svchost.exe [AUTO] TrkWks Service TSDDD Service [DISABLED] Udfs Service [DISABLED] ultra Service C:\WINDOWS\system32\DRIVERS\update.sys [MANUAL] Update Service C:\WINDOWS\system32\svchost.exe [MANUAL] upnphost Service C:\WINDOWS\System32\ups.exe [MANUAL] UPS Service usb Service C:\WINDOWS\system32\DRIVERS\usbehci.sys [MANUAL] usbehci Service C:\WINDOWS\system32\DRIVERS\usbhub.sys [MANUAL] usbhub Service C:\WINDOWS\system32\DRIVERS\usbohci.sys [MANUAL] usbohci Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [MANUAL] USBSTOR Service C:\WINDOWS\System32\drivers\vga.sys [sYSTEM] VgaSave Service [DISABLED] ViaIde Service [bOOT] VolSnap Service C:\WINDOWS\System32\vssvc.exe [MANUAL] VSS Service C:\WINDOWS\System32\svchost.exe [AUTO] W32Time Service W3SVC Service C:\WINDOWS\system32\DRIVERS\wanarp.sys [MANUAL] Wanarp Service [MANUAL] WDICA Service C:\WINDOWS\system32\drivers\wdmaud.sys [MANUAL] wdmaud Service C:\WINDOWS\system32\svchost.exe [AUTO] WebClient Service C:\WINDOWS\system32\svchost.exe [AUTO] winmgmt Service [MANUAL] Winsock Service WinSock2 Service WinTrust Service C:\WINDOWS\System32\svchost.exe [MANUAL] WmdmPmSN Service C:\WINDOWS\System32\svchost.exe [MANUAL] Wmi Service WmiApRpl Service C:\WINDOWS\system32\wbem\wmiapsrv.exe [MANUAL] WmiApSrv Service C:\WINDOWS\System32\drivers\ws2ifsl.sys [sYSTEM] WS2IFSL Service C:\WINDOWS\System32\svchost.exe [AUTO] wscsvc Service C:\WINDOWS\system32\svchost.exe [AUTO] wuauserv Service C:\WINDOWS\System32\svchost.exe [AUTO] WZCSVC Service C:\WINDOWS\System32\svchost.exe [MANUAL] xmlprov Service {404DF324-E971-45D5-8EBA-67752A679D7E} Service {4E0B72F4-8000-4F17-A0F4-F13296254700} ---- EOF - GMER 1.0.13 ----

Dzięki i pozdrawiam

Gutek · 22 Listopad 2007 22:09

Nic nie widźę, ale zaraz dokładniej obejrzę loga:

Pobierz program SDFix

misiu1 · 6 Grudzień 2007 17:34

Jak zwykle przepraszam, za długa przerwę, ale wcześniej nie miałem dostępu do tego komputera.

SDFix: Version 1.117 Run by Adam on 2007-12-06 at 18:27 Microsoft Windows XP [Wersja 5.1.2600] Running From: c:\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting… Normal Mode: Checking Files: No Trojan Files Found Removing Temp Files… ADS Check: C:\WINDOWS No streams found. C:\WINDOWS\system32 No streams found. C:\WINDOWS\system32\svchost.exe No streams found. C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-06 18:28:57 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden services & system hive … scanning hidden registry entries … [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\A\1\5\1c] “Order”=hex:08,00,00,00,02,00,00,00,b8,01,00,00,01,00,00,00,04,00,00,00,8c,… scanning hidden files … scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] “C:\Program Files\Gadu-Gadu\gg.exe”=“C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program główny” “C:\Program Files\Skype\Phone\Skype.exe”=“C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype” [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] Remaining Files: --------------- Files with Hidden Attributes: Wed 7 Nov 2007 495,344 A…H. — “C:\WINDOWS\SoftwareDistribution\Download\4eeb59f084e20038b23f012bb616a593\BIT67.tmp” Finished!

Dzięki

Gutek · 6 Grudzień 2007 19:11

Log ok, czy problem ustąpił?

misiu1 · 7 Grudzień 2007 06:11

Dzięki. Komputer na dzień dzisiejszy pracuje ok. Czyli to było jakieś “widzimisie” ? W każdym razie, jeżeli czysto to super.

Jeszcze raz wielkie dzięki.