Mój zasilacz to ZM-29, 230 V. Chkdsk nie wykrył żadnych błędów ale po uruchomieniu pojawił się znów ten sam komunikat. Log z Combo zamieszczam w takiej postaci(mam nadzieję,że nikt nie będzie krzyczał [-X )
ComboFix 08-07-01.3 - Asia 2008-07-02 17:31:16.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.543 [GMT 2:00]
Running from: D:\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\lsprst7.dll
C:\WINDOWS\system32\ssprs.dll
.
((((((((((((((((((((((((( Files Created from 2008-06-02 to 2008-07-02 )))))))))))))))))))))))))))))))
.
2008-07-02 16:07 . 2008-07-02 16:30
2008-07-02 16:07 . 2008-07-02 16:07 45 --a------ C:\WINDOWS\system32\initdebug.nfo
2008-07-02 14:03 . 2008-07-02 14:24
2008-07-02 14:03 . 2007-01-19 10:40 89,088 --a------ C:\WINDOWS\system32\SkanerOnlineUninstall.exe
2008-07-01 22:28 . 2008-07-01 22:28
2008-07-01 22:27 . 2008-07-01 22:27
2008-06-29 16:07 . 2008-06-29 16:07
2008-06-10 17:07 . 2008-06-21 22:56
2008-06-09 22:00 . 2008-06-09 22:13 1,553 --a------ C:\logfile
2008-06-09 21:52 . 2008-06-09 21:52
2008-06-09 21:52 . 2008-06-09 21:52 1,025 --a------ C:\WINDOWS\system32\sysprs7.tgz
2008-06-09 21:52 . 2008-06-09 21:52 1,025 --a------ C:\WINDOWS\system32\sysprs7.dll
2008-06-09 21:52 . 2008-06-09 21:52 1,025 --a------ C:\WINDOWS\system32\clauth2.dll
2008-06-09 21:52 . 2008-06-09 21:52 1,025 --a------ C:\WINDOWS\system32\clauth1.dll
2008-06-09 21:52 . 2008-06-09 22:16 219 --a------ C:\WINDOWS\system32\lsprst7.tgz
2008-06-09 21:52 . 2008-06-09 22:16 87 --a------ C:\WINDOWS\system32\ssprs.tgz
2008-06-09 21:50 . 2008-06-09 21:50
2008-06-09 19:51 . 2008-07-02 15:45
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-02 15:29 --------- d-----w C:\Program Files\Neostrada TP
2008-06-14 18:01 273,024 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-05-17 08:32 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab
2008-05-16 21:31 --------- d–h--w C:\Program Files\InstallShield Installation Information
2008-05-16 21:31 --------- d-----w C:\Program Files\Common Files\Panda Software
2008-05-13 16:34 20,680 -c–a-w C:\Documents and Settings\Asia\Dane aplikacji\GDIPFONTCACHEV1.DAT
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:16 1,291,264 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-05 19:29 --------- d-----w C:\Program Files\Winamp
2008-05-05 17:15 --------- d-----w C:\Program Files\Common Files\Adobe
2008-05-05 10:01 --------- d—a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP
2008-05-03 11:19 --------- d-----w C:\Program Files\Gadu-Gadu
2008-04-23 07:20 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2004-10-01 14:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
2001-11-23 04:08 712,704 -c–a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 09:44 15360]
“IncrediMail”=“C:\Program Files\IncrediMail\bin\IncMail.exe” [2008-03-11 18:30 243072]
“swg”=“C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2008-05-02 17:51 68856]
“Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2008-03-20 12:04 2127296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“WooCnxMon”=“C:\PROGRA~1\NEOSTR~1\CnxMon.exe” [2003-10-16 19:07 24576]
“SpeedTouch USB Diagnostics”=“C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” [2004-01-26 12:38 866816]
“WOOWATCH”=“C:\PROGRA~1\NEOSTR~1\Watch.exe” [2003-10-16 19:07 20480]
“WOOTASKBARICON”=“C:\PROGRA~1\NEOSTR~1\taskbaricon.exe” [2003-10-16 19:07 53248]
“avast!”=“D:\PROGRA~1\ashDisp.exe” [2008-05-16 01:19 79224]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“C:\WINDOWS\System32\CTFMON.EXE” [2004-08-04 09:44 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
“AntiVirusOverride”=dword:00000001
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“C:\Program Files\Gadu-Gadu\gg.exe”=
“C:\Program Files\BitComet\BitComet.exe”=
“C:\Program Files\BearShare\BearShare.exe”=
“C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe”=
“C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe”=
“C:\WINDOWS\system32\mmc.exe”=
“%windir%\Network Diagnostic\xpnetdiag.exe”=
“C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\Polish\setup.exe”=
“C:\Program Files\IncrediMail\bin\IncMail.exe”=
“C:\Program Files\IncrediMail\bin\ImApp.exe”=
“C:\Program Files\IncrediMail\bin\ImpCnt.exe”=
“C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.325\Polish\setup.exe”=
“C:\Program Files\Microsoft Office\Office10\WINWORD.EXE”=
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“17867:TCP”= 17867:TCP:BitComet 17867 TCP
“17867:UDP”= 17867:UDP:BitComet 17867 UDP
“20421:TCP”= 20421:TCP:BitComet 20421 TCP
“20421:UDP”= 20421:UDP:BitComet 20421 UDP
“8461:TCP”= 8461:TCP:GoD High Port
“8462:TCP”= 8462:TCP:GoD Low Port
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
S3 ATE_PROCMON;ATE_PROCMON;C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
*Newly Created Service* - CATCHME
*Newly Created Service* - GIVEIO
*Newly Created Service* - SPEEDFAN
.
Contents of the ‘Scheduled Tasks’ folder
“2008-05-17 09:38:13 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job”
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
“2008-05-09 13:00:00 C:\WINDOWS\Tasks\Norton Security Scan.job”
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-02 17:35:19
Windows 5.1.2600 Dodatek Service Pack 2 NTFS
scanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-07-02 17:38:41
ComboFix-quarantined-files.txt 2008-07-02 15:38:25
Pre-Run: 6,233,649,152 bajtów wolnych
Post-Run: 6,291,165,184 bajtów wolnych
120Nowa pamięć była dopasowywana do procesora,tak więc nie powinna szwankować
Temperatura:
Temp1-35
Temp2 0
Temp3 38
nie wiem co jeszcze mogę sprawdzić… 