Pomoc virus

Witam

Przed chwila zalozylem konto, jestem nowy hejka :wink: Mam pewien problem ktory jest zwiazany (tak mi sie wydaje) z jakims virusem zlosliwym. problem wyglada tka ze od paru dni nie codziennie restartowal mi sie komputer wlaczal i 2 min i sie restartowal na samym poczatku pomoglo odlaczenie internetu i przeskanowanie komputera kaspersym najnowsza wersja (6.0.1.411)ale jakies 2 dni temu dopeiro odpalilem trybem awaryjenym przeskanowlem i jakos hula ale przy wlaczeniu komputeraz kasperski informuje mnie o jakims virusie i nie moge sie go pozbyc a w tym sprawach jestem zerem :slight_smile: nie znam sie tak za bardzo.Wczesniej przegladajac forum wyczytalem o programie Silent Runners scaignalem i mam ten dokument textowy z tymi informacjami mam cala zawartosc teg odokumnetu Wam skopiowac? i prosil bym o wytlumaczenie mi krok po kroku co i jak zeby pozbyc sie tego virusa. i nie tylko bo podjerzewam ze jeszcze cos tam moze siedziec;)

Antyvirusow jakich uzywam to jak wyzej kasperski i ad-aware

Prosze o wyrozumialosc bo naprawde sie na tym nie znam, a ten problem jest denerwujacy :wink:

2 x 300 ;D

TST - Witaj na forum.

Kilka spraw:

  • Twój post przenoszę do działu “Bezpieczeństwo”

  • Wklej logi z programów HijackThis oraz Silent Runners. Instrukcję jak to zrobić znajdziesz TUTAJ.

  • Zmień tytuł na bardziej konkretny. Szczególy znajdziesz w TYM temacie.

  • Proponuję też abyś od początku stosował się do zasad panujących na tym forum. Jedną z nich jest używanie polskiej pisowni (włączając w to znaki typu ą, ś, ć, ł, ó itd).

Zastosuj się proszę do tych reguł

OKej

Nie spodziewałem się tak szybkiej odpowiedzi.Prosze o wytłumaczenie krok po kroku bo jak już wspominalem nie znam się na tym. a więc tak to jest zawartosc dokumentu txt z programu silent runners.

“Silent Runners.vbs”, revision R50, http://www.silentrunners.org/

Operating System: Windows XP SP2

Output limited to non-default values, except where indicated by “{++}”

Startup items buried in registry:


HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

“MSMSGS” = ““C:\Program Files\Messenger\msmsgs.exe” /background” [MS]

“ares” = ““D:\Program Files\Ares\Ares.exe” -h” [“Ares Development Group”]

“Steam” = “(empty string)” [file not found]

“taskdir” = “C:\WINDOWS\system32\taskdir.exe” [file not found]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

“DAEMON Tools-1033” = ““D:\Program Files\D-Tools\daemon.exe” -lang 1033” [“DAEMON’S HOME”]

“C-Media Mixer” = “Mixer.exe /startup” [“C-Media Electronic Inc. (http://www.cmedia.com.tw)”]

“wcmdmgr” = “C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch” [“WildTangent, Inc.”]

“SunJavaUpdateSched” = “C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe” [“Sun Microsystems, Inc.”]

“Logitech Utility” = “Logi_MwX.Exe” [“Logitech Inc.”]

“AVP” = ““D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe”” [“Kaspersky Lab”]

“(Default)” = “(empty string)” [file not found]

“KernelFaultCheck” = “C:\WINDOWS\system32\dumprep 0 -k”

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}(Default) = “BitComet ClickCapture”

-> {HKLM…CLSID} = “BitComet Helper”

\InProcServer32(Default) = “D:\Program Files\BitComet\tools\BitCometBHO.dll” [“BitComet”]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided)

-> {HKLM…CLSID} = “SSVHelper Class”

\InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll” [“Sun Microsystems, Inc.”]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

“{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Rozszerzenie CPL kadrowania wyświetlania”

-> {HKLM…CLSID} = “Rozszerzenie CPL kadrowania wyświetlania”

\InProcServer32(Default) = “deskpan.dll” [file not found]

“{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu”

-> {HKLM…CLSID} = “HyperTerminal Icon Ext”

\InProcServer32(Default) = “C:\WINDOWS\System32\hticons.dll” [“Hilgraeve, Inc.”]

“{B41DB860-8EE4-11D2-9906-E49FADC173CA}” = “WinRAR shell extension”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “D:\Program Files\WinRAR\rarext.dll” [null data]

“{0006F045-0000-0000-C000-000000000046}” = “Microsoft Outlook Custom Icon Handler”

-> {HKLM…CLSID} = “Outlook File Icon Extension”

\InProcServer32(Default) = “C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL” [MS]

“{85E0B171-04FA-11D1-B7DA-00A0C90348D6}” = “Web Anti-Virus”

-> {HKLM…CLSID} = “Web Anti-Virus”

\InProcServer32(Default) = “D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll” [“Kaspersky Lab”]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\

<> AtiExtEvent\DLLName = “Ati2evxx.dll” [“ATI Technologies Inc.”]

<> klogon\DLLName = “C:\WINDOWS\system32\klogon.dll” [“Kaspersky Lab”]

<> partnershipreg\DLLName = “C:\Documents and Settings\All Users\Dokumenty\Settings\partnership.dll” [null data]

HKLM\Software\Classes*\shellex\ContextMenuHandlers\

Kaspersky Anti-Virus(Default) = “{dd230880-495a-11d1-b064-008048ec2fc5}”

-> {HKLM…CLSID} = (no title provided)

\InProcServer32(Default) = “D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\ShellEx.dll” [“Kaspersky Lab”]

WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “D:\Program Files\WinRAR\rarext.dll” [null data]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\

WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “D:\Program Files\WinRAR\rarext.dll” [null data]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\

Kaspersky Anti-Virus(Default) = “{dd230880-495a-11d1-b064-008048ec2fc5}”

-> {HKLM…CLSID} = (no title provided)

\InProcServer32(Default) = “D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\ShellEx.dll” [“Kaspersky Lab”]

WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “D:\Program Files\WinRAR\rarext.dll” [null data]

Group Policies {GPedit.msc branch and setting}:


Note: detected settings may not have any effect.

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\

“shutdownwithoutlogon” = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Shutdown: Allow system to be shut down without having to log on}

“undockwithoutlogon” = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Devices: Allow undock without having to log on}

Active Desktop and Wallpaper:


Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

“Wallpaper” = “C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp”

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

“Wallpaper” = “C:\Documents and Settings\TOST\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp”

Enabled Screen Saver:


HKCU\Control Panel\Desktop\

“SCRNSAVE.EXE” = “C:\WINDOWS\System32\scrnsave.scr” [MS]

Startup items in “TOST” & “All Users” startup folders:


C:\Documents and Settings\TOST\Menu Start\Programy\Autostart

<> “desktop(2).ini” [null data]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart

<> “desktop(2).ini” [null data]

“Microsoft Office” -> shortcut to: “C:\Program Files\Microsoft Office\Office\OSA9.EXE -b -l” [MS]

Winsock2 Service Provider DLLs:


Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS]

000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS]

000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05

Toolbars, Explorer Bars, Extensions:


Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

“{EF99BD32-C1FB-11D2-892F-0090271D4F88}”

-> {HKLM…CLSID} = “Yahoo! Toolbar”

\InProcServer32(Default) = “C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll” [“Yahoo! Inc.”]

Explorer Bars

HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\

HKLM\Software\Classes\CLSID{85E0B171-04FA-11D1-B7DA-00A0C90348D6}(Default) = “Web Anti-Virus”

Implemented Categories{00021493-0000-0000-C000-000000000046}\ [vertical bar]

InProcServer32(Default) = “D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll” [“Kaspersky Lab”]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\

“MenuText” = “Sun Java Console”

“CLSIDExtension” = “{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}”

-> {HKCU…CLSID} = “Java Plug-in”

\InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll” [“Sun Microsystems, Inc.”]

-> {HKLM…CLSID} = “Java Plug-in 1.5.0_06”

\InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll” [“Sun Microsystems, Inc.”]

{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}\

“ButtonText” = “Web Anti-Virus”

Running Services (Display Name, Service Name, Path {Service DLL}):


Ati HotKey Poller, Ati HotKey Poller, “C:\WINDOWS\system32\Ati2evxx.exe” [“ATI Technologies Inc.”]

Kaspersky Anti-Virus 6.0, AVP, ““D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe” -r” [“Kaspersky Lab”]

WMDM PMSP Service, WMDM PMSP Service, “C:\WINDOWS\System32\MsPMSPSv.exe” [MS]


<>: Suspicious data at a malware launch point.

  • This report excludes default entries except where indicated.

  • To see *everywhere* the script checks and *everything* it finds,

launch it from a command prompt or a shortcut with the -all parameter.

  • The search for DESKTOP.INI DLL launch points on all local fixed drives

took 69 seconds.

---------- (total run time: 159 seconds)

Ściągasz program KillBox, zaznaczasz Delete on reboot , w polu full path of file wklej ścieżkę:

C:\Documents and Settings\All Users\Dokumenty\Settings\partnership.dll

Klikasz X czerwony i restart kompa.

Otwórz Notatnik i wklej w nim to:

Plik >>> Zapisz jako >>> Zmień rozszerzenie z TXT na Wszystkie pliki >>> Zapisz pod nazwą FIX.REG >>> kliknij dwa razy na utworzony plik FIX.REG i potwierdź dodanie do rejestru >>> restart.

Przeskanuj http://www.ewido.net/en/ i wrzuć raport oraz nowy log.

Dobrze wszystko zrobiłem zgodnie z instrukacja z linka sciagnalem program AVG anti spyware zainstalowalem przeskanowalem [wybierajac pierwsza opcje] AVG RAPORT:


AVG Anti-Spyware - Scan Report


  • Created at: 15:16:39 2007-01-29

  • Scan result:

:mozilla.437:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.438:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.439:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.440:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.441:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.442:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.443:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.444:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.632:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.936:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.

:mozilla.393:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.

:mozilla.394:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.

:mozilla.126:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.

:mozilla.127:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.

:mozilla.128:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.

:mozilla.422:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.

:mozilla.423:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.

:mozilla.60:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.

:mozilla.61:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.

:mozilla.62:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.

:mozilla.854:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.

:mozilla.855:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.

:mozilla.86:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.

:mozilla.87:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.

:mozilla.88:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.

:mozilla.89:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.

:mozilla.90:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.

:mozilla.507:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.

:mozilla.508:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.

:mozilla.662:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.

:mozilla.663:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.

:mozilla.307:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.308:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.309:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.

:mozilla.262:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.

:mozilla.747:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.

:mozilla.770:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.

:mozilla.943:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.

:mozilla.210:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.

:mozilla.859:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.

:mozilla.505:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.

:mozilla.506:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.

:mozilla.155:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.156:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.421:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.727:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.

:mozilla.628:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.

:mozilla.629:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.

:mozilla.630:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.

:mozilla.668:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.

:mozilla.670:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.

:mozilla.424:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.

:mozilla.652:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned.

:mozilla.258:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.

:mozilla.302:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.

:mozilla.303:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.

:mozilla.902:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.

:mozilla.903:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.

:mozilla.501:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Overture : Cleaned.

:mozilla.503:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Overture : Cleaned.

:mozilla.504:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Overture : Cleaned.

:mozilla.619:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Overture : Cleaned.

:mozilla.799:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Popularix : Cleaned.

:mozilla.678:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.

:mozilla.679:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.

:mozilla.527:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.528:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.529:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.530:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.531:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.532:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.

:mozilla.910:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.

:mozilla.116:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

:mozilla.117:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

:mozilla.118:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

:mozilla.119:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

:mozilla.122:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

:mozilla.123:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.

:mozilla.50:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.51:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.52:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.53:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.54:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.

C:\Documents and Settings\TOST\Cookies\tost@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.

:mozilla.685:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.

:mozilla.392:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.

:mozilla.751:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.

:mozilla.205:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.206:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.207:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.208:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.209:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.

:mozilla.635:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.

:mozilla.636:C:\Documents and Settings\TOST\Dane aplikacji\Mozilla\Firefox\Profiles\rcilxc97.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.

C:\Documents and Settings\TOST\Pulpit\Tlen.pl\plugins\Mleczko 1.0.0.0 bugfix.zip/mleczko.tpl -> Trojan.Lineage.mh : Cleaned with backup (quarantined).

C:\Documents and Settings\TOST\Pulpit\Tlen.pl\plugins\mleczko.tpl -> Trojan.Lineage.mh : Cleaned with backup (quarantined).

C:\Documents and Settings\TOST\Pulpit\Tlen.pl\plugins\plg\Mleczko 1.0.0.0 bugfix.zip/mleczko.tpl -> Trojan.Lineage.mh : Cleaned with backup (quarantined).

C:\Documents and Settings\TOST\Pulpit\Tlen.pl\plugins\plg\mleczko.tpl -> Trojan.Lineage.mh : Cleaned with backup (quarantined).

D:\Program Files\Tlen.pl\plugins\Mleczko 1.0.0.0 bugfix.zip/mleczko.tpl -> Trojan.Lineage.mh : Cleaned with backup (quarantined).

D:\Program Files\Tlen.pl\plugins\mleczko.tpl -> Trojan.Lineage.mh : Cleaned with backup (quarantined).

D:\Program Files\Tlen.pl\plugins\plg\Mleczko 1.0.0.0 bugfix.zip/mleczko.tpl -> Trojan.Lineage.mh : Cleaned with backup (quarantined).

D:\Program Files\Tlen.pl\plugins\plg\mleczko.tpl -> Trojan.Lineage.mh : Cleaned with backup (quarantined).

::Report end

Silent runners:

“Silent Runners.vbs”, revision R50, http://www.silentrunners.org/

Operating System: Windows XP SP2

Output limited to non-default values, except where indicated by “{++}”

Startup items buried in registry:


HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

“MSMSGS” = ““C:\Program Files\Messenger\msmsgs.exe” /background” [MS]

“ares” = ““D:\Program Files\Ares\Ares.exe” -h” [“Ares Development Group”]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

“DAEMON Tools-1033” = ““D:\Program Files\D-Tools\daemon.exe” -lang 1033” [“DAEMON’S HOME”]

“C-Media Mixer” = “Mixer.exe /startup” [“C-Media Electronic Inc. (http://www.cmedia.com.tw)”]

“wcmdmgr” = “C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch” [“WildTangent, Inc.”]

“SunJavaUpdateSched” = “C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe” [“Sun Microsystems, Inc.”]

“Logitech Utility” = “Logi_MwX.Exe” [“Logitech Inc.”]

“AVP” = ““D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe”” [“Kaspersky Lab”]

“(Default)” = “(empty string)” [file not found]

“KernelFaultCheck” = “C:\WINDOWS\system32\dumprep 0 -k”

“!AVG Anti-Spyware” = ““D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” /minimized” [“Anti-Malware Development a.s.”]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}(Default) = “BitComet ClickCapture”

-> {HKLM…CLSID} = “BitComet Helper”

\InProcServer32(Default) = “D:\Program Files\BitComet\tools\BitCometBHO.dll” [“BitComet”]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided)

-> {HKLM…CLSID} = “SSVHelper Class”

\InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll” [“Sun Microsystems, Inc.”]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

“{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Rozszerzenie CPL kadrowania wyświetlania”

-> {HKLM…CLSID} = “Rozszerzenie CPL kadrowania wyświetlania”

\InProcServer32(Default) = “deskpan.dll” [file not found]

“{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu”

-> {HKLM…CLSID} = “HyperTerminal Icon Ext”

\InProcServer32(Default) = “C:\WINDOWS\System32\hticons.dll” [“Hilgraeve, Inc.”]

“{B41DB860-8EE4-11D2-9906-E49FADC173CA}” = “WinRAR shell extension”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “D:\Program Files\WinRAR\rarext.dll” [null data]

“{0006F045-0000-0000-C000-000000000046}” = “Microsoft Outlook Custom Icon Handler”

-> {HKLM…CLSID} = “Outlook File Icon Extension”

\InProcServer32(Default) = “C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL” [MS]

“{85E0B171-04FA-11D1-B7DA-00A0C90348D6}” = “Web Anti-Virus”

-> {HKLM…CLSID} = “Web Anti-Virus”

\InProcServer32(Default) = “D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll” [“Kaspersky Lab”]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

<> “{57B86673-276A-48B2-BAE7-C6DBB3020EB8}” = “AVG Anti-Spyware 7.5”

-> {HKLM…CLSID} = “CShellExecuteHookImpl Object”

\InProcServer32(Default) = “D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll” [“Anti-Malware Development a.s.”]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\

<> AtiExtEvent\DLLName = “Ati2evxx.dll” [“ATI Technologies Inc.”]

<> klogon\DLLName = “C:\WINDOWS\system32\klogon.dll” [“Kaspersky Lab”]

HKLM\Software\Classes*\shellex\ContextMenuHandlers\

AVG Anti-Spyware(Default) = “{8934FCEF-F5B8-468f-951F-78A921CD3920}”

-> {HKLM…CLSID} = “CContextScan Object”

\InProcServer32(Default) = “D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll” [“Anti-Malware Development a.s.”]

Kaspersky Anti-Virus(Default) = “{dd230880-495a-11d1-b064-008048ec2fc5}”

-> {HKLM…CLSID} = (no title provided)

\InProcServer32(Default) = “D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\ShellEx.dll” [“Kaspersky Lab”]

WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “D:\Program Files\WinRAR\rarext.dll” [null data]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\

AVG Anti-Spyware(Default) = “{8934FCEF-F5B8-468f-951F-78A921CD3920}”

-> {HKLM…CLSID} = “CContextScan Object”

\InProcServer32(Default) = “D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll” [“Anti-Malware Development a.s.”]

WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “D:\Program Files\WinRAR\rarext.dll” [null data]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\

Kaspersky Anti-Virus(Default) = “{dd230880-495a-11d1-b064-008048ec2fc5}”

-> {HKLM…CLSID} = (no title provided)

\InProcServer32(Default) = “D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\ShellEx.dll” [“Kaspersky Lab”]

WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}”

-> {HKLM…CLSID} = “WinRAR”

\InProcServer32(Default) = “D:\Program Files\WinRAR\rarext.dll” [null data]

Group Policies {GPedit.msc branch and setting}:


Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\

“DisableRegistryTools” = (REG_DWORD) hex:0x00000000

{User Configuration|Administrative Templates|System|

Prevent access to registry editing tools}

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\

“shutdownwithoutlogon” = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Shutdown: Allow system to be shut down without having to log on}

“undockwithoutlogon” = (REG_DWORD) hex:0x00000001

{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|

Devices: Allow undock without having to log on}

Active Desktop and Wallpaper:


Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

“Wallpaper” = “C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp”

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

“Wallpaper” = “C:\Documents and Settings\TOST\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp”

Enabled Screen Saver:


HKCU\Control Panel\Desktop\

“SCRNSAVE.EXE” = “C:\WINDOWS\System32\scrnsave.scr” [MS]

Startup items in “TOST” & “All Users” startup folders:


C:\Documents and Settings\TOST\Menu Start\Programy\Autostart

<> “desktop(2).ini” [null data]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart

<> “desktop(2).ini” [null data]

“Microsoft Office” -> shortcut to: “C:\Program Files\Microsoft Office\Office\OSA9.EXE -b -l” [MS]

Winsock2 Service Provider DLLs:


Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS]

000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS]

000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05

Toolbars, Explorer Bars, Extensions:


Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

“{EF99BD32-C1FB-11D2-892F-0090271D4F88}”

-> {HKLM…CLSID} = “Yahoo! Toolbar”

\InProcServer32(Default) = “C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll” [“Yahoo! Inc.”]

Explorer Bars

HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\

HKLM\Software\Classes\CLSID{85E0B171-04FA-11D1-B7DA-00A0C90348D6}(Default) = “Web Anti-Virus”

Implemented Categories{00021493-0000-0000-C000-000000000046}\ [vertical bar]

InProcServer32(Default) = “D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll” [“Kaspersky Lab”]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\

“MenuText” = “Sun Java Console”

“CLSIDExtension” = “{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}”

-> {HKCU…CLSID} = “Java Plug-in”

\InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll” [“Sun Microsystems, Inc.”]

-> {HKLM…CLSID} = “Java Plug-in 1.5.0_06”

\InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll” [“Sun Microsystems, Inc.”]

{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}\

“ButtonText” = “Web Anti-Virus”

Running Services (Display Name, Service Name, Path {Service DLL}):


Ati HotKey Poller, Ati HotKey Poller, “C:\WINDOWS\system32\Ati2evxx.exe” [“ATI Technologies Inc.”]

AVG Anti-Spyware Guard, AVG Anti-Spyware Guard, “D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe” [“Anti-Malware Development a.s.”]

Kaspersky Anti-Virus 6.0, AVP, ““D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe” -r” [“Kaspersky Lab”]

WMDM PMSP Service, WMDM PMSP Service, “C:\WINDOWS\System32\MsPMSPSv.exe” [MS]


<>: Suspicious data at a malware launch point.

  • This report excludes default entries except where indicated.

  • To see *everywhere* the script checks and *everything* it finds,

launch it from a command prompt or a shortcut with the -all parameter.

  • The search for DESKTOP.INI DLL launch points on all local fixed drives

took 31 seconds.

---------- (total run time: 88 seconds)

I mam jeszcze pytanie czy używam 3 programów anty virusowych kaspersky, ad-aware i teraz ten program który dostałem w linku AVG Anti-spyware te 3 wyżej wymienione programy nie będą się gryzły jakoś?

Proponujecie któregoś z nich usunąć, czy zostawić jak jest?

I jeszcze czy ten partnership którego usunąłem ( chyba ) mógł powodować wcześniejsze restarty kompa ? oceńcie nowe raporty czy wszszytko ok

dziekuje i 2 x 300 ;D

Nie powinny się gryźć. Ale na Twoim miejscu zostawiłbym AVG którego zainstalowałeś przed chwilą oraz Kasperskiego. Dodatkowo możesz do tego dorzucić jakiegoś firewalla albo chociaż włączyć zaporę wbudowaną w system. O jej konfiguracji dowiesz się oglądając tą demonstrację:

http://dobreprogramy.pl/demonstracje/windows_zapora.htm

Niczego raczej nie można wykluczyć ale jeśli w dalszym ciągu będziesz miał ten problem to poszukaj minidumpów i wklej np.zawartość dwóch tutaj. Opis szukania minidumpów znajduje się tutaj:

http://forum.dobreprogramy.pl/viewtopic … 327#797327

Log z silenta jest w porządku. Ale AVG wykrył wtyczkę mleczko pozwalającą robią tzw. wielolinijkowe opisy jako szkodliwą. Być może to fałszywy alarm ale możesz przeskanować jeszcze jakimś skanerem on-line - Skanery do wyboru.

No mam nadzieje ze już problem restartującego kompa sie więcej nie pojawi

Dzieki za tak szybkie odpowiedzi ; * ;D

pozdrawiam