Rozłączanie neta

przez **paolo** » 12 Wrz 2007, 00:17

mam od niedawna problem z internetem z Netii, co jakis czas 2-5 minut, rozłacza mi sie na chwilę, to znaczy samo połaczenie internetowe nie pokazuje komunikatu o rozłaczeniu, ale wylogowuwuje mi komunikator, przerywa ściaganie filmiku przy ogladaniku na YouTube czy na stałe przerywa ściąganie plików za pomocą przeglądarki internetowej
czym to moze byc spowodowane?

przez **VampirLord** » 12 Wrz 2007, 01:06

viry hacker

blad w systemie roznie

pokaz log w

HijackThis

ComboFix

gmer

Silent Runners

i umioesc w dziale bezpieczenstwo

przez **paolo** » 12 Wrz 2007, 11:30

system jest czysty, zero wirusów
log wzorcowy wprost - bardzo mało elementów i wszystkie bezpieczne
nie wiem,o co chodzi

przez **slake1** » 12 Wrz 2007, 14:39

Jednak dla pewności zamieść logi w tym temacie.

przez **buzu** » 12 Wrz 2007, 20:35

No właśnie.Czym to może być spowodowane .

Jak już wcześniej pisałem na SB i myślę ,że reszta ma tak samo a mianowicie chodzi o szkane kule,które poszły na przegląd a z Twojej wypowiedzi wywróżyć za cholerę nic się nie da.Więc dostosuj się do zaleceń albo radź sobie sam znawco .Weź pod uwagę,że Twoja interpretacja logów może się mijać z naszą więc albo logi albo google a lbo format :C

przez **paolo** » 13 Wrz 2007, 10:03

Kod: Zaznacz wszystko: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:02:13, on 2007-09-13 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\System32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Programy\DAEMON Tools 3.47.0\daemon.exe C:\Program Files\Programy\Active Virus Shield\avp.exe C:\Program Files\Programy\Active Virus Shield\avp.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Programy\Winamp\winamp.exe C:\Program Files\Programy\Konnekt\konnekt.exe C:\Program Files\Programy\Opera\Opera.exe C:\Program Files\Programy\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\Programy\BitComet\tools\BitCometBHO_1.1.7.4.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Programy\Java\bin\ssv.dll O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\Programy\DAEMON Tools 3.47.0\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AVP] "C:\Program Files\Programy\Active Virus Shield\avp.exe" O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\Programy\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\Programy\BitComet\tools\BitCometBHO_1.1.7.4.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O17 - HKLM\System\CCS\Services\Tcpip\..\{FCE46567-C1CB-4B57-90FC-B8A36CB81725}: NameServer = 213.241.79.37 83.238.255.76 O23 - Service: Active Virus Shield (AVP) - Kaspersky Lab - C:\Program Files\Programy\Active Virus Shield\avp.exe O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 3067 bytes

przez **slake1** » 13 Wrz 2007, 14:25

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

Fix.

Pokaż log z Silent Runners i ComboFix.

przez **paolo** » 13 Wrz 2007, 18:09

Kod: Zaznacz wszystko: ComboFix 07-09-13.3 - "Pablo" 2007-09-13 18:03:44.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.528 [GMT 2:00] * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\_000110_.tmp.dll . ((((((((((((((((((((((((( Files Created from 2007-08-13 to 2007-09-13 ))))))))))))))))))))))))))))))) . 2007-09-13 18:02 51,200 --a--c--- C:\WINDOWS\NirCmd.exe 2007-09-05 22:37 9,316,640 --ahsc--- C:\WINDOWS\system32\drivers\fidbox.dat 2007-09-05 22:37 87,072 --ahsc--- C:\WINDOWS\system32\drivers\fidbox2.dat 2007-09-05 22:37 82,061 --a--c--- C:\WINDOWS\system32\drivers\klick.dat 2007-09-05 22:37 81,549 --a--c--- C:\WINDOWS\system32\drivers\klin.dat 2007-09-05 22:37 <DIR> d----c--- C:\DOCUME~1\ALLUSE~1\DANEAP~1\AOL 2007-09-05 20:23 <DIR> d----c--- C:\Downloads 2007-09-05 18:57 <DIR> d----c--- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Raxco 2007-09-05 18:36 <DIR> d----c--- C:\DOCUME~1\Pablo\DANEAP~1\Lavasoft 2007-09-05 13:36 <DIR> d----c--- C:\Program Files\Windows Media Connect 2 2007-09-04 15:02 <DIR> d--hsc--- C:\WINDOWS\ftpcache 2007-09-02 20:59 208,896 --a--c--- C:\WINDOWS\system32\nvudisp.exe 2007-09-02 20:59 <DIR> d----c--- C:\WINDOWS\nview 2007-09-02 19:45 33,280 -ra--c--- C:\WINDOWS\system32\drivers\NVENETFD.sys 2007-09-02 19:45 198,656 -ra--c--- C:\WINDOWS\system32\fdco1.dll 2007-09-02 19:44 8,192 -ra--c--- C:\WINDOWS\system32\bdco1.dll 2007-09-02 19:44 56,960 -ra--c--- C:\WINDOWS\system32\drivers\nvnrm.sys 2007-09-02 19:44 32,256 -ra--c--- C:\WINDOWS\system32\nvconrm.dll 2007-09-02 19:44 208,896 --a--c--- C:\WINDOWS\system32\nvunrm.exe 2007-09-02 19:44 208,896 --a--c--- C:\WINDOWS\system32\NVUNINST.EXE 2007-09-02 19:44 191,232 -ra--c--- C:\WINDOWS\system32\drivers\nvsnpu.sys 2007-09-02 19:44 12,928 -ra--c--- C:\WINDOWS\system32\drivers\nvnetbus.sys 2007-09-02 19:43 <DIR> d----c--- C:\NVIDIA 2007-09-02 15:18 83,968 -ra--c--- C:\WINDOWS\system32\nvraidservice.exe 2007-09-02 15:18 74,240 -ra--c--- C:\WINDOWS\system32\NvRaidWizardEnu.dll 2007-09-02 15:18 68,224 --a--c--- C:\WINDOWS\system32\drivers\nvraid.sys 2007-09-02 15:18 6,144 -ra--c--- C:\WINDOWS\system32\NvRaidSvEnu.dll 2007-09-02 15:18 396,800 -ra--c--- C:\WINDOWS\system32\NvRaidWizard.dll 2007-09-02 15:18 294,400 --a--c--- C:\WINDOWS\system32\idecoi.dll 2007-09-02 15:18 244,224 -ra--c--- C:\WINDOWS\system32\NvRaidMan.exe 2007-09-02 15:18 20,480 -ra--c--- C:\WINDOWS\system32\NvRaidEnu.dll 2007-09-02 15:18 18,432 --a--c--- C:\WINDOWS\system32\nvraidco.dll 2007-08-25 22:23 90,112 -ra--c--- C:\WINDOWS\SOUNDMAN.EXE 2007-08-25 22:23 3,808,192 -ra--c--- C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2007-08-25 22:23 217,088 -ra--c--- C:\WINDOWS\Alcrmv.exe 2007-08-25 22:23 157,184 -ra--c--- C:\WINDOWS\system32\RTLCPAPI.dll 2007-08-25 22:23 10,475,008 -ra--c--- C:\WINDOWS\system32\RTLCPL.EXE 2007-08-22 22:15 <DIR> d----c--- C:\WINDOWS\system32\pl-pl 2007-08-21 22:36 <DIR> d----c--- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Skype 2007-08-21 09:57 17,920 -ra--c--- C:\WINDOWS\system32\IMPLODE.DLL 2007-08-21 09:48 322,384 --a--c--- C:\WINDOWS\system\Mfc250.dll 2007-08-21 09:48 27,632 -ra--c--- C:\WINDOWS\system\Ctl3dv2.dll 2007-08-21 09:48 21,052 --a--c-t- C:\WINDOWS\system32\SIntfNT.dll 2007-08-21 09:48 15,144 --a--c-t- C:\WINDOWS\system32\SIntf32.dll 2007-08-21 09:48 146,976 --a--c--- C:\WINDOWS\system\Mfcoleui.dll 2007-08-21 09:48 125,856 -ra--c--- C:\WINDOWS\system\Mfco250.dll 2007-08-21 09:48 12,067 --a--c-t- C:\WINDOWS\system32\SIntf16.dll 2007-08-21 09:46 <DIR> d----c--- C:\DOCUME~1\Pablo\DANEAP~1\Bertelsmann 2007-08-21 09:45 45,056 --a--c--- C:\WINDOWS\system32\lexazdll32.dll 2007-08-21 09:45 258,352 --a--c--- C:\WINDOWS\system32\unicows.dll 2007-08-21 09:45 <DIR> d----c--- C:\WINDOWS\system32\wd2007 2007-08-21 09:42 61,440 --a--c--- C:\WINDOWS\system32\lookmod.dll 2007-08-21 09:42 45,056 --a--c--- C:\WINDOWS\system32\patchmod.dll 2007-08-21 09:42 45,056 --a--c--- C:\WINDOWS\system32\hookmod.dll 2007-08-21 09:42 135,168 --a--c--- C:\WINDOWS\system32\TXTUSER.EXE 2007-08-21 09:38 36,864 --a--c--- C:\WINDOWS\system32\Hooks.dll 2007-08-21 09:34 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys 2007-08-20 16:24 <DIR> d----c--- C:\WINDOWS\system32\drivers\umdf 2007-08-20 15:01 1,360 -r---c--- C:\WINDOWS\system32\drivers\alcxinit.dat 2007-08-20 13:10 <DIR> d----c--- C:\WINDOWS\system32\LogFiles 2007-08-16 10:09 5,632 --a--c--- C:\WINDOWS\system32\ptpusb.dll 2007-08-16 10:09 159,232 --a--c--- C:\WINDOWS\system32\ptpusd.dll 2007-08-15 17:32 221,184 --a--c--- C:\WINDOWS\system32\wmpns.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-13 18:04 135224 --ahsc--- C:\WINDOWS\system32\drivers\fidbox.idx 2007-09-13 18:04 11228 --ahsc--- C:\WINDOWS\system32\drivers\fidbox2.idx 2007-09-12 00:10 --------- d----c--- C:\DOCUME~1\Pablo\DANEAP~1\Hamachi 2007-09-11 23:25 --------- d----c--- C:\DOCUME~1\Pablo\DANEAP~1\Skype 2007-09-09 00:47 25544 --a--c--- C:\WINDOWS\system32\drivers\hamachi.sys 2007-09-09 00:47 --------- d----c--- C:\Program Files\Programy 2007-09-02 19:30 --------- d----c--- C:\Program Files\Common Files\InstallShield 2007-09-02 19:24 --------- d--h-c--- C:\Program Files\InstallShield Installation Information 2007-08-22 21:25 --------- d----c--- C:\DOCUME~1\Pablo\DANEAP~1\Real 2007-08-12 19:16 --------- d----c--- C:\DOCUME~1\Pablo\DANEAP~1\SopCast 2007-08-11 23:21 --------- d----c--- C:\DOCUME~1\Pablo\DANEAP~1\Opera 2007-08-10 00:08 --------- d----c--- C:\DOCUME~1\Pablo\DANEAP~1\MSPWNOUP2006 2007-08-09 13:31 --------- d----c--- C:\Program Files\Microsoft.NET 2007-08-07 15:37 98304 --a--c--- C:\WINDOWS\system32\CmdLineExt.dll 2007-08-06 12:51 --------- d----c--- C:\Program Files\Lexmark 2300 Series 2007-08-02 13:32 --------- d----c--- C:\Program Files\Media Player Classic 2007-08-02 13:32 --------- d----c--- C:\DOCUME~1\Pablo\DANEAP~1\Media Player Classic 2007-08-02 13:32 --------- d----c--- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Real 2007-07-30 23:14 --------- d----c--- C:\DOCUME~1\Pablo\DANEAP~1\vlc 2007-07-30 19:19 92504 --a--c--- C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a--c--- C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 53080 --a--c--- C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 43352 --a--c--- C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a--c--- C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 203096 --a--c--- C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 1712984 --a--c--- C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:18 33624 --a--c--- C:\WINDOWS\system32\wups.dll 2007-07-30 16:14 28624 --a--c--- C:\WINDOWS\system32\drivers\secdrv.sys 2007-07-30 14:50 60416 --a--c--- C:\WINDOWS\ALCFDRTM.EXE 2007-07-30 14:32 --------- d----c--- C:\Program Files\Thomson 2007-07-30 14:08 --------- d----c--- C:\DOCUME~1\Pablo\DANEAP~1\Ahead 2007-07-30 14:03 --------- d----c--- C:\Program Files\Common Files\Ahead 2007-07-30 13:21 --------- d----c--- C:\Program Files\microsoft frontpage 2007-06-26 08:10 1104896 --a--c--- C:\WINDOWS\system32\msxml3.dll 2007-06-19 15:32 282112 --a--c--- C:\WINDOWS\system32\gdi32.dll 2007-06-13 15:23 1034752 --a--c--- C:\WINDOWS\explorer.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools-1033"="C:\Program Files\Programy\DAEMON Tools 3.47.0\daemon.exe" [2004-08-22 17:05] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-02-24 07:32] "AVP"="C:\Program Files\Programy\Active Virus Shield\avp.exe" [2007-04-03 11:37] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] AutoRun\command- G:\Uruchom.EXE [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H] AutoRun\command- H:\setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I] AutoRun\command- I:\Uruchom.EXE [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J] AutoRun\command- J:\Autorun.exe . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-13 18:05:37 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-09-13 18:06:36 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-09-13 18:06 . --- E O F ---

Kod: Zaznacz wszystko: "Silent Runners.vbs", revision 52, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "DAEMON Tools-1033" = ""C:\Program Files\Programy\DAEMON Tools 3.47.0\daemon.exe" -lang 1033" ["DAEMON'S HOME"] "NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS] "AVP" = ""C:\Program Files\Programy\Active Virus Shield\avp.exe"" ["Kaspersky Lab"] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\(Default) = "BitComet ClickCapture" -> {HKLM...CLSID} = "BitComet Helper" \InProcServer32\(Default) = "C:\Program Files\Programy\BitComet\tools\BitCometBHO_1.1.7.4.dll" ["BitComet"] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "C:\Program Files\Programy\Java\bin\ssv.dll" ["Sun Microsystems, Inc."] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania" -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania" \InProcServer32\(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\Programy\WinRar\rarext.dll" [null data] "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Programy\Microsoft Office 2003\OFFICE11\msohev.dll" [MS] "{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler" -> {HKLM...CLSID} = "Microsoft Office Outlook" \InProcServer32\(Default) = "C:\PROGRA~1\Programy\MICROS~2\OFFICE11\MLSHEXT.DLL" [MS] "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler" -> {HKLM...CLSID} = "Rozszerzenie ikon plików programu Outlook" \InProcServer32\(Default) = "C:\PROGRA~1\Programy\MICROS~2\OFFICE11\OLKFSTUB.DLL" [MS] "{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class" -> {HKLM...CLSID} = "DesktopContext Class" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"] "{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper" -> {HKLM...CLSID} = "NVIDIA CPL Extension" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"] "{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer" -> {HKLM...CLSID} = "Desktop Explorer" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu" -> {HKLM...CLSID} = "nView Desktop Context Menu" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ "WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" -> {HKLM...CLSID} = "WPDShServiceObj Class" \InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS] HKLM\System\CurrentControlSet\Control\Session Manager\ <<!>> "BootExecute" = "PDBoot.exe" [file not found]|"autocheck autochk *" HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ <<!>> klogon\DLLName = "C:\WINDOWS\system32\klogon.dll" ["Kaspersky Lab"] HKLM\Software\Classes\PROTOCOLS\Filter\ <<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS] HKLM\Software\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info" -> {HKLM...CLSID} = "PDF Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."] HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Programy\Active Virus Shield\ShellEx.dll" ["Kaspersky Lab"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\Programy\WinRar\rarext.dll" [null data] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\Programy\WinRar\rarext.dll" [null data] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Programy\Active Virus Shield\ShellEx.dll" ["Kaspersky Lab"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "C:\Program Files\Programy\WinRar\rarext.dll" [null data] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ "shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ "Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp" Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ "Wallpaper" = "C:\Documents and Settings\Pablo\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp" Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ "SCRNSAVE.EXE" = "C:\WINDOWS\system32\logon.scr" [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Explorer Bars HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\ HKLM\Software\Classes\CLSID\{E7A829CC-671F-4C3D-B590-8C0AEA72E6B2}\(Default) = "BitComet Search" Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = "C:\Program Files\Programy\BitComet\tools\BitCometBHO_1.1.7.4.dll" ["BitComet"] HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Badanie" Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = "C:\PROGRA~1\Programy\MICROS~2\OFFICE11\REFIEBAR.DLL" [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {461CC20B-FB6E-4F16-8FE8-C29359DB100E}\ "ButtonText" = "BitComet Search" Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Active Virus Shield, AVP, ""C:\Program Files\Programy\Active Virus Shield\avp.exe" -r" ["Kaspersky Lab"] NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ 2300 Series Port\Driver = "lxcglmpm.DLL" [empty string] Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS] ---------- (launch time: 2007-09-13 17:59:08) <<!>>: Suspicious data at a malware launch point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points, use the -supp parameter or answer "No" at the first message box and "Yes" at the second message box. ---------- (total run time: 27 seconds, including 10 seconds for message boxes)

przez **slake1** » 13 Wrz 2007, 21:53

Czy masz pendrive'a?

przez **paolo** » 13 Wrz 2007, 22:19

hm...mam kilka urządzeń podłączonych do USB, ale nie pendrive'a

przez **paolo** » 15 Wrz 2007, 13:07

to może odświeżę....

przez **pp3088** » 15 Wrz 2007, 13:19

Czysto.

przez **paolo** » 15 Wrz 2007, 21:30

paolo napisał(a):system jest czysty, zero wirusów

ot, jak stwierdziłem

ale moze macie jakies pomysły bo to rozłaczanie jest kłopotliwe

przez **paolo** » 15 Wrz 2007, 21:31

paolo napisał(a):system jest czysty, zero wirusów

ot, jak stwierdziłem

ale moze macie jakies pomysły bo te awarie sa kłopotliwe

przez **LucaS** » 15 Wrz 2007, 22:11

Pewnie masz Netie po kablach TP?
To samo się dzieje czesto z neostradą, że Cie wywal co chwile... czasem na kilka miechow spokoj, a czasami caly tydzien potrafi wnerwiac....
linie tp są przeciążane.

Ale dla pewności zadzowń do netii co oni ci powiedzą, może to coś z modemem ;>

Rozłączanie neta

Rozłączanie neta

Kto jest na forum