Musiałeś usunąć ja sobie tego nie wymyśliłem cytat z takim wpisem jest z twojego [quote]"Silent Runners.vbs", revision R50[/quote] Pozdrawiam o:)

Nie chcę nic mówić... http://www.fotosik.pl/pokaz_obrazek/eb6fb7eb31d0df3d.html gdzie to widzisz w moim rejestrze?

aha - a może ktoś będzie łaskawy i rzuci plikiem rundll32.exe? bo wydaje mi się, że w tym tkwi problem :) pozdrawiam, wojtek ostojski.

Niestety - zastosowanie ich zakończyło się fiaskiem... Wydaję mi się, że jedyny ratunek tkwi w komendzie FORMAT C: pozdrawiam wojtek.

A co z innym kontem ?? Spróbuj tez przeprowadzic czysty rozruch systemu -> [url]http://support.microsoft.com/default.aspx/kb/310353[/url] i sprawdź czy bedzie OK. Jak tak, to włączaj pojedynczo elementy autostartu. Update: Zajrzyj tez tutaj -> [url]http://winhlp.com/WxSystray.htm[/url] - jest kilka mozliwości podanych, które moga pomóc rozwiązać problem. Tylko nie stosuj ich hurtem a pojedynczo i sprawdzaj.

Do Leon$: Ja nie mam w ogóle takiego czegoś w rejestrze (NoTrayItemsDisplay) :) Nawet gdy sobie to utworzyłem, pobawiłem się z watościami itp. - nic to nie dało... Ma ktoś jeszcze jakąś koncepcję ? pozdrawiam, wojtek.

Sprawdź Start >> Uruchom >> [b]regedit[/b] HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer NoTrayItemsDisplay - REG_DWORD - 00000001 Ukrywa ikonki w Tray'u (te obok zegara). Jeśli tak masz to PPM na [b]NoTrayItemsDisplay [/b] >> Modyfikuj >> wpisz 0 (zero) Może być potrzebny restart

I nadal kicha... PS. Mogło się to stać ze względu na częste hibernowanie komputera?

Nie ma takich kluczy... Zaraz restartuję maszynę i sprawdzę... :)

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS] "Gadu-Gadu" = ""C:\Program Files\Gadu-Gadu\gg.exe" /tray" ["Gadu-Gadu S.A."] "Komunikator" = "C:\Program Files\Tlen.pl\tlen.exe" ["o2.pl Sp. z o.o."] "ares" = ""C:\Program Files\Ares\Ares.exe" -h" ["Ares Development Group"] "MSMSGS" = ""C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "Cmaudio" = "RunDll32 cmicnfg.dll,CMICtrlWnd" [MS] "RemoteControl" = ""C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"" ["Cyberlink Corp."] "SxgTkBar" = "SxgTkBar.exe" ["YAMAHA COROPRATION"] "LXBSCATS" = "rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBStime.dll,_RunDLLEntry@16" [MS] "NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS] "nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"] "NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit" [MS] "cctray" = ""C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"" ["CA, Inc."] "CAVRID" = ""C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"" ["CA, Inc."] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...CLSID} = "AcroIEHlprObj Class" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx" [empty string] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."] {D680C31D-E7B2-45BE-B44F-2CE58D06710f}\(Default) = (no title provided) -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\WINDOWS\system32\feulxvab.dll" [file not found] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania" -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania" \InProcServer32\(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."] "{4EB37360-49E8-11D3-95B5-004033382980}" = "ALZip 4.0 Context Menu Shell Extension" -> {HKLM...CLSID} = "ALZip 5.0 Context Menu Shell Extension" \InProcServer32\(Default) = "C:\PROGRA~1\ESTsoft\ALZip\AZCTM.dll" ["ESTsoft"] "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" = "OpenOffice.org Column Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.1.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{087B3AE3-E237-4467-B8DB-5A38AB959AC9}" = "OpenOffice.org Infotip Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.1.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{63542C48-9552-494A-84F7-73AA6A7C99C1}" = "OpenOffice.org Property Sheet Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.1.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{3B092F0C-7696-40E3-A80F-68D74DA84210}" = "OpenOffice.org Thumbnail Viewer" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.1.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] "{8932AEFE-9DB6-4f43-AFB2-5682F55E773A}" = "VPCHostCopyHook" -> {HKLM...CLSID} = "VPCHostCopyHook" \InProcServer32\(Default) = "C:\Program Files\Microsoft Virtual PC\VPCShExH.DLL" [MS] "{4CCEFB41-18FA-11D3-9EF3-00A0C9E897FD}" = "Skladnik rozszerzenia powloki CorelDRAW" -> {HKLM...CLSID} = "CorelDRAW Shell Extension Component" \InProcServer32\(Default) = "C:\Program Files\Corel\Corel Graphics 11\DRAW\CDRVIEWER\CrlShell110.dll" [null data] "{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}" = "jetAudio" -> {HKLM...CLSID} = "JetFlExt Class" \InProcServer32\(Default) = "C:\Program Files\JetAudio\JetFlExt.dll" ["JetAudio, Inc."] "{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class" -> {HKLM...CLSID} = "DesktopContext Class" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"] "{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper" -> {HKLM...CLSID} = "NVIDIA CPL Extension" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"] "{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer" -> {HKLM...CLSID} = "Desktop Explorer" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu" -> {HKLM...CLSID} = "nView Desktop Context Menu" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{1CE2AA40-1317-11D3-9922-00104B0AD431}" = "CA_AntiVirus" -> {HKLM...CLSID} = "CA_AntiVirus" \InProcServer32\(Default) = "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\avshlext.dll" ["CA, Inc."] "{ED65AC21-B24F-11d3-BA80-00C0CA16AA37}" = "Siemens Device" -> {HKLM...CLSID} = "Siemens Device" \InProcServer32\(Default) = "C:\Program Files\Mobile Phone Manager\DES\DESShellExt.dll" ["Siemens AG"] "{ED65AC22-B24F-11d3-BA80-00C0CA16AA37}" = "Siemens Device ContextMenuHandler" -> {HKLM...CLSID} = "Siemens Device ContextMenuHandler" \InProcServer32\(Default) = "C:\Program Files\Mobile Phone Manager\DES\DESShellExt.dll" ["Siemens AG"] "{ED65AC23-B24F-11d3-BA80-00C0CA16AA37}" = "Siemens SX1 PropertySheetHandler" -> {HKLM...CLSID} = "Siemens Device PropertySheetHandler" \InProcServer32\(Default) = "C:\Program Files\Mobile Phone Manager\DES\DESShellExt.dll" ["Siemens AG"] HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" -> {HKLM...CLSID} = "WPDShServiceObj Class" \InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS] HKLM\Software\Classes\Folder\shellex\ColumnHandlers{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = "OpenOffice.org Column Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = ""C:\Program Files\OpenOffice.ux.pl 2.1.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."] HKLM\Software\Classes\*\shellex\ContextMenuHandlersALZip\(Default) = "{4EB37360-49E8-11D3-95B5-004033382980}" -> {HKLM...CLSID} = "ALZip 5.0 Context Menu Shell Extension" \InProcServer32\(Default) = "C:\PROGRA~1\ESTsoft\ALZip\AZCTM.dll" ["ESTsoft"] CA_AntiVirus\(Default) = "{1CE2AA40-1317-11D3-9922-00104B0AD431}" -> {HKLM...CLSID} = "CA_AntiVirus" \InProcServer32\(Default) = "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\avshlext.dll" ["CA, Inc."] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlersALZip\(Default) = "{4EB37360-49E8-11D3-95B5-004033382980}" -> {HKLM...CLSID} = "ALZip 5.0 Context Menu Shell Extension" \InProcServer32\(Default) = "C:\PROGRA~1\ESTsoft\ALZip\AZCTM.dll" ["ESTsoft"] jetAudio\(Default) = "{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}" -> {HKLM...CLSID} = "JetFlExt Class" \InProcServer32\(Default) = "C:\Program Files\JetAudio\JetFlExt.dll" ["JetAudio, Inc."] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlersALZip\(Default) = "{4EB37360-49E8-11D3-95B5-004033382980}" -> {HKLM...CLSID} = "ALZip 5.0 Context Menu Shell Extension" \InProcServer32\(Default) = "C:\PROGRA~1\ESTsoft\ALZip\AZCTM.dll" ["ESTsoft"] CA_AntiVirus\(Default) = "{1CE2AA40-1317-11D3-9922-00104B0AD431}" -> {HKLM...CLSID} = "CA_AntiVirus" \InProcServer32\(Default) = "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\avshlext.dll" ["CA, Inc."] jetAudio\(Default) = "{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}" -> {HKLM...CLSID} = "JetFlExt Class" \InProcServer32\(Default) = "C:\Program Files\JetAudio\JetFlExt.dll" ["JetAudio, Inc."] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoBandCustomize" = (REG_DWORD) hex:0x00000000 {User Configuration|Administrative Templates|Windows Components|Internet Explorer|Toolbars| Disable customizing browser toolbars} "NoMovingBands" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoCloseDragDropBands" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoSetTaskbar" = (REG_DWORD) hex:0x00000000 {User Configuration|Administrative Templates|Start Menu and Taskbar| Prevent changes to Taskbar and Start Menu Settings} "NoToolbarsOnTaskbar" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoSaveSettings" = (REG_DWORD) hex:0x00000000 {User Configuration|Administrative Templates|Desktop| Don't save settings at exit} "NoActiveDesktop" = (REG_DWORD) hex:0x00000000 {User Configuration|Administrative Templates|Desktop|Desktop / Active Desktop| Disable Active Desktop} "ClassicShell" = (REG_DWORD) hex:0x00000000 {User Configuration|Administrative Templates|Windows Components|Windows Explorer| Enable Classic Shell / Turn on Classic Shell} "NoToolbarCustomize" = (REG_DWORD) hex:0x00000000 {User Configuration|Administrative Templates|Windows Components|Internet Explorer|Toolbars| Disable customizing browser toolbar buttons} "NoLowDiskSpaceChecks" = (REG_DWORD) hex:0x00000000 {unrecognized setting} HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "NoRemoteRecursiveEvents" = (REG_DWORD) hex:0x00000001 {unrecognized setting} "ClassicShell" = (REG_DWORD) hex:0x00000000 {unrecognized setting} "NoTrayItemsDisplay" = (REG_DWORD) hex:0x00000001 {unrecognized setting} HKCU\Software\Policies\Microsoft\Windows\System "DisableCMD" = (REG_DWORD) hex:0x00000000 {User Configuration|Administrative Templates|System| Disable the command prompt} HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System "shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} "NoInternetOpenWith" = (REG_DWORD) hex:0x00000001 {unrecognized setting} "DisableStatusMessages" = (REG_DWORD) hex:0x00000000 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp" Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop"Wallpaper" = "C:\Documents and Settings\temporary\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp" Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS] Startup items in "Wojtek" & "All Users" startup folders: -------------------------------------------------------- C:\Documents and Settings\temporary\Menu Start\Programy\Autostart "Skrót do iChat" -> shortcut to: "C:\Program Files\Intranet Chat\iChat.exe" ["AlexSoft"] "Skrót do Komunikator Tlen" -> shortcut to: "C:\Program Files\Tlen.pl\tlen.exe" ["o2.pl Sp. z o.o."] "Skrót do Skype" -> shortcut to: "C:\Program Files\Skype\Phone\Skype.exe" ["Skype Technologies S.A."] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart "ScanPanel" -> shortcut to: "C:\Program Files\Trust\Easy Webscan 19200\ScanPanel\ScnPanel.exe" [file not found] "TV Remote Control" -> shortcut to: "C:\Program Files\Terminator\TV7131 Utilities\P3XRCtl.exe" [empty string] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: C:\WINDOWS\system32\VetRedir.dll ["Computer Associates International, Inc."], 01 - 03, 17 %SystemRoot%\system32\mswsock.dll [MS], 04 - 06, 09 - 16 %SystemRoot%\system32\rsvpsp.dll [MS], 07 - 08 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser"{74DD705D-6834-439C-A735-A6DBE2677452}" -> {HKLM...CLSID} = "&VSAdd-in" \InProcServer32\(Default) = "C:\Program Files\VSAdd-in\VSAdd-in.dll" [file not found] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ CAISafe, CAISafe, "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe" ["Computer Associates International, Inc."] LightScribeService Direct Disc Labeling Service, LightScribeService, "C:\Program Files\Common Files\LightScribe\LSSrvc.exe" ["Hewlett-Packard Company"] NVIDIA Display Driver Service (Omega 1.6693) (Q), NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"] StarWind iSCSI Service, StarWindService, "C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe" ["Rocket Division Software"] VET Message Service, VETMSGNT, "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe" ["CA, Inc."] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors810 Series Port\Driver = "lxbslmpm.DLL" ["Lexmark International, Inc."] ---------- + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points, use the -supp parameter or answer "No" at the first message box and "Yes" at the second message box. ---------- (total run time: 362 seconds, including 6 seconds for message boxes) Aaaa... I nowy log z Hijacka Logfile of HijackThis v1.99.1 Scan saved at 16:56:41, on 2004-01-03 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Tlen.pl\tlen.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Ares\Ares.exe C:\PROGRA~1\MESSEN~1\Msmsgs.exe C:\Program Files\Terminator\TV7131 Utilities\P3XRCtl.exe C:\Program Files\Intranet Chat\iChat.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\SkypePM.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\WScript.exe C:\Documents and Settings\temporary\Pulpit\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.dll,CMICtrlWnd O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [SxgTkBar] SxgTkBar.exe O4 - HKLM\..\Run: [LXBSCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBStime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background O4 - Startup: Skrót do iChat.lnk = C:\Program Files\Intranet Chat\iChat.exe O4 - Startup: Skrót do Komunikator Tlen.lnk = C:\Program Files\Tlen.pl\tlen.exe O4 - Startup: Skrót do Skype.lnk = C:\Program Files\Skype\Phone\Skype.exe O4 - Global Startup: ScanPanel.lnk = C:\Program Files\Trust\Easy Webscan 19200\ScanPanel\ScnPanel.exe O4 - Global Startup: TV Remote Control.lnk = C:\Program Files\Terminator\TV7131 Utilities\P3XRCtl.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O17 - HKLM\System\CCS\Services\Tcpip\..\{A6D556DF-4216-4E29-A735-4A074D01B5DA}: NameServer = 194.204.159.1,194.204.152.34 O17 - HKLM\System\CS1\Services\Tcpip\..\{A6D556DF-4216-4E29-A735-4A074D01B5DA}: NameServer = 194.204.159.1,194.204.152.34 O17 - HKLM\System\CS2\Services\Tcpip\..\{A6D556DF-4216-4E29-A735-4A074D01B5DA}: NameServer = 194.204.159.1,194.204.152.34 O17 - HKLM\System\CS3\Services\Tcpip\..\{A6D556DF-4216-4E29-A735-4A074D01B5DA}: NameServer = 194.204.159.1,194.204.152.34 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxbs_device - Lexmark International, Inc. - C:\WINDOWS\System32\lxbscoms.exe O23 - Service: NVIDIA Display Driver Service (Omega 1.6693) (Q) (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe

Zostało [code]O2 - BHO: (no name) - {D680C31D-E7B2-45BE-B44F-2CE58D06710f} - C:\WINDOWS\system32\feulxvab.dll (file missing) [/code] Gdzie log SilentRunners ??

W Podglądzie nie ma nic o klęknięciu ani zatrzymaniu powłoki. Wyboldowanych plików też nie ma w danych folderach. A nowy log z Hijacka: Logfile of HijackThis v1.99.1 Scan saved at 16:23:02, on 2004-01-03 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Tlen.pl\tlen.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Ares\Ares.exe C:\PROGRA~1\MESSEN~1\Msmsgs.exe C:\Program Files\Terminator\TV7131 Utilities\P3XRCtl.exe C:\Program Files\Intranet Chat\iChat.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\SkypePM.exe C:\Documents and Settings\temporary\Pulpit\HijackThis.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\Program Files\FLStudio4\FL.exe C:\WINDOWS\system32\NOTEPAD.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {D680C31D-E7B2-45BE-B44F-2CE58D06710f} - C:\WINDOWS\system32\feulxvab.dll (file missing) O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.dll,CMICtrlWnd O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [SxgTkBar] SxgTkBar.exe O4 - HKLM\..\Run: [LXBSCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBStime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background O4 - Startup: Skrót do iChat.lnk = C:\Program Files\Intranet Chat\iChat.exe O4 - Startup: Skrót do Komunikator Tlen.lnk = C:\Program Files\Tlen.pl\tlen.exe O4 - Startup: Skrót do Skype.lnk = C:\Program Files\Skype\Phone\Skype.exe O4 - Global Startup: ScanPanel.lnk = C:\Program Files\Trust\Easy Webscan 19200\ScanPanel\ScnPanel.exe O4 - Global Startup: TV Remote Control.lnk = C:\Program Files\Terminator\TV7131 Utilities\P3XRCtl.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O17 - HKLM\System\CCS\Services\Tcpip\..\{A6D556DF-4216-4E29-A735-4A074D01B5DA}: NameServer = 194.204.159.1,194.204.152.34 O17 - HKLM\System\CS1\Services\Tcpip\..\{A6D556DF-4216-4E29-A735-4A074D01B5DA}: NameServer = 194.204.159.1,194.204.152.34 O17 - HKLM\System\CS2\Services\Tcpip\..\{A6D556DF-4216-4E29-A735-4A074D01B5DA}: NameServer = 194.204.159.1,194.204.152.34 O17 - HKLM\System\CS3\Services\Tcpip\..\{A6D556DF-4216-4E29-A735-4A074D01B5DA}: NameServer = 194.204.159.1,194.204.152.34 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxbs_device - Lexmark International, Inc. - C:\WINDOWS\System32\lxbscoms.exe O23 - Service: NVIDIA Display Driver Service (Omega 1.6693) (Q) (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe

[quote=ostojski]chodziło o Podgląd Zdarzeń[/quote] W Podglądzie zdarzeń nie da sie nic zepsuc praktycznie ;) Poprzeglądaj dzienniki czy nie ma jakichs informacji o zatrzymaniu powłoki systemowej albo o padzie procesu explorer.exe. Zafixuj. Pliki i foldery wyboldowane sprawdź czy sa i jak są usuń. [code]O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: (no name) - AutorunsDisabled - (no file) O2 - BHO: (no name) - {182B90A3-F372-438A-800C-6814B4DE417B} - C:\WINDOWS\system32\[b]rqrsqqp.dll[/b] (file missing) O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\[b]VSAdd-in[/b]\VSAdd-in.dll (file missing) O2 - BHO: (no name) - {56A2F8DF-5C7B-4D1E-9156-3019EFEE0FF1} - C:\WINDOWS\system32\[b]mlljk.dll[/b] (file missing) O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\[b]dcyvnepy.dll[/b] (file missing) O2 - BHO: (no name) - {D680C31D-E7B2-45BE-B44F-2CE58D06710f} - C:\WINDOWS\system32\[b]feulxvab.dll[/b] (file missing) O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing) O9 - Extra button: (no name) - AutorunsDisabled - (no file) O20 - Winlogon Notify: mlljk - C:\WINDOWS\system32\mlljk.dll (file missing) O20 - Winlogon Notify: rqrsqqp - rqrsqqp.dll (file missing)[/code] Softu Symanteca uzywasz jeszcze jakiegoś ?? Bo wygląda na to, że zostało LiveUpdate tylko [code] O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LiveUpdate\LuComServer_3_1.EXE[/code] Jak nie masz nic Symanteca to odinstaluj LiveUpdate z poziomu Dodaj/Usuń programy. Po robocie pokaż nowego loga Hijacka i dodatkowo loga SilentRunners (o nim też w dziale Bezpieczeństwo znajdziesz informacje)

chodziło o Podgląd Zdarzeń @EDIT: Zapodaję loga z HijackThis v.1.99.1 Logfile of HijackThis v1.99.1 Scan saved at 15:45:05, on 2004-01-03 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Tlen.pl\tlen.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Ares\Ares.exe C:\PROGRA~1\MESSEN~1\Msmsgs.exe C:\Program Files\Terminator\TV7131 Utilities\P3XRCtl.exe C:\Program Files\Intranet Chat\iChat.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\SkypePM.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\Documents and Settings\temporary\Pulpit\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: (no name) - AutorunsDisabled - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {182B90A3-F372-438A-800C-6814B4DE417B} - C:\WINDOWS\system32\rqrsqqp.dll (file missing) O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing) O2 - BHO: (no name) - {56A2F8DF-5C7B-4D1E-9156-3019EFEE0FF1} - C:\WINDOWS\system32\mlljk.dll (file missing) O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - C:\WINDOWS\system32\dcyvnepy.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {D680C31D-E7B2-45BE-B44F-2CE58D06710f} - C:\WINDOWS\system32\feulxvab.dll (file missing) O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing) O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.dll,CMICtrlWnd O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [SxgTkBar] SxgTkBar.exe O4 - HKLM\..\Run: [LXBSCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBStime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\Msmsgs.exe" /background O4 - Startup: Skrót do iChat.lnk = C:\Program Files\Intranet Chat\iChat.exe O4 - Startup: Skrót do Komunikator Tlen.lnk = C:\Program Files\Tlen.pl\tlen.exe O4 - Startup: Skrót do Skype.lnk = C:\Program Files\Skype\Phone\Skype.exe O4 - Global Startup: ScanPanel.lnk = C:\Program Files\Trust\Easy Webscan 19200\ScanPanel\ScnPanel.exe O4 - Global Startup: TV Remote Control.lnk = C:\Program Files\Terminator\TV7131 Utilities\P3XRCtl.exe O9 - Extra button: (no name) - AutorunsDisabled - (no file) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O17 - HKLM\System\CCS\Services\Tcpip\..\{A6D556DF-4216-4E29-A735-4A074D01B5DA}: NameServer = 194.204.159.1,194.204.152.34 O17 - HKLM\System\CS1\Services\Tcpip\..\{A6D556DF-4216-4E29-A735-4A074D01B5DA}: NameServer = 194.204.159.1,194.204.152.34 O17 - HKLM\System\CS2\Services\Tcpip\..\{A6D556DF-4216-4E29-A735-4A074D01B5DA}: NameServer = 194.204.159.1,194.204.152.34 O17 - HKLM\System\CS3\Services\Tcpip\..\{A6D556DF-4216-4E29-A735-4A074D01B5DA}: NameServer = 194.204.159.1,194.204.152.34 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: mlljk - C:\WINDOWS\system32\mlljk.dll (file missing) O20 - Winlogon Notify: rqrsqqp - rqrsqqp.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LiveUpdate\LuComServer_3_1.EXE O23 - Service: lxbs_device - Lexmark International, Inc. - C:\WINDOWS\System32\lxbscoms.exe O23 - Service: NVIDIA Display Driver Service (Omega 1.6693) (Q) (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe

jak to mi się odpali - co z tym trzeba dalej czynić? (boję się, żebym czegoś nie schrzanił...)

Zerknij do podglądu zdarzeń (Start -> Uruchom -> eventvwr.msc) i sprawdź czy explorer (powłoka systemowa) nie wykłada sie. Jak sie wykłada to może w podglądzie zdarzeń będa jakieś szczegoły na ten temat - podaj je. Dodatkowo - sprawdź na innym koncie uzytkownika. System wolny od "nieproszonych gości" ?? Sprawdź sobie profilaktycznie loga HIjacka (w dziale Bezpieczeństwo, w przyklejonych tematach, masz komplet informacji na ten temat)

niestety, Żółty - Twoja porada nic nie pomogła... zaraz szlag mnie trafi... :) pozdrawiam, wojtek.

W poletku Notification Area wybierz "Show missing icons" i zaznacz ptaszek przy "Disable SSDP and ..." po tym klikni Apply.

wiec tak - sciagnalem programik , ale ze w angielskim jestem ciemny to zapomniałem uprzedzic :) czy można by bylo wytlumaczyc mi o co chodzi ? krok po kroku :)

Ściągnij i spróbuj użyć Taskbar Repair Tool Plus! Po tym zresetuj system i napisz czy co się zmieniło.