Elektroda.pl
Elektroda.pl
X

Search our partners

Find the latest content on electronic components. Datasheets.com
Please add exception to AdBlock for elektroda.pl.
If you watch the ads, you support portal and users.

Windows Vista - Logowanie usługi klient nie powiodło się

IrasArgor 08 May 2014 19:35 3858 9
  • #1
    IrasArgor
    Level 9  
    Jak w temacie, brat dzisiaj zrestartował zawieszony komputer i podczas próby logowania usera na pulpit wyskoczyła mi informacja logowanie usługi klient zasad grupy nie powiodło się, Odmowa dostępu, problem jest też, taki, że to jedyne konto więc nie mogę wejść do systemu, przywracanie systemu i próba naprawy z płytki nic nie dała. Bardzo proszę o jakieś sugestie. Pracuje na systemie Vista.
  • #2
    Kolobos
    IT specialist
    Tryb awaryjny lub tryb awaryjny z wierszem poleceń też nie działa?
  • #3
    IrasArgor
    Level 9  
    Niestety też nie, pojawia się czarny ekran, i wylogowuje z powrotem do "menu"
  • #4
    Kolobos
    IT specialist
    Uruchom z płyty, wybierz wiersz poleceń i spróbuj wykonać:
    net user administrator /active:yes
    lub:
    net user /add test test
  • #5
    IrasArgor
    Level 9  
    net user administrator /active:yes - bez zmian super admin nic nie zmienił

    wyłączyłem go komendą

    net user administrator /active:no

    net user /add test test - nie można odnaleźć określonego konta użytkownika lub grupy.

    Użytkownik został utworzony pomyślnie, ale nie można dodać go do grupy lokalnej UŻYTKOWNICY
  • #6
    Kolobos
    IT specialist
    Spróbuj przywrócić starszą kopię rejestru:
    http://www.sysnative.com/forums/windows-7-%7C...ackup-in-windows-windows-7-windows-vista.html

    Możesz też przywrócić rejestr z punktu przywracania tak jak to masz opisane tutaj:
    http://www.fixitpc.pl/topic/48-konsola-odzyskiwania-naprawianie-windows/?p=233

    Nie zaszkodzi też jeżeli dasz logi z FRST w załączniku:
    http://www.fixitpc.pl/topic/4414-diagnostyka-infekcji-na-niestartujacych-windows/#entry32551
  • #7
    IrasArgor
    Level 9  
    Kolobos wrote:
    Sprobuj przywrocic starsza kopie rejestru:
    http://www.sysnative.com/forums/windows-7-%7C...ackup-in-windows-windows-7-windows-vista.html

    Mozesz tez przywrocic rejestr z punktu przywracania tak jak to masz opisane tutaj:
    http://www.fixitpc.pl/topic/48-konsola-odzyskiwania-naprawianie-windows/?p=233

    Nie zaszkodzi tez jezeli dasz logi z FRST w zalaczniku:
    http://www.fixitpc.pl/topic/4414-diagnostyka-infekcji-na-niestartujacych-windows/#entry32551


    Mam próbować wszystko na raz czy metodami prób i błędów po kolei ? :)
  • #8
    Kolobos
    IT specialist
    Zacznij od pierwszej metody, następnie przywracanie z punktu. Logi z FRST możesz dać już teraz.
  • #9
    IrasArgor
    Level 9  
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-05-2014
    Ran by SYSTEM on MINWINPC on 08-05-2014 21:46:56
    Running from F:\
    Windows Vista (TM) Home Basic Service Pack 1 (X86) OS Language: Polish
    Internet Explorer Version 9
    Boot Mode: Recovery

    The current controlset is ControlSet001
    ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.


    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-f...utorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
    HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1464536 2013-07-08] (COMODO)
    HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
    HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2569616 2010-07-26] (CANON INC.)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
    HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5110672 2013-09-12] (ESET)
    HKU\Default\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\Default User\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\TEMP(13).Komputer\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\TEMP.Komputer.000\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

    ========================== Services (Whitelisted) =================

    S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
    S2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4801304 2013-07-08] (COMODO)
    S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [127192 2013-06-18] (COMODO)
    S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1337752 2013-09-12] (ESET)
    S2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
    S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2013-12-05] ()
    S3 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [757144 2013-08-16] (Tunngle.net GmbH)
    S2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
    S2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [X]

    ==================== Drivers (Whitelisted) ====================

    S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2014-01-14] ()
    S1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20072 2013-06-18] (COMODO)
    S1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [583448 2013-07-08] (COMODO)
    S1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43216 2013-06-18] (COMODO)
    S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-07-29] (DT Soft Ltd)
    S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET)
    S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
    S2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [122376 2013-09-17] (ESET)
    S1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [85464 2013-06-18] (COMODO)
    S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2014-01-14] ()
    S0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2013-07-29] (Duplex Secure Ltd.)
    S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [27136 2009-09-16] (Tunngle.net)
    S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-05-08 21:46 - 2014-05-08 21:46 - 00000000 ____D () C:\FRST
    2014-05-08 18:58 - 2014-05-08 18:58 - 00024576 _____ () C:\BCD_Backup
    2014-05-08 18:58 - 2014-05-08 18:58 - 00021504 ____H () C:\BCD_Backup.LOG
    2014-05-07 17:52 - 2014-05-07 17:52 - 00000000 ____D () C:\Users\TEMP(13).Komputer\AppData\Local\VirtualStore
    2014-05-07 17:52 - 2014-05-07 17:52 - 00000000 ____D () C:\users\TEMP(13).Komputer
    2014-05-07 17:52 - 2013-09-07 15:59 - 00000000 ____D () C:\Users\TEMP(13).Komputer\AppData\Roaming\Macromedia
    2014-05-06 10:56 - 2014-05-06 10:56 - 00000000 ____D () C:\Users\TEMP.Komputer.000\AppData\Local\VirtualStore
    2014-05-06 10:56 - 2014-05-06 10:56 - 00000000 ____D () C:\users\TEMP.Komputer.000
    2014-05-06 10:56 - 2013-09-07 15:59 - 00000000 ____D () C:\Users\TEMP.Komputer.000\AppData\Roaming\Macromedia
    2014-04-24 18:37 - 2014-04-24 18:37 - 206463478 _____ () C:\Windows\MEMORY.DMP
    2014-04-24 08:08 - 2014-04-24 08:08 - 00388200 _____ () C:\Users\user\Downloads\gg-install.exe
    2014-04-21 18:43 - 2014-05-06 18:47 - 00001642 _____ () C:\Windows\setupact.log
    2014-04-21 18:43 - 2014-04-21 18:43 - 00000000 _____ () C:\Windows\setuperr.log
    2014-04-17 16:08 - 2014-03-08 00:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2014-04-17 16:08 - 2014-03-07 23:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2014-04-17 16:08 - 2014-03-07 23:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2014-04-17 16:08 - 2014-03-07 23:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2014-04-17 16:08 - 2014-03-07 23:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2014-04-17 16:08 - 2014-03-07 23:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2014-04-17 16:08 - 2014-03-07 23:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2014-04-17 16:08 - 2014-03-07 23:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2014-04-17 16:07 - 2014-03-08 00:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2014-04-17 16:07 - 2014-03-08 00:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2014-04-17 16:07 - 2014-03-08 00:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2014-04-17 16:07 - 2014-03-08 00:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2014-04-17 16:07 - 2014-03-08 00:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2014-04-17 16:07 - 2014-03-08 00:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
    2014-04-17 16:07 - 2014-03-07 23:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2014-04-17 16:07 - 2014-03-07 23:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2014-04-17 16:01 - 2014-02-06 02:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
    2014-04-17 10:23 - 2014-04-14 19:05 - 00264616 _____ (Oracle Corporation) C:\Windows\System32\javaws.exe
    2014-04-17 10:22 - 2014-04-17 10:22 - 00004117 _____ () C:\Windows\System32\jupdate-1.7.0_55-b14.log
    2014-04-17 10:22 - 2014-04-14 19:13 - 00094632 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
    2014-04-17 10:22 - 2014-04-14 19:05 - 00175528 _____ (Oracle Corporation) C:\Windows\System32\javaw.exe
    2014-04-17 10:22 - 2014-04-14 19:04 - 00175016 _____ (Oracle Corporation) C:\Windows\System32\java.exe
    2014-04-17 10:01 - 2014-04-17 10:01 - 00000000 ____D () C:\Games
    2014-04-17 09:17 - 2014-04-17 09:17 - 00000000 __SHD () C:\found.002
    2014-04-16 17:39 - 2014-04-16 17:40 - 00000000 ____D () C:\Program Files\Google
    2014-04-16 13:11 - 2014-04-16 13:11 - 00000000 __SHD () C:\found.001
    2014-04-10 17:07 - 2014-04-10 17:07 - 00000000 ____D () C:\Users\user\AppData\Roaming\Wargaming.net
    2014-04-09 12:57 - 2014-04-09 12:57 - 00050500 _____ () C:\Users\user\Downloads\openal32(1).zip
    2014-04-09 11:01 - 2014-04-09 11:01 - 01909564 _____ () C:\Users\user\Downloads\activation.x86.zip
    2014-04-09 10:47 - 2014-04-09 10:47 - 00307432 _____ () C:\Users\user\Downloads\dsj210.zip
    2014-04-09 10:46 - 2014-04-09 10:46 - 20595514 _____ (Lace Mamba Global Ltd. ) C:\Users\user\Downloads\bout_BOXED_VERSION_patch_1_03.exe
    2014-04-09 10:38 - 2014-04-17 09:51 - 00000000 ____D () C:\Users\user\Documents\Book of Unwritten Tales
    2014-04-09 10:37 - 2014-04-09 10:37 - 00050500 _____ () C:\Users\user\Downloads\openal32.zip
    2014-04-09 10:34 - 2014-04-17 09:51 - 00000000 ____D () C:\Program Files\OpenAL

    ==================== One Month Modified Files and Folders =======

    2014-05-08 21:46 - 2014-05-08 21:46 - 00000000 ____D () C:\FRST
    2014-05-08 19:29 - 2013-08-29 19:07 - 00000000 _____ () C:\Windows\System32\Drivers\lvuvc.hs
    2014-05-08 19:29 - 2006-11-02 13:45 - 00003616 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2014-05-08 19:29 - 2006-11-02 13:45 - 00003616 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2014-05-08 18:58 - 2014-05-08 18:58 - 00024576 _____ () C:\BCD_Backup
    2014-05-08 18:58 - 2014-05-08 18:58 - 00021504 ____H () C:\BCD_Backup.LOG
    2014-05-08 18:27 - 2008-01-21 02:38 - 01378254 _____ () C:\Windows\WindowsUpdate.log
    2014-05-08 17:58 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\System32\spool
    2014-05-08 17:58 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\System32\Msdtc
    2014-05-08 17:58 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
    2014-05-08 17:58 - 2006-11-02 11:22 - 32243712 _____ () C:\Windows\System32\config\software_previous
    2014-05-08 17:58 - 2006-11-02 11:22 - 31719424 _____ () C:\Windows\System32\config\system_previous
    2014-05-08 17:56 - 2006-11-02 11:22 - 37224448 _____ () C:\Windows\System32\config\components_previous
    2014-05-08 17:56 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\System32\config\sam_previous
    2014-05-08 17:21 - 2014-04-07 16:26 - 00000000 ____D () C:\ProgramData\ESET
    2014-05-08 17:20 - 2014-04-07 16:26 - 00000000 ____D () C:\Program Files\ESET
    2014-05-08 17:07 - 2006-11-02 13:44 - 00058368 _____ () C:\Windows\System32\umstartup.etl
    2014-05-08 16:52 - 2014-04-07 16:26 - 00000000 ____D () C:\ProgramData\ESET(7)
    2014-05-08 16:50 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\System32\LogFiles
    2014-05-08 16:48 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\System32\config\security_previous
    2014-05-08 16:48 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\System32\config\default_previous
    2014-05-08 16:29 - 2008-01-21 07:21 - 01654506 _____ () C:\Windows\System32\PerfStringBackup.INI
    2014-05-08 16:29 - 2008-01-21 07:20 - 00728314 _____ () C:\Windows\System32\perfh015.dat
    2014-05-08 16:29 - 2008-01-21 07:20 - 00158212 _____ () C:\Windows\System32\perfc015.dat
    2014-05-07 17:52 - 2014-05-07 17:52 - 00000000 ____D () C:\Users\TEMP(13).Komputer\AppData\Local\VirtualStore
    2014-05-07 17:52 - 2014-05-07 17:52 - 00000000 ____D () C:\users\TEMP(13).Komputer
    2014-05-06 18:47 - 2014-04-21 18:43 - 00001642 _____ () C:\Windows\setupact.log
    2014-05-06 10:56 - 2014-05-06 10:56 - 00000000 ____D () C:\Users\TEMP.Komputer.000\AppData\Local\VirtualStore
    2014-05-06 10:56 - 2014-05-06 10:56 - 00000000 ____D () C:\users\TEMP.Komputer.000
    2014-05-05 11:11 - 2014-02-26 21:56 - 00000000 ____D () C:\Windows\Minidump
    2014-04-24 18:37 - 2014-04-24 18:37 - 206463478 _____ () C:\Windows\MEMORY.DMP
    2014-04-24 08:08 - 2014-04-24 08:08 - 00388200 _____ () C:\Users\user\Downloads\gg-install.exe
    2014-04-21 18:43 - 2014-04-21 18:43 - 00000000 _____ () C:\Windows\setuperr.log
    2014-04-17 16:07 - 2013-08-02 04:08 - 00000000 ____D () C:\Windows\System32\MRT
    2014-04-17 16:03 - 2006-11-02 11:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\System32\mrt.exe
    2014-04-17 10:30 - 2014-03-20 10:45 - 00000000 ____D () C:\Program Files\Mozilla Firefox
    2014-04-17 10:30 - 2013-08-08 18:48 - 00000000 ____D () C:\Program Files\Java
    2014-04-17 10:24 - 2013-10-21 07:20 - 00000000 ____D () C:\ProgramData\Oracle
    2014-04-17 10:22 - 2014-04-17 10:22 - 00004117 _____ () C:\Windows\System32\jupdate-1.7.0_55-b14.log
    2014-04-17 10:01 - 2014-04-17 10:01 - 00000000 ____D () C:\Games
    2014-04-17 10:01 - 2013-11-25 17:03 - 00000000 ____D () C:\Windows\System32\directx
    2014-04-17 09:51 - 2014-04-09 10:38 - 00000000 ____D () C:\Users\user\Documents\Book of Unwritten Tales
    2014-04-17 09:51 - 2014-04-09 10:34 - 00000000 ____D () C:\Program Files\OpenAL
    2014-04-17 09:51 - 2013-07-29 06:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\Winamp
    2014-04-17 09:51 - 2013-07-28 21:12 - 00000000 ____D () C:\Users\user\AppData\Roaming\GG
    2014-04-17 09:51 - 2006-11-02 12:18 - 00000000 __RSD () C:\Windows\Media
    2014-04-17 09:17 - 2014-04-17 09:17 - 00000000 __SHD () C:\found.002
    2014-04-17 08:23 - 2013-08-28 06:26 - 00000000 ____D () C:\Users\user\AppData\Roaming\Skype
    2014-04-17 08:23 - 2008-01-21 04:02 - 00020638 _____ () C:\Windows\PFRO.log
    2014-04-16 17:40 - 2014-04-16 17:39 - 00000000 ____D () C:\Program Files\Google
    2014-04-16 17:39 - 2013-08-08 18:56 - 00000000 ____D () C:\Users\user\AppData\Local\Google
    2014-04-16 13:11 - 2014-04-16 13:11 - 00000000 __SHD () C:\found.001
    2014-04-15 16:22 - 2013-07-29 08:27 - 00000000 ____D () C:\Users\user\AppData\Roaming\BitComet
    2014-04-14 19:13 - 2014-04-17 10:22 - 00094632 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
    2014-04-14 19:05 - 2014-04-17 10:23 - 00264616 _____ (Oracle Corporation) C:\Windows\System32\javaws.exe
    2014-04-14 19:05 - 2014-04-17 10:22 - 00175528 _____ (Oracle Corporation) C:\Windows\System32\javaw.exe
    2014-04-14 19:04 - 2014-04-17 10:22 - 00175016 _____ (Oracle Corporation) C:\Windows\System32\java.exe
    2014-04-10 17:07 - 2014-04-10 17:07 - 00000000 ____D () C:\Users\user\AppData\Roaming\Wargaming.net
    2014-04-09 18:25 - 2013-11-03 14:18 - 00019200 _____ () C:\Users\user\Desktop\CV miki.odt
    2014-04-09 12:57 - 2014-04-09 12:57 - 00050500 _____ () C:\Users\user\Downloads\openal32(1).zip
    2014-04-09 11:01 - 2014-04-09 11:01 - 01909564 _____ () C:\Users\user\Downloads\activation.x86.zip
    2014-04-09 10:47 - 2014-04-09 10:47 - 00307432 _____ () C:\Users\user\Downloads\dsj210.zip
    2014-04-09 10:46 - 2014-04-09 10:46 - 20595514 _____ (Lace Mamba Global Ltd. ) C:\Users\user\Downloads\bout_BOXED_VERSION_patch_1_03.exe
    2014-04-09 10:37 - 2014-04-09 10:37 - 00050500 _____ () C:\Users\user\Downloads\openal32.zip

    Some content of TEMP:
    ====================
    C:\Users\user\AppData\Local\Temp\drm_dialogs.dll
    C:\Users\user\AppData\Local\Temp\drm_dyndata_7370008.dll
    C:\Users\user\AppData\Local\Temp\ggdrive-menu.exe
    C:\Users\user\AppData\Local\Temp\ggdrive-overlay.exe
    C:\Users\user\AppData\Local\Temp\installstats.exe
    C:\Users\user\AppData\Local\Temp\InstHelper.exe
    C:\Users\user\AppData\Local\Temp\_is37E.exe
    C:\Users\user\AppData\Local\Temp\_is5587.exe
    C:\Users\user\AppData\Local\Temp\_is609C.exe
    C:\Users\user\AppData\Local\Temp\_is79C9.exe
    C:\Users\user\AppData\Local\Temp\_is8167.exe
    C:\Users\user\AppData\Local\Temp\_is84AD.exe
    C:\Users\user\AppData\Local\Temp\_is8626.exe
    C:\Users\user\AppData\Local\Temp\_is9BB5.exe
    C:\Users\user\AppData\Local\Temp\_isA8B5.exe
    C:\Users\user\AppData\Local\Temp\_isB275.exe
    C:\Users\user\AppData\Local\Temp\_isC085.exe
    C:\Users\user\AppData\Local\Temp\_isC4CB.exe
    C:\Users\user\AppData\Local\Temp\_isF281.exe
    C:\Users\user\AppData\Local\Temp\_isF899.exe


    ==================== Known DLLs (Whitelisted) ============


    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== Restore Points =========================


    ==================== Memory info ===========================

    Percentage of memory in use: 19%
    Total physical RAM: 2046.83 MB
    Available physical RAM: 1651.68 MB
    Total Pagefile: 1854.77 MB
    Available Pagefile: 1705.21 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1971.02 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:97.66 GB) (Free:20.34 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive d: () (Fixed) (Total:498.51 GB) (Free:292.02 GB) NTFS
    Drive e: (FRMCFRE_PL_DVD) (CDROM) (Total:2.79 GB) (Free:0 GB) UDF
    Drive f: () (Removable) (Total:1.85 GB) (Free:1.85 GB) FAT32
    Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: F44E4F17)
    Partition 1: (Active) - (Size=98 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=499 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (Size: 2 GB) (Disk ID: 00D9A1AF)
    Partition 1: (Active) - (Size=2 GB) - (Type=0B)


    LastRegBack: 2014-05-08 16:39

    ==================== End Of Log ============================
  • #10
    Kolobos
    IT specialist
    Użyj ZMIEŃ i daj log w ZAŁĄCZNIKU, razem z Addition.txt o ile powstał.