Skocz do zawartości

PhoeeeniX

Stały użytkownik
 Pokaż profil  Zobacz aktywność

  • Postów

    131

  • Dołączył

  • Ostatnia wizyta

 Typ zawartości 

Treść opublikowana przez PhoeeeniX

  1. PhoeeeniX
    ale znaju ale źle hasło wpisywałem tzw. " sub na txt " I tylko odwrotnie mi wyświetlało to znaczy " txt na sub", ale dzięki wielkie i sory za moją gafe bo znalazłem jeden topic na forum Divx, sprawdze czy to zadziała. NO i D*PA, dalej nie moge przekonwertować, może coś źle robie a, może jakieś nappisy ściągnołem złe. Może mi ktoś powiedzieć jak to zorbić w konkrentym programie, bo np. w subripie to mi wyswietla że złe napisy.
  2. PhoeeeniX
    Witam! Mam taki problemik, ponieważ mam napsiy w formacie SUB oraz IDX ( ściągnięte wraz z filmem z osloskop), ale niestety SubEdit (ani ALLPlayer) ich nie odtwarza, próbowałem przekonwertować je na różne sposoby, ale niestety nie idzie (próbowałem SubRip, Subtitle Workshop) i nic. W subtitle Workshop w sumie mógłbym oglądać bo odtwarza ładnie napisy ale w małym okienku ( nie da rady zmaksymalizować okna z filmem ) Jeżeli ktoś byłby w stanie pomóc proszę o odpowidź. W AllPlayer wyskakuje błąd, że błedne foramt napisów :(
  3. PhoeeeniX
    OK dzięki, będe pamiętał na przyszłość.
  4. PhoeeeniX
    A więc tak. Nie wiem czy posiadam najnowszego Combofixa. Zastosowałem twoje instrukcje ale: Avenger przy usuwaniu wyrzucił taki bład ( to juz było w safemode, wczensiej zrobilem to w normlanym trybie i chyba usunął plik system.exe ) : Syntax error in line --- does not appear to be a valid registry path. Line will be ignored. Pliku C:\Windows\system.exe nie mam ale w rejestrze mam to co wskazałeś i moge usunąć ręcznie ale nie usuwałem. Nie rozumiem czemu mam to usuwać teraz jak wcześniej kolega mi zrobił wpis do rejestru właśnie z tym ? Pliku ati2evxx.exe w tym katalogu C:\PROGRA~1\COMMON~1\SSTEM3~1\ati2evxx.exe nie istnieje. Mam taki ale w katalogu sterowników Omega od karty więc to raczej w porządku jest plik. Aha szukałem tego pliku i znalazłem taki tylko że z rozszrzeniem VIR więc go usunołem. W common files nie mam żadnego folderu z ? ale dla pewności masz screena. CLICK ! Wszytsko OK ?No i co z tym dźwiękiem zrobić bo mnei powoli denerwuje słuchanie radiosatcji w kółko hehe 8O
  5. PhoeeeniX
    I jak już jestem healthy ?? Chamskie te syfy trojany widze że trzeba aż tak usuwać. Jeszcze raz dzięki że pomagasz bo sam bym nic nie zrobił raczej 8O ComboFix 07-06-11.3 - C:\Documents and Settings\PhoeniX\Pulpit\ComboFix.exe "PhoeniX" - 2007-06-17 10:48:07 - Dodatek Service Pack 2 NTFS ((((((((((((((((((((((((( Files Created from 2007-05-17 to 2007-06-17 ))))))))))))))))))))))))))))))) 2007-06-15 18:27 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-12 17:46 <DIR> d-------- C:\Program Files\Enigma Software Group 2007-06-11 20:30 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-06-11 20:23 <DIR> d-------- C:\DOCUME~1\ADMINI~1\DANEAP~1\Talkback 2007-06-11 20:22 <DIR> dr-h----- C:\DOCUME~1\ADMINI~1\Dane aplikacji 2007-06-11 20:22 <DIR> dr------- C:\DOCUME~1\ADMINI~1\Menu Start 2007-06-11 20:22 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Szablony 2007-06-11 20:22 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Ulubione 2007-06-11 20:22 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Pulpit 2007-06-11 20:22 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Moje dokumenty 2007-06-11 20:21 786,432 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT 2007-06-11 20:21 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Ustawienia lokalne 2007-06-11 19:05 <DIR> d-------- C:\WINDOWS\system32\Lang 2007-06-10 15:21 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe 2007-06-10 15:21 <DIR> d-------- C:\Program Files\Realtek Sound Manager 2007-06-10 15:21 <DIR> d-------- C:\Program Files\AvRack 2007-06-10 15:20 577,536 --a------ C:\WINDOWS\soundman.exe 2007-06-10 15:20 4,019,072 --a------ C:\WINDOWS\system32\drivers\alcxwdm.sys 2007-06-10 15:20 315,392 --a------ C:\WINDOWS\alcupd.exe 2007-06-10 15:20 217,088 --a------ C:\WINDOWS\Alcrmv.exe 2007-06-10 15:20 143,360 --a------ C:\WINDOWS\system32\RtlCPAPI.dll 2007-06-10 15:20 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe 2007-06-10 15:20 <DIR> d-------- C:\Program Files\Realtek AC97 2007-06-09 17:52 12,800 -ra------ C:\WINDOWS\system32\WING32.DLL 2007-06-08 12:57 75,264 --a------ C:\WINDOWS\system32\unacev2.dll 2007-06-08 12:57 3,440 --a------ C:\WINDOWS\undo.reg 2007-06-08 12:57 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll 2007-06-07 14:58 81,920 --a------ C:\DOCUME~1\PhoeniX\DANEAP~1\ezpinst.exe 2007-06-07 14:58 <DIR> d-------- C:\Program Files\vso 2007-06-07 14:07 92,208 -ra------ C:\WINDOWS\system32\WING.DLL 2007-06-07 13:53 87,608 --a------ C:\DOCUME~1\PhoeniX\DANEAP~1\inst.exe 2007-06-07 13:53 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys 2007-06-07 13:53 47,360 --a------ C:\DOCUME~1\PhoeniX\DANEAP~1\pcouffin.sys 2007-06-07 13:53 <DIR> d-------- C:\DOCUME~1\PhoeniX\DANEAP~1\Vso 2007-06-07 12:07 <DIR> d-------- C:\WINDOWS\system32\NtmsData 2007-05-27 11:02 <DIR> d-------- C:\Program Files\WinPcap (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-17 08:34:03 74,694 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-06-17 08:34:03 453,808 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-06-17 08:30:32 -------- d-----w C:\Program Files\Mozilla Thunderbird 2007-06-12 15:40:20 -------- d-----w C:\Program Files\Yahoo! 2007-06-10 21:08:58 -------- d-----w C:\DOCUME~1\PhoeniX\DANEAP~1\Skype 2007-06-10 13:20:47 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-05-05 09:16:35 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-04-27 16:35:05 -------- d-----w C:\DOCUME~1\PhoeniX\DANEAP~1\AdobeUM 2007-04-21 12:25:34 -------- d-----w C:\Program Files\SkanerOnline ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AtiPTA"="atiptaxx.exe" [2005-11-23 02:05 C:\WINDOWS\system32\atiptaxx.exe] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-05-06 11:31] "zBrowser Launcher"="F:\Logitech\iTouch\iTouch.exe" [2004-03-18 10:33] "SoundMan"="SOUNDMAN.EXE" [2006-08-03 05:12 C:\WINDOWS\soundman.exe] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-15 18:18] "SpyHunter"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe" [2007-04-26 19:03] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [] "NBJ"="F:\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 18:25] "Ortd"="C:\PROGRA~1\COMMON~1\SSTEM3~1\ati2evxx.exe" [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] "wlnlogon"=C:\WINDOWS\System.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 14:29] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^PhoeniX^Menu Start^Programy^Autostart^Adobe Gamma.lnk] path=C:\Documents and Settings\PhoeniX\Menu Start\Programy\Autostart\Adobe Gamma.lnk backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033] "F:\D-Tools\daemon.exe" -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kav] "F:\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner] F:\Trojan Remover\Trjscan.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4aace37e-0e15-11dc-b7c0-000e2e8c2dde}] AutoRun\command- K:\.\Recycled\Driveinfo.exe Open\Command- K:\.\Recycled\Driveinfo.exe ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-17 10:49:04 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-17 10:49:31 C:\ComboFix-quarantined-files.txt ... 2007-06-17 10:49 C:\ComboFix2.txt ... 2007-06-15 18:28 C:\ComboFix3.txt ... 2007-06-13 22:19 --- E O F ---
  6. PhoeeeniX
    Avenger pliki usunął a folderów nie. ZMienil sie log bo potem dałem jescze raz zeby usunał tylko foldery. Jescze co z tymy folderami zrobic ? LOGI: Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\npvckdec ******************* Script file located at: \??\C:\lgjkjchp.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Could not open folder C:\WINDOWS\?icrosoft for deletion Deletion of folder C:\WINDOWS\?icrosoft failed! Could not process line: C:\WINDOWS\?icrosoft Status: 0xc0000033 Could not open folder C:\WINDOWS\??mbols for deletion Deletion of folder C:\WINDOWS\??mbols failed! Could not process line: C:\WINDOWS\??mbols Status: 0xc0000033 Completed script processing. ******************* Finished! Terminate. ComboFix 07-06-11.3 - C:\Documents and Settings\PhoeniX\Pulpit\ComboFix.exe "PhoeniX" - 2007-06-15 18:27:22 - Dodatek Service Pack 2 NTFS ((((((((((((((((((((((((( Files Created from 2007-05-15 to 2007-06-15 ))))))))))))))))))))))))))))))) 2007-06-15 18:27 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-12 17:46 <DIR> d-------- C:\Program Files\Enigma Software Group 2007-06-11 20:30 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-06-11 20:23 <DIR> d-------- C:\DOCUME~1\ADMINI~1\DANEAP~1\Talkback 2007-06-11 20:22 <DIR> dr-h----- C:\DOCUME~1\ADMINI~1\Dane aplikacji 2007-06-11 20:22 <DIR> dr------- C:\DOCUME~1\ADMINI~1\Menu Start 2007-06-11 20:22 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Szablony 2007-06-11 20:22 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Ulubione 2007-06-11 20:22 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Pulpit 2007-06-11 20:22 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Moje dokumenty 2007-06-11 20:21 786,432 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT 2007-06-11 20:21 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Ustawienia lokalne 2007-06-11 19:05 <DIR> d-------- C:\WINDOWS\system32\Lang 2007-06-10 15:21 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe 2007-06-10 15:21 <DIR> d-------- C:\Program Files\Realtek Sound Manager 2007-06-10 15:21 <DIR> d-------- C:\Program Files\AvRack 2007-06-10 15:20 577,536 --a------ C:\WINDOWS\soundman.exe 2007-06-10 15:20 4,019,072 --a------ C:\WINDOWS\system32\drivers\alcxwdm.sys 2007-06-10 15:20 315,392 --a------ C:\WINDOWS\alcupd.exe 2007-06-10 15:20 217,088 --a------ C:\WINDOWS\Alcrmv.exe 2007-06-10 15:20 143,360 --a------ C:\WINDOWS\system32\RtlCPAPI.dll 2007-06-10 15:20 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe 2007-06-10 15:20 <DIR> d-------- C:\Program Files\Realtek AC97 2007-06-09 17:52 12,800 -ra------ C:\WINDOWS\system32\WING32.DLL 2007-06-08 12:57 75,264 --a------ C:\WINDOWS\system32\unacev2.dll 2007-06-08 12:57 3,440 --a------ C:\WINDOWS\undo.reg 2007-06-08 12:57 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll 2007-06-07 14:58 81,920 --a------ C:\DOCUME~1\PhoeniX\DANEAP~1\ezpinst.exe 2007-06-07 14:58 <DIR> d-------- C:\Program Files\vso 2007-06-07 14:07 92,208 -ra------ C:\WINDOWS\system32\WING.DLL 2007-06-07 13:53 87,608 --a------ C:\DOCUME~1\PhoeniX\DANEAP~1\inst.exe 2007-06-07 13:53 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys 2007-06-07 13:53 47,360 --a------ C:\DOCUME~1\PhoeniX\DANEAP~1\pcouffin.sys 2007-06-07 13:53 <DIR> d-------- C:\DOCUME~1\PhoeniX\DANEAP~1\Vso 2007-06-07 12:07 <DIR> d-------- C:\WINDOWS\system32\NtmsData 2007-05-27 11:02 <DIR> d-------- C:\Program Files\WinPcap (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-15 16:21:06 74,694 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-06-15 16:21:06 453,808 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-06-15 16:09:26 -------- d-----w C:\Program Files\Mozilla Thunderbird 2007-06-12 15:40:20 -------- d-----w C:\Program Files\Yahoo! 2007-06-10 21:08:58 -------- d-----w C:\DOCUME~1\PhoeniX\DANEAP~1\Skype 2007-06-10 13:20:47 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-05-05 09:16:35 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-04-27 16:35:05 -------- d-----w C:\DOCUME~1\PhoeniX\DANEAP~1\AdobeUM 2007-04-21 12:25:34 -------- d-----w C:\Program Files\SkanerOnline 2007-03-15 10:23:16 497,496 ----a-w C:\WINDOWS\system32\XceedZip.dll 2007-03-15 10:19:58 526,184 ----a-w C:\WINDOWS\system32\XceedCry.dll 2007-03-15 10:00:36 466,432 ----a-w C:\WINDOWS\system32\SkanerOnline.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AtiPTA"="atiptaxx.exe" [2005-11-23 02:05 C:\WINDOWS\system32\atiptaxx.exe] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-05-06 11:31] "zBrowser Launcher"="F:\Logitech\iTouch\iTouch.exe" [2004-03-18 10:33] "SoundMan"="SOUNDMAN.EXE" [2006-08-03 05:12 C:\WINDOWS\soundman.exe] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-15 18:18] "SpyHunter"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe" [2007-04-26 19:03] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [] "NBJ"="F:\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 18:25] "Ortd"="C:\PROGRA~1\COMMON~1\SSTEM3~1\ati2evxx.exe" [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] "wlnlogon"=C:\WINDOWS\System.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 14:29] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^PhoeniX^Menu Start^Programy^Autostart^Adobe Gamma.lnk] path=C:\Documents and Settings\PhoeniX\Menu Start\Programy\Autostart\Adobe Gamma.lnk backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033] "F:\D-Tools\daemon.exe" -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kav] "F:\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner] F:\Trojan Remover\Trjscan.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4aace37e-0e15-11dc-b7c0-000e2e8c2dde}] AutoRun\command- K:\.\Recycled\Driveinfo.exe Open\Command- K:\.\Recycled\Driveinfo.exe ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-15 18:28:15 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-15 18:28:35 C:\ComboFix-quarantined-files.txt ... 2007-06-15 18:28 C:\ComboFix2.txt ... 2007-06-13 22:19 --- E O F --- "Silent Runners.vbs", revision R50, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ "wlnlogon" = "C:\WINDOWS\System.exe" [file not found] HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS] "MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = ""C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"" [file not found] "NBJ" = ""F:\Ahead\Nero BackItUp\NBJ.exe"" ["Ahead Software AG"] "Ortd" = ""C:\PROGRA~1\COMMON~1\SSTEM3~1\ati2evxx.exe" -vt ndrv" [file not found] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "AtiPTA" = "atiptaxx.exe" ["ATI Technologies, Inc."] "SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"" ["Sun Microsystems, Inc."] "QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."] "zBrowser Launcher" = "F:\Logitech\iTouch\iTouch.exe" ["Logitech Inc."] "SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."] "!AVG Anti-Spyware" = ""C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized" ["GRISOFT s.r.o."] "SpyHunter" = "C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe" ["Enigma Software Group Inc."] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...CLSID} = "Adobe PDF Reader Link Helper" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania" -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania" \InProcServer32\(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "F:\WinRAR\rarext.dll" [null data] Logfile of HijackThis v1.99.1 Scan saved at 18:26:57, on 2007-06-15 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe F:\Logitech\iTouch\iTouch.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe F:\FinePixViewer\QuickDCF2.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe F:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe F:\Konnekt\konnekt.exe C:\WINDOWS\system32\svchost.exe f:\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\PhoeniX\Pulpit\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [zBrowser Launcher] F:\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [spyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [NBJ] "F:\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [Ortd] "C:\PROGRA~1\COMMON~1\SSTEM3~1\ati2evxx.exe" -vt ndrv O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Exif Launcher 2.lnk = ? O4 - Global Startup: Image Transfer.lnk = ? O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://F:\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: PacificPoker - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - F:\PACIFI~1\pacificpoker.exe O16 - DPF: {5A09E43F-A0A7-4ABF-AF80-11367CF1DC8F} (MainControl Class) - http://mks.com.pl/skaner/SkanerOnline.cab O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5EE64A38-F284-44A1-AD61-EB19F1E1A595}: NameServer = 194.204.159.1,194.204.152.34 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - F:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - f:\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - F:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
  7. PhoeeeniX
    ojj widze że pełno syfu miałem, dzięki za twój czas z góry 8O Wsyztsko zrobiłem, ale po usunięciu plików a Avenger, dałem to zielone swiatelko nad lupą lecz wystapil nastepujacy bład: Selected file does not appear to be a valid script. Co jest źle ? LOGI: Logfile of HijackThis v1.99.1 Scan saved at 22:10:12, on 2007-06-13 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe F:\Logitech\iTouch\iTouch.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\ctfmon.exe F:\FinePixViewer\QuickDCF2.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe F:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\svchost.exe f:\pinnacle\shared files\programs\mediaserver\pmshost.exe F:\Konnekt\konnekt.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\PhoeniX\Pulpit\wwdc.exe C:\Documents and Settings\PhoeniX\Pulpit\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [zBrowser Launcher] F:\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [spyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [NBJ] "F:\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [Ortd] "C:\PROGRA~1\COMMON~1\SSTEM3~1\ati2evxx.exe" -vt ndrv O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Exif Launcher 2.lnk = ? O4 - Global Startup: Image Transfer.lnk = ? O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://F:\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: PacificPoker - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - F:\PACIFI~1\pacificpoker.exe O16 - DPF: {5A09E43F-A0A7-4ABF-AF80-11367CF1DC8F} (MainControl Class) - http://mks.com.pl/skaner/SkanerOnline.cab O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5EE64A38-F284-44A1-AD61-EB19F1E1A595}: NameServer = 194.204.159.1,194.204.152.34 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - F:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - f:\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - F:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) "Silent Runners.vbs", revision R50, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ "wlnlogon" = "C:\WINDOWS\System.exe" [file not found] HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS] "MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = ""C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"" [file not found] "NBJ" = ""F:\Ahead\Nero BackItUp\NBJ.exe"" ["Ahead Software AG"] "Ortd" = ""C:\PROGRA~1\COMMON~1\SSTEM3~1\ati2evxx.exe" -vt ndrv" [file not found] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "AtiPTA" = "atiptaxx.exe" ["ATI Technologies, Inc."] "SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"" ["Sun Microsystems, Inc."] "QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."] "zBrowser Launcher" = "F:\Logitech\iTouch\iTouch.exe" ["Logitech Inc."] "SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."] "!AVG Anti-Spyware" = ""C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized" ["GRISOFT s.r.o."] "SpyHunter" = "C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe" ["Enigma Software Group Inc."] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...CLSID} = "Adobe PDF Reader Link Helper" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania" -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania" \InProcServer32\(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "F:\WinRAR\rarext.dll" [null data] "{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler" -> {HKLM...CLSID} = "Microsoft Office Outlook" \InProcServer32\(Default) = "F:\MICROS~1\OFFICE11\MLSHEXT.DLL" [MS] "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler" -> {HKLM...CLSID} = "Rozszerzenie ikon plików programu Outlook" \InProcServer32\(Default) = "F:\MICROS~1\OFFICE11\OLKFSTUB.DLL" [MS] "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "F:\Microsoft Office\OFFICE11\msohev.dll" [MS] "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player" -> {HKLM...CLSID} = "RealOne Player Context Menu Class" \InProcServer32\(Default) = "C:\Program Files\Real Player\rpshell.dll" ["RealNetworks, Inc."] "{79BC0345-1015-11D2-A299-006008312725}" = "blue.shell" -> {HKLM...CLSID} = "Studio.Project" \InProcServer32\(Default) = "F:\Pinnacle\Studio 10\programs\BlueShellExt.dll" [null data] "{A5110426-177D-4e08-AB3F-785F10B4439C}" = "Sony Ericsson File Manager" -> {HKLM...CLSID} = "Sony Ericsson File Manager" \InProcServer32\(Default) = "C:\Program Files\Sony Ericsson\Mobile\File Manager\fmgrgui.dll" ["Sony Ericsson Mobile Communications AB"] "{52B87208-9CCF-42C9-B88E-069281105805}" = "Trojan Remover Shell Extension" -> {HKLM...CLSID} = "Trojan Remover Shell Extension" \InProcServer32\(Default) = "F:\TROJAN~1\Trshlex.dll" ["Simply Super Software"] "{46E22146-59C0-4136-9233-FB7720E777B2}" = "EzCddax extension" -> {HKLM...CLSID} = "EzCddax Class" \InProcServer32\(Default) = "F:\Easy CD-DA Extractor 10\ezcddax10.dll" [null data] "{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu" -> {HKLM...CLSID} = "Portable Media Devices Menu" \InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\ <<!>> "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" = "AVG Anti-Spyware 7.5" -> {HKLM...CLSID} = "CShellExecuteHookImpl Object" \InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" ["GRISOFT s.r.o."] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ <<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."] HKLM\Software\Classes\PROTOCOLS\Filter\ <<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS] HKLM\Software\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info" -> {HKLM...CLSID} = "PDF Shell Extension" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."] HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ AVG Anti-Spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}" -> {HKLM...CLSID} = "CContextScan Object" \InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll" ["GRISOFT s.r.o."] EzCddax\(Default) = "{46E22146-59C0-4136-9233-FB7720E777B2}" -> {HKLM...CLSID} = "EzCddax Class" \InProcServer32\(Default) = "F:\Easy CD-DA Extractor 10\ezcddax10.dll" [null data] MyPhoneExplorer\(Default) = "{2D30AAA2-9084-4686-B8B9-B9B62EEFFD4E}" -> {HKLM...CLSID} = "MyPhoneExplorer_ShellEx.ShellExt" \InProcServer32\(Default) = "F:\MyPhoneExplorer\DLL\ShellMgr.dll" ["F.J. Wechselberger"] Trojan Remover\(Default) = "{52B87208-9CCF-42C9-B88E-069281105805}" -> {HKLM...CLSID} = "Trojan Remover Shell Extension" \InProcServer32\(Default) = "F:\TROJAN~1\Trshlex.dll" ["Simply Super Software"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "F:\WinRAR\rarext.dll" [null data] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ AVG Anti-Spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}" -> {HKLM...CLSID} = "CContextScan Object" \InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll" ["GRISOFT s.r.o."] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "F:\WinRAR\rarext.dll" [null data] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ Trojan Remover\(Default) = "{52B87208-9CCF-42C9-B88E-069281105805}" -> {HKLM...CLSID} = "Trojan Remover Shell Extension" \InProcServer32\(Default) = "F:\TROJAN~1\Trshlex.dll" ["Simply Super Software"] WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "F:\WinRAR\rarext.dll" [null data] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\ "DisableRegistryTools" = (REG_DWORD) hex:0x00000000 {User Configuration|Administrative Templates|System| Prevent access to registry editing tools} HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ "shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} "undockwithoutlogon" = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ "Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp" Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ "Wallpaper" = "C:\Documents and Settings\PhoeniX\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp" Startup items in "PhoeniX" & "All Users" startup folders: --------------------------------------------------------- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart "Adobe Reader Speed Launch" -> shortcut to: "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"] "Exif Launcher 2" -> shortcut to: "F:\FinePixViewer\QuickDCF2.exe" ["FUJI PHOTO FILM CO., LTD."] "Image Transfer" -> shortcut to: "F:\Sony Corporation\Image Transfer\SonyTray.exe" [file not found] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 19 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Explorer Bars HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\ HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Badanie" Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = "F:\MICROS~1\OFFICE11\REFIEBAR.DLL" [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ "MenuText" = "Sun Java Console" "CLSIDExtension" = "{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}" -> {HKCU...CLSID} = "Java Plug-in 1.6.0_01" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."] -> {HKLM...CLSID} = "Java Plug-in 1.6.0_01" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll" ["Sun Microsystems, Inc."] {94EDF7B4-4272-4AF3-8F8B-4E2F68E225B7}\ "ButtonText" = "PacificPoker" "Exec" = "F:\PACIFI~1\pacificpoker.exe" ["Cassava Ent."] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."] AVG Anti-Spyware Guard, AVG Anti-Spyware Guard, "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe" ["GRISOFT s.r.o."] B's Recorder GOLD Library General Service, bgsvcgen, "C:\WINDOWS\system32\bgsvcgen.exe" ["B.H.A Corporation"] LightScribeService Direct Disc Labeling Service, LightScribeService, ""C:\Program Files\Common Files\LightScribe\LSSrvc.exe"" ["Hewlett-Packard Company"] MSSQL$PINNACLESYS, MSSQL$PINNACLESYS, ""F:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS" [MS] Pinnacle Systems Media Service, PinnacleSys.MediaServer, "f:\pinnacle\shared files\programs\mediaserver\pmshost.exe" [null data] Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ hpzlnt05\Driver = "hpzlnt05.dll" ["HP"] Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS] ---------- <<!>>: Suspicious data at a malware launch point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points, use the -supp parameter or answer "No" at the first message box and "Yes" at the second message box. ---------- (total run time: 47 seconds, including 4 seconds for message boxes) ComboFix 07-06-11.3 - C:\Documents and Settings\PhoeniX\Pulpit\ComboFix.exe "PhoeniX" - 2007-06-13 22:17:56 - Dodatek Service Pack 2 NTFS ((((((((((((((((((((((((( Files Created from 2007-05-13 to 2007-06-13 ))))))))))))))))))))))))))))))) 2007-06-13 16:20 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-06-13 16:20 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-06-13 16:20 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-06-13 16:20 2,138 --a------ C:\WINDOWS\system32\tmp.reg 2007-06-12 17:50 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-12 17:46 <DIR> d-------- C:\Program Files\Enigma Software Group 2007-06-11 20:30 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-06-11 20:23 <DIR> d-------- C:\DOCUME~1\ADMINI~1\DANEAP~1\Talkback 2007-06-11 20:22 <DIR> dr-h----- C:\DOCUME~1\ADMINI~1\Dane aplikacji 2007-06-11 20:22 <DIR> dr------- C:\DOCUME~1\ADMINI~1\Menu Start 2007-06-11 20:22 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Szablony 2007-06-11 20:22 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Ulubione 2007-06-11 20:22 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Pulpit 2007-06-11 20:22 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Moje dokumenty 2007-06-11 20:21 786,432 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT 2007-06-11 20:21 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Ustawienia lokalne 2007-06-11 19:05 <DIR> d-------- C:\WINDOWS\system32\Lang 2007-06-10 15:21 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe 2007-06-10 15:21 <DIR> d-------- C:\Program Files\Realtek Sound Manager 2007-06-10 15:21 <DIR> d-------- C:\Program Files\AvRack 2007-06-10 15:20 577,536 --a------ C:\WINDOWS\soundman.exe 2007-06-10 15:20 4,019,072 --a------ C:\WINDOWS\system32\drivers\alcxwdm.sys 2007-06-10 15:20 315,392 --a------ C:\WINDOWS\alcupd.exe 2007-06-10 15:20 217,088 --a------ C:\WINDOWS\Alcrmv.exe 2007-06-10 15:20 143,360 --a------ C:\WINDOWS\system32\RtlCPAPI.dll 2007-06-10 15:20 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe 2007-06-10 15:20 <DIR> d-------- C:\Program Files\Realtek AC97 2007-06-09 17:52 12,800 -ra------ C:\WINDOWS\system32\WING32.DLL 2007-06-08 12:57 75,264 --a------ C:\WINDOWS\system32\unacev2.dll 2007-06-08 12:57 3,440 --a------ C:\WINDOWS\undo.reg 2007-06-08 12:57 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll 2007-06-07 14:58 81,920 --a------ C:\DOCUME~1\PhoeniX\DANEAP~1\ezpinst.exe 2007-06-07 14:58 <DIR> d-------- C:\Program Files\vso 2007-06-07 14:07 92,208 -ra------ C:\WINDOWS\system32\WING.DLL 2007-06-07 13:53 87,608 --a------ C:\DOCUME~1\PhoeniX\DANEAP~1\inst.exe 2007-06-07 13:53 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys 2007-06-07 13:53 47,360 --a------ C:\DOCUME~1\PhoeniX\DANEAP~1\pcouffin.sys 2007-06-07 13:53 <DIR> d-------- C:\DOCUME~1\PhoeniX\DANEAP~1\Vso 2007-06-07 12:07 <DIR> d-------- C:\WINDOWS\system32\NtmsData 2007-06-03 20:51 71,680 --a------ C:\WINDOWS\g21546875.exe 2007-06-03 20:29 71,680 --a------ C:\WINDOWS\g20218875.exe 2007-06-03 20:07 71,680 --a------ C:\WINDOWS\g18907718.exe 2007-06-03 19:45 71,680 --a------ C:\WINDOWS\g17579984.exe 2007-06-03 19:23 71,680 --a------ C:\WINDOWS\g16257156.exe 2007-06-03 19:03 71,680 --a------ C:\WINDOWS\g15056671.exe 2007-06-03 15:25 71,680 --a------ C:\WINDOWS\g1972609.exe 2007-06-03 14:55 71,680 --a------ C:\WINDOWS\g172625.exe 2007-06-03 10:41 71,680 --a------ C:\WINDOWS\g293906.exe 2007-06-02 21:20 71,680 --a------ C:\WINDOWS\g22524062.exe 2007-06-02 19:50 71,680 --a------ C:\WINDOWS\g17112234.exe 2007-06-02 19:28 71,680 --a------ C:\WINDOWS\g15791984.exe 2007-06-02 19:08 71,680 --a------ C:\WINDOWS\g14591968.exe 2007-06-02 18:46 71,680 --a------ C:\WINDOWS\g13268812.exe 2007-06-02 18:24 71,680 --a------ C:\WINDOWS\g11947546.exe 2007-06-02 18:02 71,680 --a------ C:\WINDOWS\g10625703.exe 2007-06-02 17:40 71,680 --a------ C:\WINDOWS\g9307359.exe 2007-06-02 17:18 206 --a------ C:\WINDOWS\g7982234.exe 2007-06-02 14:12 206 --a------ C:\WINDOWS\g5490046.exe 2007-06-02 13:50 206 --a------ C:\WINDOWS\g4169718.exe 2007-06-02 13:28 206 --a------ C:\WINDOWS\g2849437.exe 2007-06-02 13:06 206 --a------ C:\WINDOWS\g1529093.exe 2007-06-02 12:44 206 --a------ C:\WINDOWS\g208734.exe 2007-06-01 19:43 206 --a------ C:\WINDOWS\g14707406.exe 2007-06-01 15:41 206 --a------ C:\WINDOWS\g175125.exe 2007-06-01 12:07 206 --a------ C:\WINDOWS\g1973812.exe 2007-06-01 11:37 206 --a------ C:\WINDOWS\g174015.exe 2007-05-31 20:51 206 --a------ C:\WINDOWS\g174828.exe 2007-05-31 15:25 206 --a------ C:\WINDOWS\g296171.exe 2007-05-30 17:45 206 --a------ C:\WINDOWS\g7084203.exe 2007-05-30 13:43 206 --a------ C:\WINDOWS\g1853062.exe 2007-05-30 13:15 206 --a------ C:\WINDOWS\g173000.exe 2007-05-29 22:22 206 --a------ C:\WINDOWS\g6915515.exe 2007-05-29 18:03 206 --a------ C:\WINDOWS\g1735765.exe 2007-05-29 13:43 206 --a------ C:\WINDOWS\g1853140.exe 2007-05-29 13:15 206 --a------ C:\WINDOWS\g172828.exe 2007-05-28 20:13 206 --a------ C:\WINDOWS\g297312.exe 2007-05-28 14:37 206 --a------ C:\WINDOWS\g294265.exe 2007-05-27 23:00 206 --a------ C:\WINDOWS\g1861140.exe 2007-05-27 14:10 206 --a------ C:\WINDOWS\g14720468.exe 2007-05-27 11:02 <DIR> d-------- C:\Program Files\WinPcap 2007-05-27 10:38 206 --a------ C:\WINDOWS\g1972546.exe 2007-05-27 10:08 206 --a------ C:\WINDOWS\g172593.exe 2007-05-26 20:45 206 --a------ C:\WINDOWS\g2709296.exe 2007-05-26 20:25 206 --a------ C:\WINDOWS\g1498359.exe 2007-05-26 20:05 206 --a------ C:\WINDOWS\g292562.exe 2007-05-26 16:11 206 --a------ C:\WINDOWS\g2431906.exe 2007-05-26 15:43 206 --a------ C:\WINDOWS\g751359.exe 2007-05-26 15:22 206 --a------ C:\WINDOWS\g153156.exe 2007-05-26 15:08 206 --a------ C:\WINDOWS\g3656906.exe (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-13 20:07:01 74,694 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-06-13 20:07:01 453,808 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-06-13 19:42:29 -------- d-----w C:\Program Files\Mozilla Thunderbird 2007-06-12 15:40:20 -------- d-----w C:\Program Files\Yahoo! 2007-06-10 21:08:58 -------- d-----w C:\DOCUME~1\PhoeniX\DANEAP~1\Skype 2007-06-10 13:20:47 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-05-05 09:16:35 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-04-27 16:35:05 -------- d-----w C:\DOCUME~1\PhoeniX\DANEAP~1\AdobeUM 2007-04-21 12:25:34 -------- d-----w C:\Program Files\SkanerOnline 2007-04-21 11:57:02 6,144 ----a-w C:\WINDOWS\vbstub.exe 2007-04-21 11:57:01 9,728 ----a-w C:\WINDOWS\libHide.dll 2007-04-14 11:08:17 -------- d-----w C:\DOCUME~1\PhoeniX\DANEAP~1\FUJIFILM 2007-04-14 10:54:11 -------- d-----w C:\Program Files\REGSHAVE 2007-03-19 18:13:10 6,422,611 ----a-w C:\Program Files\frostwire-4.13.1.6.windows.exe 2007-03-15 10:23:16 497,496 ----a-w C:\WINDOWS\system32\XceedZip.dll 2007-03-15 10:19:58 526,184 ----a-w C:\WINDOWS\system32\XceedCry.dll 2007-03-15 10:00:36 466,432 ----a-w C:\WINDOWS\system32\SkanerOnline.dll 2006-10-27 12:00:34 24,576 --sha-r C:\WINDOWS\system32\inetsrv.exe~ ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AtiPTA"="atiptaxx.exe" [2005-11-23 02:05 C:\WINDOWS\system32\atiptaxx.exe] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-05-06 11:31] "zBrowser Launcher"="F:\Logitech\iTouch\iTouch.exe" [2004-03-18 10:33] "SoundMan"="SOUNDMAN.EXE" [2006-08-03 05:12 C:\WINDOWS\soundman.exe] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-05-30 14:30] "SpyHunter"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe" [2007-04-26 19:03] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [] "NBJ"="F:\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 18:25] "Ortd"="C:\PROGRA~1\COMMON~1\SSTEM3~1\ati2evxx.exe" [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] "wlnlogon"=C:\WINDOWS\System.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 14:29] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^PhoeniX^Menu Start^Programy^Autostart^Adobe Gamma.lnk] path=C:\Documents and Settings\PhoeniX\Menu Start\Programy\Autostart\Adobe Gamma.lnk backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033] "F:\D-Tools\daemon.exe" -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kav] "F:\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner] F:\Trojan Remover\Trjscan.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4aace37e-0e15-11dc-b7c0-000e2e8c2dde}] AutoRun\command- K:\.\Recycled\Driveinfo.exe Open\Command- K:\.\Recycled\Driveinfo.exe ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-13 22:18:48 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-13 22:19:09 C:\ComboFix-quarantined-files.txt ... 2007-06-13 22:19 --- E O F ---
  8. PhoeeeniX
    OK zrobilem co sie dalo lecz OIuinstaller nie chce mi sie zainstalowac z teog linka co dales i z innych raczej tez. Uruchomiłem SmitfraudFix w safemode: znalazł pliki ale przy usuwaniu nie mógł znalesc odpowiedniej sciezki, nie wiem dlaczego. Reszte zrobilem. Aha chciałem dodac ze I jak się 3yma ? Oto logi: Logfile of HijackThis v1.99.1 Scan saved at 16:25:47, on 2007-06-13 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe F:\Logitech\iTouch\iTouch.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe F:\FinePixViewer\QuickDCF2.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe F:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\svchost.exe f:\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\PhoeniX\Pulpit\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {B7593C1D-F58C-AB2D-8A06-F8ADD89529E5} - C:\WINDOWS\system32\wpm.dll (file missing) O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [zBrowser Launcher] F:\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [spyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [NBJ] "F:\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [Ortd] "C:\PROGRA~1\COMMON~1\SSTEM3~1\ati2evxx.exe" -vt ndrv O4 - HKCU\..\Run: [Hilg] C:\WINDOWS\?icrosoft\n?tdde.exe O4 - HKCU\..\Run: [Ofn] C:\WINDOWS\??mbols\??anregw.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Exif Launcher 2.lnk = ? O4 - Global Startup: Image Transfer.lnk = ? O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://F:\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: PacificPoker - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - F:\PACIFI~1\pacificpoker.exe O16 - DPF: {5A09E43F-A0A7-4ABF-AF80-11367CF1DC8F} (MainControl Class) - http://mks.com.pl/skaner/SkanerOnline.cab O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5EE64A38-F284-44A1-AD61-EB19F1E1A595}: NameServer = 194.204.159.1,194.204.152.34 O20 - Winlogon Notify: wingdm32 - wingdm32.dll (file missing) O20 - Winlogon Notify: wudb - C:\WINDOWS\system32\wudb.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - F:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - f:\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - F:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) "Silent Runners.vbs", revision R50, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ "wlnlogon" = "C:\WINDOWS\System.exe" [file not found] HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS] "MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = ""C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"" [file not found] "NBJ" = ""F:\Ahead\Nero BackItUp\NBJ.exe"" ["Ahead Software AG"] "Ortd" = ""C:\PROGRA~1\COMMON~1\SSTEM3~1\ati2evxx.exe" -vt ndrv" [file not found] "Hilg" = "C:\WINDOWS\*icrosoft\n*tdde.exe" (unwritable string) [file not found] "Ofn" = "C:\WINDOWS\**mbols\**anregw.exe" (unwritable string) [file not found] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} "AtiPTA" = "atiptaxx.exe" ["ATI Technologies, Inc."] "SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"" ["Sun Microsystems, Inc."] "QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."] "zBrowser Launcher" = "F:\Logitech\iTouch\iTouch.exe" ["Logitech Inc."] "SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."] "!AVG Anti-Spyware" = ""C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized" ["GRISOFT s.r.o."] "SpyHunter" = "C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe" ["Enigma Software Group Inc."] "MSConfig" = "C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...CLSID} = "Adobe PDF Reader Link Helper" \InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = "SSVHelper Class" \InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."] {B7593C1D-F58C-AB2D-8A06-F8ADD89529E5}\(Default) = (no title provided) -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\WINDOWS\system32\wpm.dll" [file not found] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania" -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania" \InProcServer32\(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."] "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension" -> {HKLM...CLSID} = "WinRAR" \InProcServer32\(Default) = "F:\WinRAR\rarext.dll" [null data] "{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler" -> {HKLM...CLSID} = "Microsoft Office Outlook" \InProcServer32\(Default) = "F:\MICROS~1\OFFICE11\MLSHEXT.DLL" [MS] "{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler" -> {HKLM...CLSID} = "Rozszerzenie ikon plików programu Outlook" \InProcServer32\(Default) = "F:\MICROS~1\OFFICE11\OLKFSTUB.DLL" [MS] "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "F:\Microsoft Office\OFFICE11\msohev.dll" [MS] "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player" -> {HKLM...CLSID} = "RealOne Player Context Menu Class" \InProcServer32\(Default) = "C:\Program Files\Real Player\rpshell.dll" ["RealNetworks, Inc."] "{79BC0345-1015-11D2-A299-006008312725}" = "blue.shell" -> {HKLM...CLSID} = "Studio.Project" \InProcServer32\(Default) = "F:\Pinnacle\Studio 10\programs\BlueShellExt.dll" [null data] ComboFix 07-06-11.3 - C:\Documents and Settings\PhoeniX\Pulpit\ComboFix.exe "PhoeniX" - 2007-06-13 16:26:16 - Dodatek Service Pack 2 NTFS ((((((((((((((((((((((((( Files Created from 2007-05-13 to 2007-06-13 ))))))))))))))))))))))))))))))) 2007-06-13 16:20 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-06-13 16:20 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-06-13 16:20 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-06-13 16:20 2,138 --a------ C:\WINDOWS\system32\tmp.reg 2007-06-12 17:50 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-12 17:46 <DIR> d-------- C:\Program Files\Enigma Software Group 2007-06-11 20:30 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-06-11 20:23 <DIR> d-------- C:\DOCUME~1\ADMINI~1\DANEAP~1\Talkback 2007-06-11 20:22 <DIR> dr-h----- C:\DOCUME~1\ADMINI~1\Dane aplikacji 2007-06-11 20:22 <DIR> dr------- C:\DOCUME~1\ADMINI~1\Menu Start 2007-06-11 20:22 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Szablony 2007-06-11 20:22 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Ulubione 2007-06-11 20:22 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Pulpit 2007-06-11 20:22 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Moje dokumenty 2007-06-11 20:21 786,432 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT 2007-06-11 20:21 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\Ustawienia lokalne 2007-06-11 19:05 <DIR> d-------- C:\WINDOWS\system32\Lang 2007-06-10 15:21 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe 2007-06-10 15:21 <DIR> d-------- C:\Program Files\Realtek Sound Manager 2007-06-10 15:21 <DIR> d-------- C:\Program Files\AvRack 2007-06-10 15:20 577,536 --a------ C:\WINDOWS\soundman.exe 2007-06-10 15:20 4,019,072 --a------ C:\WINDOWS\system32\drivers\alcxwdm.sys 2007-06-10 15:20 315,392 --a------ C:\WINDOWS\alcupd.exe 2007-06-10 15:20 217,088 --a------ C:\WINDOWS\Alcrmv.exe 2007-06-10 15:20 143,360 --a------ C:\WINDOWS\system32\RtlCPAPI.dll 2007-06-10 15:20 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe 2007-06-10 15:20 <DIR> d-------- C:\Program Files\Realtek AC97 2007-06-09 17:52 12,800 -ra------ C:\WINDOWS\system32\WING32.DLL 2007-06-08 12:57 75,264 --a------ C:\WINDOWS\system32\unacev2.dll 2007-06-08 12:57 3,440 --a------ C:\WINDOWS\undo.reg 2007-06-08 12:57 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll 2007-06-07 14:58 81,920 --a------ C:\DOCUME~1\PhoeniX\DANEAP~1\ezpinst.exe 2007-06-07 14:58 <DIR> d-------- C:\Program Files\vso 2007-06-07 14:07 92,208 -ra------ C:\WINDOWS\system32\WING.DLL 2007-06-07 13:53 87,608 --a------ C:\DOCUME~1\PhoeniX\DANEAP~1\inst.exe 2007-06-07 13:53 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys 2007-06-07 13:53 47,360 --a------ C:\DOCUME~1\PhoeniX\DANEAP~1\pcouffin.sys 2007-06-07 13:53 <DIR> d-------- C:\DOCUME~1\PhoeniX\DANEAP~1\Vso 2007-06-07 12:07 <DIR> d-------- C:\WINDOWS\system32\NtmsData 2007-06-03 20:51 71,680 --a------ C:\WINDOWS\g21546875.exe 2007-06-03 20:29 71,680 --a------ C:\WINDOWS\g20218875.exe 2007-06-03 20:07 71,680 --a------ C:\WINDOWS\g18907718.exe 2007-06-03 19:45 71,680 --a------ C:\WINDOWS\g17579984.exe 2007-06-03 19:23 71,680 --a------ C:\WINDOWS\g16257156.exe 2007-06-03 19:03 71,680 --a------ C:\WINDOWS\g15056671.exe 2007-06-03 15:25 71,680 --a------ C:\WINDOWS\g1972609.exe 2007-06-03 14:55 71,680 --a------ C:\WINDOWS\g172625.exe 2007-06-03 10:41 71,680 --a------ C:\WINDOWS\g293906.exe 2007-06-02 21:20 71,680 --a------ C:\WINDOWS\g22524062.exe 2007-06-02 19:50 71,680 --a------ C:\WINDOWS\g17112234.exe 2007-06-02 19:28 71,680 --a------ C:\WINDOWS\g15791984.exe 2007-06-02 19:08 71,680 --a------ C:\WINDOWS\g14591968.exe 2007-06-02 18:46 71,680 --a------ C:\WINDOWS\g13268812.exe 2007-06-02 18:24 71,680 --a------ C:\WINDOWS\g11947546.exe 2007-06-02 18:02 71,680 --a------ C:\WINDOWS\g10625703.exe 2007-06-02 17:40 71,680 --a------ C:\WINDOWS\g9307359.exe 2007-06-02 17:18 206 --a------ C:\WINDOWS\g7982234.exe 2007-06-02 14:12 206 --a------ C:\WINDOWS\g5490046.exe 2007-06-02 13:50 206 --a------ C:\WINDOWS\g4169718.exe 2007-06-02 13:28 206 --a------ C:\WINDOWS\g2849437.exe 2007-06-02 13:06 206 --a------ C:\WINDOWS\g1529093.exe 2007-06-02 12:44 206 --a------ C:\WINDOWS\g208734.exe 2007-06-01 19:43 206 --a------ C:\WINDOWS\g14707406.exe 2007-06-01 15:41 206 --a------ C:\WINDOWS\g175125.exe 2007-06-01 12:07 206 --a------ C:\WINDOWS\g1973812.exe 2007-06-01 11:37 206 --a------ C:\WINDOWS\g174015.exe 2007-05-31 20:51 206 --a------ C:\WINDOWS\g174828.exe 2007-05-31 15:25 206 --a------ C:\WINDOWS\g296171.exe 2007-05-30 17:45 206 --a------ C:\WINDOWS\g7084203.exe 2007-05-30 13:43 206 --a------ C:\WINDOWS\g1853062.exe 2007-05-30 13:15 206 --a------ C:\WINDOWS\g173000.exe 2007-05-29 22:22 206 --a------ C:\WINDOWS\g6915515.exe 2007-05-29 18:03 206 --a------ C:\WINDOWS\g1735765.exe 2007-05-29 13:43 206 --a------ C:\WINDOWS\g1853140.exe 2007-05-29 13:15 206 --a------ C:\WINDOWS\g172828.exe 2007-05-28 20:13 206 --a------ C:\WINDOWS\g297312.exe 2007-05-28 14:37 206 --a------ C:\WINDOWS\g294265.exe 2007-05-27 23:00 206 --a------ C:\WINDOWS\g1861140.exe 2007-05-27 14:10 206 --a------ C:\WINDOWS\g14720468.exe 2007-05-27 11:02 <DIR> d-------- C:\Program Files\WinPcap 2007-05-27 10:38 206 --a------ C:\WINDOWS\g1972546.exe 2007-05-27 10:08 206 --a------ C:\WINDOWS\g172593.exe 2007-05-26 20:45 206 --a------ C:\WINDOWS\g2709296.exe 2007-05-26 20:25 206 --a------ C:\WINDOWS\g1498359.exe 2007-05-26 20:05 206 --a------ C:\WINDOWS\g292562.exe 2007-05-26 16:11 206 --a------ C:\WINDOWS\g2431906.exe 2007-05-26 15:43 206 --a------ C:\WINDOWS\g751359.exe 2007-05-26 15:22 206 --a------ C:\WINDOWS\g153156.exe 2007-05-26 15:08 206 --a------ C:\WINDOWS\g3656906.exe (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-13 14:26:44 74,694 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-06-13 14:26:44 453,808 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-06-13 13:54:26 -------- d-----w C:\Program Files\Mozilla Thunderbird 2007-06-12 15:40:20 -------- d-----w C:\Program Files\Yahoo! 2007-06-10 21:08:58 -------- d-----w C:\DOCUME~1\PhoeniX\DANEAP~1\Skype 2007-06-10 13:20:47 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-05-05 09:16:35 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-04-27 16:35:05 -------- d-----w C:\DOCUME~1\PhoeniX\DANEAP~1\AdobeUM 2007-04-21 12:25:34 -------- d-----w C:\Program Files\SkanerOnline 2007-04-21 11:57:02 6,144 ----a-w C:\WINDOWS\vbstub.exe 2007-04-21 11:57:01 9,728 ----a-w C:\WINDOWS\libHide.dll 2007-04-14 11:08:17 -------- d-----w C:\DOCUME~1\PhoeniX\DANEAP~1\FUJIFILM 2007-04-14 10:54:11 -------- d-----w C:\Program Files\REGSHAVE 2007-03-19 18:13:10 6,422,611 ----a-w C:\Program Files\frostwire-4.13.1.6.windows.exe 2007-03-15 10:23:16 497,496 ----a-w C:\WINDOWS\system32\XceedZip.dll 2007-03-15 10:19:58 526,184 ----a-w C:\WINDOWS\system32\XceedCry.dll 2007-03-15 10:00:36 466,432 ----a-w C:\WINDOWS\system32\SkanerOnline.dll 2006-10-27 12:00:34 24,576 --sha-r C:\WINDOWS\system32\inetsrv.exe~ ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] {B7593C1D-F58C-AB2D-8A06-F8ADD89529E5}=C:\WINDOWS\system32\wpm.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AtiPTA"="atiptaxx.exe" [2005-11-23 02:05 C:\WINDOWS\system32\atiptaxx.exe] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-05-06 11:31] "zBrowser Launcher"="F:\Logitech\iTouch\iTouch.exe" [2004-03-18 10:33] "SoundMan"="SOUNDMAN.EXE" [2006-08-03 05:12 C:\WINDOWS\soundman.exe] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-05-30 14:30] "SpyHunter"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe" [2007-04-26 19:03] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:44] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [] "NBJ"="F:\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 18:25] "Ortd"="C:\PROGRA~1\COMMON~1\SSTEM3~1\ati2evxx.exe" [] "Hilg"="C:\WINDOWS\?icrosoft\n?tdde.exe" [] "Ofn"="C:\WINDOWS\??mbols\??anregw.exe" [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] "wlnlogon"=C:\WINDOWS\System.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 14:29] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wingdm32] wingdm32.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wudb] C:\WINDOWS\system32\wudb.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^PhoeniX^Menu Start^Programy^Autostart^Adobe Gamma.lnk] path=C:\Documents and Settings\PhoeniX\Menu Start\Programy\Autostart\Adobe Gamma.lnk backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033] "F:\D-Tools\daemon.exe" -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kav] "F:\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner] F:\Trojan Remover\Trjscan.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4aace37e-0e15-11dc-b7c0-000e2e8c2dde}] AutoRun\command- K:\.\Recycled\Driveinfo.exe Open\Command- K:\.\Recycled\Driveinfo.exe ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-13 16:27:36 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-13 16:28:06 C:\ComboFix-quarantined-files.txt ... 2007-06-13 16:28 C:\ComboFix2.txt ... 2007-06-12 17:57 --- E O F ---
  9. PhoeeeniX
    Witam, pare dni temu scigalem sobie cracka do gry i jakiegos shita sciagnolem. Od teog czasu mialem jakiegos syfa w kompie mianowicie czerwona tarcza z krzyzem w trayu, potem jakies konie trojanskie w tym !update.exe Wszytsko juz usunolem, przeczyscilem kompa wiec jestem czysty ale nie jestem pewny co do Loga. Dzwiek mi zjadlo tez wiec sciagnolem stery do mojej mobo ale to nie pomoglo bo jak wlaczalem winampa to plul sie ze zle stery. Nie chcemi sie instalowac drugi raz windy i chce to tak zalatwic. Wkrotce i tak na auroxa chyba sie przesiade 8O Bylbym wdzieczny gdyyby ktos tego loga przejrzal i cos poradzil co z tym dzwiekiem zrobic 8O Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe F:\Logitech\iTouch\iTouch.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe F:\FinePixViewer\QuickDCF2.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe F:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\svchost.exe f:\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe F:\Konnekt\konnekt.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\PhoeniX\Pulpit\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {B7593C1D-F58C-AB2D-8A06-F8ADD89529E5} - C:\WINDOWS\system32\wpm.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [zBrowser Launcher] F:\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [NBJ] "F:\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [Ortd] "C:\PROGRA~1\COMMON~1\SSTEM3~1\ati2evxx.exe" -vt yazb O4 - HKCU\..\Run: [Hilg] C:\WINDOWS\?icrosoft\n?tdde.exe O4 - HKCU\..\Run: [Ofn] C:\WINDOWS\??mbols\??anregw.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Exif Launcher 2.lnk = ? O4 - Global Startup: Image Transfer.lnk = ? O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://F:\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: PacificPoker - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - F:\PACIFI~1\pacificpoker.exe O16 - DPF: {5A09E43F-A0A7-4ABF-AF80-11367CF1DC8F} (MainControl Class) - http://mks.com.pl/skaner/SkanerOnline.cab O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5EE64A38-F284-44A1-AD61-EB19F1E1A595}: NameServer = 194.204.159.1,194.204.152.34 O20 - Winlogon Notify: wingdm32 - wingdm32.dll (file missing) O20 - Winlogon Notify: wudb - C:\WINDOWS\system32\wudb.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - F:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - f:\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - F:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)
  10. PhoeeeniX
    Nikt nic nie wie :( ?? Apropo to odświeżam temat :)
  11. PhoeeeniX
    hmm a ktoś z doświadczenia ? W sumie to gram już rzadko ale czasem sobie pogrywam to chce sobie dobrze pograć :) ( przywyczajenie do 9800 :P )
  12. PhoeeeniX
    Witam padła mi karta 9800 pro by His - monitor nie wyświelta obrazu ( Wina karty bo sprawdzałem ), nie da się tego naprawić nonie ?? I pytanie 2: zastanawiam się czy warto dorzucać z 60-70zł i kupić tą kartę http://www.extrapc.pl/podzespoly/opis.php?...03&company= czy może http://allegro.pl/item136467894_palit_x800...o_box_agp_.html W sumie na Pality nie narzekają z tego co czytam, ale czy firma ma jakiś wpływ na zywotnośc karty :) ?? Czy będą różnice w wyświetlanym obrazie bo karty są przecież identyczne ?? Pozdr. Aha i czy do karty lepiej zostawić ten cooler co jest czy zamontować ze starej ten cooler: http://www.hwguide.net/docs/3radeons/9800pro-perp-big.jpg ??
  13. PhoeeeniX
    Firma Sony, 64MB tez miał sony, ale dałem na gware u zwrócili kase, więc chyba coś karta nie tak.
  14. PhoeeeniX
    Witam mam problem. Kupiłem do telefonu SE K750i kartę 512MB MSDP. No i problem bo karte trzeba sformatować. Jak podłaczę kablem USB komórke i kompa to mi jako dysk wymienny wykrywa, chce sformatowac, fomartuje lecz na końcu pisze że windows nie mógł dokończyć formatu. Gdy odłączam kabel USB do komórki, telefon nie wykrywa karty !! Zdarzyło mi sie ze 3 razy że ją zobaczył i wtedy chciałem dać format poprzez telefon ( Menedżer plików > więcej > fomart pamięci zew. ) Chyba pomogło ale nei ejstem pewien bo szybko napis snknął. Lecz najbardziej martwi mnei to że w 90% przypadkach jak włoże karte nie wykrywa mi jej choc już to pare razy zrobił !! Przedmuchiwałem już w środku, jak wkładam starą oryginalną MS 64MB jaką dostałem w zetsaiwe to od razu działa. Zła karta czy co ?
  15. PhoeeeniX
    Witam, ja to mam pecha ale chyba przez burze. Routerek SMC BRA7904 padł w czercu wiec kupiłem nowy LINKSYS AG241, a ten został. Siepień, Nowy LINKSYS PADŁ ( przewaznie mi padał rouer po burzy, ale sie nie kopcił, w smc padł modem w środku a w linksys wogle nie chcial się łaczyc poprzez www ) Obydwa dałem na gwarancje, obydwa unzali i dostałem spowrotem te same tylko że SMC dostałem WBRA ( bezprzewodowy ). Teraz pytanie ? Po co mi 2? Ktory zostawić ? W domu mam sieć na kablach wiec wireless mnie nie kręci. I co to wogle za frima SMC ? mało co jej widać w polsce.
  16. PhoeeeniX

    Grand Theft Auto: San Andreas

    PhoeeeniX odpowiedział(a) na Crosis temat w Gry

    Czemu sądzisz że to pirat ? Kumpel akurat ma licencje od porducenta na kopiowanie plików katalogowych do własnego użytku :)
  17. PhoeeeniX
    No właśnie zgrywam sobie filmy przez mini dv. Jeszcze nie testowałem ale chciałem z teorii sie zapytać co powinno szybciej zgrywać ten sam obraz - zwykły port 1394 ( firewire) na płycie głównej czy specjalnie do tego przeznaczona karta od pinnacle studio ?? Obydwa przez ten sam kabel - mini dv. I pyt. drugie - po co na karcie od Pinnacle studio do zgrywania obrazu występują aż 3 takie same porty ?? Pozdro
  18. PhoeeeniX

    Grand Theft Auto: San Andreas

    PhoeeeniX odpowiedział(a) na Crosis temat w Gry

    Kumpel kumpla nagrał to na 6 cd. Zresztą co sie czepiacie, gra wchodzi ładnie tylko ten błąd ;/
  19. PhoeeeniX

    Grand Theft Auto: San Andreas

    PhoeeeniX odpowiedział(a) na Crosis temat w Gry

    Z tym rowerem nie pommaga :P Reinstall nic nie da bo to jest kopiowana gra z cd. Stery do czego ??
  20. PhoeeeniX

    Grand Theft Auto: San Andreas

    PhoeeeniX odpowiedział(a) na Crosis temat w Gry

    Witam mam problem techniczny jakeigo nie ma w FAQ. Mianowicie zaczynam grać w grę ( sam poczatek ) wsiadam na rower i po chwili windows wywala mi błąd i czy wysłać raport o błedzie ? Jak moge teog uniknąć ? Wymagani sprzętowe mam dobre. Z dźwiękiem wszytsko ok. HELP ME :rolleyes:
  21. PhoeeeniX
    No właśnie tak sobie ciecie liczą, naprawa która powinna ksoztować 10zł liczą po 100 bo jest nietypowa i nie robi sie ich codziennie. Nie znam sie na elektronice ale jak sprawdzić czy jakis kondesator nie poszedł lub rezystor bo tego jest pewnie pełno w ukłądzie scalonym płytki.
  22. PhoeeeniX
    Co to za Asmax, masz w nim dodatkowe porty usb ?? Pytam z ciekawosci a co do pytanai to wydaje mi sie że to tak samo jak mi mdoem padł. Wszystko jest na jednej płytce wiec nic nie zrobisz, owszem naprawa możliwa ale chyba nie opłacalna chyba ze sam umiesz naprawić. Jednak wymiana płytki to to samo co kupno routera :)
  23. PhoeeeniX
    Włąsnie sie przed momentem od wujka dowiedizałem ze nic nie zrobi bo to wszytsko jest na jednej płytce więc tzreba całą płytke wymieniac czyli router, obudowe mozna zostawic :lol2:
  24. PhoeeeniX
    Możesz polecać ale chyba jak czytałeś uwaznie mam już router :) Czyli nie warto tego naprawiać chociaż widze ż enie duża część forumowiczów się w tym orientuje, najlpeiej spytac kogos przy okazji albo w serwisie :) Pozdro
  25. PhoeeeniX
    A nie wiem ile, róznia sobie życzą a bardziej życzą sobie kasy za niecodzienność tej naprawy nie za samą prace. Za 100zł to ja moge sobie rękawiczki an zime kupić a nie router :rolleyes: Tak myśle ze sie nie opłaca ale chce wiedzieć czy jest taka możliwość, bo LINKSYSA AG241 zakupiłem 2 dni temu a SMC stary stoji na półce w kurzu :)
×
×
  • Dodaj nową pozycję...