Skocz do zawartości

gean'a'torre

Stały użytkownik
  • Postów

    12
  • Dołączył

  • Ostatnia wizyta

Odpowiedzi opublikowane przez gean'a'torre

  1. spróbuj odświerzyć windowsa przy pomocy płyty z XP

     

     

    w sumie zrobiłem to odrazu, ale mam starego windowsa corporate edition chyba :/

    potem zmieniłem sobie tylko cd keya na oryginalnego, ale tak sie z tym meczylem ze nie pamiętam jak nawet, jak teraz wkładam normalną płytkę (nie corporate, bo juz nie mam), wybieram napraw i podaje cd key z niej to pisze mi że zły cd key.

    na 90% mam ten z oryginalnej płytki która mam teraz, ale do końca nie jestem pewien, można jakoś poznać swojego cd keya? wolę się zapytać niż ściągnąć jakiegoś kraka co mi jeszcze napsuje.

  2. ale to jest s-video....

     

     

     

    hehehe, widzisz, dokładnie tak samo miałem, ale teraz jak patrze to bardziej wygląda na ps2 :D

     

    problem w tym że ja tej przejściówki nie mam.

     

    na allegro nie znalazłem nic

     

    ma może ktoś zbędny taki kabelek?

     

    ja wogóle się to nazywa, na stronach nvidii tez lipa

  3. Logfile of HijackThis v1.99.1

    Scan saved at 11:26:20, on 2005-12-28

    Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

     

    Running processes:

    C:\windows\System32\smss.exe

    C:\windows\system32\winlogon.exe

    C:\windows\system32\services.exe

    C:\windows\system32\lsass.exe

    C:\windows\system32\svchost.exe

    C:\windows\System32\svchost.exe

    C:\windows\system32\spoolsv.exe

    C:\Program Files\Eset\nod32krn.exe

    C:\windows\System32\svchost.exe

    C:\Program Files\Gadu-Gadu\gg.exe

    C:\Program Files\Opera\Opera.exe

    C:\windows\system32\taskmgr.exe

    C:\Program Files\totalcmd\TOTALCMD.EXE

    C:\HijackThis.exe

     

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *new-search.net*;*x-google.net*

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

    O2 - BHO: SS SS Plugin - {1D1B2879-99FF-11E3-8D96-D7ACAC95952A} - C:\windows\system32\bpkwb.dll (file missing)

    O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_98.dll

    O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing)

    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe

    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

    O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe

    O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s

    O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\system32\intell32.exe

    O4 - HKLM\..\Run: [WinHound] C:\Program Files\WinHound\WinHound.exe

    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

    O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

    O4 - HKCU\..\Run: [bxproxy] C:\WINDOWS\bxproxy.exe

    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll

    O10 - Hijacked Internet access by New.Net

    O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.145/x15.chm::/trs15.exe

    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1122195957296

    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

    O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://skaner.mks.com.pl/SkanerOnline.cab

    O16 - DPF: {FFCEABDA-C04E-7F4A-E9B6-DFA72B2F49FB} - http://213.200.210.10/dl/101/PL648_139.exe

    O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll

    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

     

     

     

     

     

     

     

    ok, co teraz? :)

  4. ok, oto wynik :)

     

     

     

     

    "Silent Runners.vbs", revision 41, http://www.silentrunners.org/

    Operating System: Windows XP SP2

    Output limited to non-default values, except where indicated by "{++}"

     

     

    Startup items buried in registry:

    ---------------------------------

     

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

    "Gadu-Gadu" = ""C:\Program Files\Gadu-Gadu\gg.exe" /tray" ["Gadu-Gadu Sp. z oo"]

    "bxproxy" = "C:\WINDOWS\bxproxy.exe" [file not found]

     

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

    "zBrowser Launcher" = "C:\Program Files\Logitech\iTouch\iTouch.exe" ["Logitech Inc."]

    "KernelFaultCheck" = "C:\windows\system32\dumprep 0 -k" [MS]

    "DAEMON Tools-1033" = ""C:\Program Files\D-Tools\daemon.exe" -lang 1033" ["DAEMON'S HOME"]

    "VVSN" = "C:\Program Files\VVSN\VVSN.exe" [null data]

    "New.net Startup" = "rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s" [MS]

    "intell32.exe" = "C:\WINDOWS\system32\intell32.exe" [null data]

    "WinHound" = "C:\Program Files\WinHound\WinHound.exe" [null data]

    "nod32kui" = ""C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE" ["Eset "]

     

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx\ {++}

    "Flag" = 2

     

    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = "AcroIEHlprObj Class" [from CLSID]

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]

    {1D1B2879-99FF-11E3-8D96-D7ACAC95952A}\(Default) = "SS SS Plugin"

    -> {CLSID}\InProcServer32\(Default) = "C:\windows\system32\bpkwb.dll" [file not found]

    {4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\(Default) = "URLLink" [from CLSID]

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\NewDotNet\newdotnet6_98.dll" ["New.net, Inc."]

    {59879FA4-4790-461c-A1CC-4EC4DE4CA483}\(Default) = "RXResultTracker Class" [from CLSID]

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\RXToolBar\sfcont.dll" [file not found]

     

    HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

    "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"

    -> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found]

    "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"

    -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]

    "{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"

    -> {CLSID}\InProcServer32\(Default) = "C:\windows\system32\Audiodev.dll" [MS]

    "{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"

    -> {CLSID}\InProcServer32\(Default) = "C:\windows\system32\Audiodev.dll" [MS]

    "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Real Alternative\rpshell.dll" ["RealNetworks, Inc."]

    "{f802f260-519b-11d1-bb5d-0060974c6013}" = "ICQ Shell Extension"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\ICQ\ICQShell.dll" [null data]

    "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

    "{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"

    -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]

    "{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"

    -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]

    "{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"

    -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]

    "{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"

    -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]

    "{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS]

    "{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"

    -> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]

    "{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"

    -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]

    "{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}" = "PhoneBrowser"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll" ["Nokia"]

    "{C0C4375A-5B72-4efe-929D-3B848C3A1E91}" = "Message View"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Nokia\Nokia PC Suite 6\MessageView.dll" ["Nokia"]

    "{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band"

    -> {CLSID}\InProcServer32\(Default) = "C:\windows\system32\browseui.dll" [MS]

    "{B089FE88-FB52-11d3-BDF1-0050DA34150D}" = "NOD32 Context Menu Shell Extension"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" ["Eset "]

     

    HKLM\Software\Classes\PROTOCOLS\Filter\

    INFECTION WARNING! application/x-icq\CLSID = "{db40c160-09a1-11d3-baf2-000000000000}"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\ICQ\IExplorerMime.dll" [empty string]

    INFECTION WARNING! text/html\CLSID = "{2AB289AE-4B90-4281-B2AE-1F4BB034B647}"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\RXToolBar\sfcont.dll" [file not found]

     

    HKLM\Software\Classes\*\shellex\ContextMenuHandlers\

    ICQMenu\(Default) = "{f802f260-519b-11d1-bb5d-0060974c6013}"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\ICQ\ICQShell.dll" [null data]

    NOD32 Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11d3-BDF1-0050DA34150D}"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" ["Eset "]

    WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

     

    HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\

    ICQMenu\(Default) = "{f802f260-519b-11d1-bb5d-0060974c6013}"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\ICQ\ICQShell.dll" [null data]

    WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

     

    HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\

    NOD32 Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11d3-BDF1-0050DA34150D}"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Eset\nodshex.dll" ["Eset "]

    WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

    -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

     

     

    Active Desktop and Wallpaper:

    -----------------------------

     

    Active Desktop is enabled at this entry:

    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

     

    HKCU\Control Panel\Desktop\

    "Wallpaper" = "C:\Documents and Settings\gean\Dane aplikacji\IrfanView\IrfanView_Wallpaper.bmp"

     

    Active Desktop web content:

     

    HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\1\

    "FriendlyName" = "Warning homepage"

    "Source" = "C:\WINDOWS\warnhp.html"

    "SubscribedURL" = ""

     

     

    Enabled Screen Saver:

    ---------------------

     

    HKCU\Control Panel\Desktop\

    "SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]

     

     

    Startup items in "gean" & "All Users" startup folders:

    --------------------------------------------------------

     

    C:\Documents and Settings\All Users\Menu Start\Programy\Autostart

    "Adobe Gamma Loader" -> shortcut to: "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."]

    "Adobe Reader Speed Launch" -> shortcut to: "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]

     

     

    Winsock2 Service Provider DLLs:

    -------------------------------

     

    Namespace Service Providers

     

    HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

    000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

    000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]

    000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

    000000000004\LibraryPath = "C:\Program Files\NewDotNet\newdotnet6_98.dll" ["New.net, Inc."]

     

    Transport Service Providers

     

    HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

    0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

    C:\windows\system32\imon.dll ["Eset "], 01 - 10, 41

    C:\Program Files\NetLimiter\nl_lsp.dll [null data], 11 - 15, 21

    %SystemRoot%\system32\mswsock.dll [MS], 16 - 18, 22 - 40

    %SystemRoot%\system32\rsvpsp.dll [MS], 19 - 20

     

     

    Toolbars, Explorer Bars, Extensions:

    ------------------------------------

     

    Extensions (Tools menu items, main toolbar menu buttons)

     

    HKLM\Software\Microsoft\Internet Explorer\Extensions\

    {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\

    "MenuText" = "Sun Java Console"

    "CLSIDExtension" = "{08B0E5C0-4FCB-11CF-AAA5-00401C608501}"

     

     

    HOSTS file

    ----------

     

    HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\

    HIJACK WARNING! "DataBasePath" = "C:\windows\nsdb"

     

     

    Running Services (Display Name, Service Name, Path {Service DLL}):

    ------------------------------------------------------------------

     

    NOD32 Kernel Service, NOD32krn, ""C:\Program Files\Eset\nod32krn.exe"" ["Eset "]

    Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]

     

     

    Print Monitors:

    ---------------

     

    HKLM\System\CurrentControlSet\Control\Print\Monitors\

    hpzsnt12\Driver = "hpzsnt12.dll" ["HP"]

     

     

    ----------

    + This report excludes default entries except where indicated.

    + To see *everywhere* the script checks and *everything* it finds,

    launch it from a command prompt or a shortcut with the -all parameter.

    + To search all directories of local fixed drives for DESKTOP.INI

    DLL launch points and all Registry CLSIDs for dormant Explorer Bars,

    use the -supp parameter or answer "No" at the first message box.

    ---------- (total run time: 41 seconds, including 13 seconds for message boxes)

     

     

    ---------

    edit

    okazało się że jakiś wirus jest jeszcze w kompie, właśnie powtarzam skan nodem.

  5. przyznam się, ściągałem kraka do efektu śniegu anfy z jakiejs strony, znalazłem tam dodatkowy plik crack.exe i jak debil go odpaliłem, komp stanął zaczęło coś mielić na dysku, na pulpicie wyskoczyło mi na czarnym tle "your pc is infected with spyware" czy jakos tak, taki głupi wirus, którego już widziałem, przestraszyłem się o dane na dysku więc wyłączyłem kompa, po włączeniu wyskakuje mi rzeczony błąd. pojawia się tapeta, brak ikon i paska. pliki odpalam alt+crl+del plik/nowe zadanie

     

    zainstalowałem nod 32, usunal wszysktie śmieci, ale explorer dalej trup.

     

    mam xp z sp2, uaktualniony na bieżąco.

     

    nie mam w tej chwili za bardzo opcji format, można to jakoś inaczej rozwiązać? powiedzmy że ktośprześle mi explorer.exe z c:/windows/ (zajmuje 1mb), jest szansa ze cos zadziała? chciałem ściągnąć jakieś inne GUI, ale nie moge znaleźć nic na googlu

     

    jeśli coś jest niezrozumiałe przepraszam najmocniej, jestem jeszcze wczorajszy po pasterce

×
×
  • Dodaj nową pozycję...