qwaqwa
-
Postów
28 -
Dołączył
-
Ostatnia wizyta
Osiągnięcia qwaqwa
Newbie (1/14)
0
Reputacja
-
Wina leży po stronie karty. Dzięki za pomoc.
-
Jutro sprawdzę kartę u kolegi, jak napisaliście to zróżnicuje przyczynę. Dzięki za pomoc. Napiszę dla potomnych jaki jest wynik.
-
Moja karta to Nvidia GeForce 8600 GTS 512mb. Sterowniki - świeżaki Komputer wiesza się w chwili pojawiania się tych kwiatków, w trybie awaryjnym działa, pomimo tych kwiatków.
-
Witam. Moje pytanie - jak w temacie - czy według Was jestem zmuszony kupić nową kartę? ImageShack Album - 5 images Pozdrawiam i z góry dzięki za odpowiedzi.
-
Znacie może sposób zrzucenia tej strony na HDD?Tak żeby miało to ręce i nogi? Nie zawsze mam dostęp do Neta, a ta strona jest świetna do nauki języka (jak ktoś zna lepszą, nie pogardzę)
-
Dobra :D "kupuj tanszy ram , praktycznie nie odczujesz roznicy " Nie zrozumialem. Dzieki.
-
KOlega posiada Toshibe satelite l100 - 113 ( i to o jego lapka chodzi) A gra w NFS pro street Czyli powiadasz nie warto dokladac ramu.....szkoda bo ten lapek strasznie muli
-
Co lepiej kupic? 512 mb ram 6xxmhz do magistrali 533mhz (podobno sie dostosowuja do starszych szyn...), ktory mialby pracowac z drugą starszą kością (majaca 533 mhz) czy DROŻSZY 512 ram 533mhz? A i jeszcze jedno skromne pytanie - czy bedzie odczuwalna roznica przy przejsciu z 7xx mb ramu na 1 gb? majac radeona ciągnącego 256 mb Z ramu? ps. brzydka forma - wiem sorry
-
OK, » Naciśnij aby pokazać/ukryć tekst oznaczony jako spoiler « - ComboFix ComboFix 08-05-24.1 - Jacek 2008-05-25 20:26:44.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.1541 [GMT 2:00] Running from: E:\ComboFix.exe Command switches used :: C:\Documents and Settings\Jacek\Pulpit\CFScript.txt.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\pa39xth.cmd C:\WINDOWS\system32\2051.mht C:\WINDOWS\system32\96a2.sys . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\pa39xth.cmd C:\WINDOWS\system32\2051.mht C:\WINDOWS\system32\96a2.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_96A2 -------\Legacy_9AB17 -------\Legacy_EVERESTDRIVER -------\Legacy_GGNYJCSMACO -------\Legacy_RSFLXHWSDVZX -------\Legacy_YWVQOPBMV -------\Service_02615 -------\Service_44f16 -------\Service_96a2 -------\Service_9ab17 -------\Service_EverestDriver -------\Service_GGNYJCSMACO -------\Service_RSFLXHWSDVZX -------\Service_YWVQOPBMV ((((((((((((((((((((((((( Files Created from 2008-04-25 to 2008-05-25 ))))))))))))))))))))))))))))))) . 2008-05-25 20:12 . 2008-05-25 20:12 <DIR> d-------- C:\WINDOWS\ERUNT 2008-05-25 19:56 . 2008-05-25 19:56 <DIR> d-------- C:\SDFix 2008-05-25 14:35 . 2008-05-25 14:35 <DIR> d-------- C:\WINDOWS\system32\AGEIA 2008-05-25 14:35 . 2008-05-25 14:35 <DIR> d-------- C:\Program Files\AGEIA Technologies 2008-05-24 01:07 . 2008-05-24 01:11 <DIR> d-------- C:\Program Files\FlashGet 2008-05-22 16:35 . 2008-05-22 16:35 <DIR> d-------- C:\cos 2008-05-17 17:02 . 2008-05-25 13:59 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-05-17 14:25 . 2007-01-18 14:00 3,968 --a------ C:\WINDOWS\system32\drivers\AvgArCln.sys 2008-05-17 09:25 . 2008-05-17 09:26 <DIR> d-------- C:\Program Files\Panda Security 2008-05-14 07:35 . 2008-05-14 07:35 <DIR> d-------- C:\WINDOWS\system32\Adobe 2008-05-14 00:34 . 2008-05-14 00:36 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll 2008-04-26 12:19 . 2008-04-26 12:19 <DIR> d-------- C:\WINDOWS\system32\URTTEMP 2008-04-26 12:18 . 2008-04-26 12:18 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-04-26 12:18 . 2008-04-26 12:18 22,328 --a------ C:\Documents and Settings\Jacek\Dane aplikacji\PnkBstrK.sys 2008-04-26 12:17 . 2008-04-26 12:17 669,184 --a------ C:\WINDOWS\system32\pbsvc.exe 2008-04-26 12:17 . 2008-04-26 12:18 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2008-04-26 12:17 . 2008-04-26 12:17 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-25 18:30 --------- d---a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2008-05-25 18:23 --------- d-----w C:\Program Files\SpeedFan 2008-05-25 12:34 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-05-25 11:59 --------- d-----w C:\Program Files\Google 2008-05-25 11:57 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy 2008-05-25 10:46 --------- d-----w C:\Program Files\ICQToolbar 2008-05-24 13:01 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\OpenOffice.org2 2008-05-17 08:43 --------- d-----w C:\Program Files\SkanerOnline 2008-05-17 01:04 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\Skype 2008-05-15 21:04 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-15 20:29 --------- d-----w C:\Program Files\DAEMON Tools Lite 2008-04-22 00:32 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\U3 2008-04-19 18:36 --------- d-----w C:\Program Files\NAPI-PROJEKT 2008-04-18 20:00 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\Winamp 2008-04-18 19:41 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\MegauploadToolbar 2008-04-18 19:35 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\ICQ 2008-04-18 18:53 --------- d-----w C:\Program Files\Winamp Remote 2008-04-18 18:53 --------- d-----w C:\Program Files\Winamp 2008-04-18 18:53 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks 2008-04-15 20:27 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\gtk-2.0 2008-04-15 16:40 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\ICQ Toolbar 2008-04-05 09:05 --------- d-----w C:\Program Files\Office Mouse Driver 2008-04-02 19:25 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\Atari 2008-04-01 12:22 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-04-01 12:22 --------- d-----w C:\Program Files\DAEMON Tools 2008-04-01 12:22 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\DAEMON Tools . ((((((((((((((((((((((((((((( snapshot@2008-05-25_12.30.30.64 ))))))))))))))))))))))))))))))))))))))))) . - 2008-05-25 10:25:41 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-25 18:29:08 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-23 01:54:18 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2008-05-25 18:12:55 7,856,128 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT + 2008-05-25 18:12:55 167,936 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2008-05-23 01:54:18 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2008-05-25 18:12:54 7,856,128 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT + 2008-05-25 18:12:54 167,936 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat + 2008-05-25 12:48:03 2,238 ----a-r C:\WINDOWS\Installer\{25F28E39-FDBB-11DB-8314-0800200C9A66}\MOHA.exe - 2007-07-23 08:03:30 53,248 ----a-w C:\WINDOWS\system32\AgCPanelFrench.dll + 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelFrench.dll - 2007-07-23 08:03:30 53,248 ----a-w C:\WINDOWS\system32\AgCPanelGerman.dll + 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelGerman.dll - 2007-07-23 08:03:30 53,248 ----a-w C:\WINDOWS\system32\AgCPanelJapanese.dll + 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelJapanese.dll - 2007-07-23 08:03:30 53,248 ----a-w C:\WINDOWS\system32\AgCPanelKorean.dll + 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelKorean.dll - 2007-07-23 08:03:30 53,248 ----a-w C:\WINDOWS\system32\AgCPanelPortugese.dll + 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelPortugese.dll - 2007-07-23 08:03:30 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSimplifiedChinese.dll + 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSimplifiedChinese.dll - 2007-07-23 08:03:32 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSpanish.dll + 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSpanish.dll - 2007-07-23 08:03:32 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSwedish.dll + 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSwedish.dll - 2007-07-23 08:03:32 53,248 ----a-w C:\WINDOWS\system32\AgCPanelTraditionalChinese.dll + 2007-04-20 05:57:30 53,248 ----a-w C:\WINDOWS\system32\AgCPanelTraditionalChinese.dll - 2007-07-24 07:20:06 207,405 ----a-w C:\WINDOWS\system32\AGEIA\AG1011\app.bin + 2007-06-12 07:22:58 207,277 ----a-w C:\WINDOWS\system32\AGEIA\AG1011\app.bin - 2007-05-16 07:42:42 122,249 ----a-w C:\WINDOWS\system32\AGEIA\AG1011\diag.bin + 2007-04-16 07:24:38 122,249 ----a-w C:\WINDOWS\system32\AGEIA\AG1011\diag.bin - 2007-07-25 07:30:38 214,141 ----a-w C:\WINDOWS\system32\AGEIA\AG1021\app.bin + 2007-06-12 07:22:58 214,141 ----a-w C:\WINDOWS\system32\AGEIA\AG1021\app.bin - 2007-05-16 07:42:44 105,981 ----a-w C:\WINDOWS\system32\AGEIA\AG1021\diag.bin + 2007-07-10 09:13:42 113,313 ----a-w C:\WINDOWS\system32\AGEIA\AG1021\diag.bin + 2008-05-25 11:02:11 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat - 2008-01-17 15:34:01 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys + 2008-01-17 16:34:01 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys + 2007-06-26 09:15:22 117,888 -c--a-w C:\WINDOWS\system32\DRVSTORE\PhysX32_28DEC1919B015F1DB41BE86D222D95CA59F30701\physX32.sys - 2007-09-13 08:45:50 70,944 ----a-w C:\WINDOWS\system32\PhysXLoader.dll + 2007-06-19 06:59:36 70,400 ----a-w C:\WINDOWS\system32\PhysXLoader.dll + 2008-05-25 18:29:11 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_71c.dat . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360] "Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 09:39 2119104] "TaskSwitchXP"="C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe" [2007-05-09 22:33 106904] "Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" [2008-03-25 04:59 507904] "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856] "Fraps"="F:\PROGRAM FILES\FRAPS\FRAPS.EXE" [2008-01-14 14:53 913064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-06-02 10:45 385024] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 23:48 479232] "RivaTuner"="C:\Program Files\RivaTuner v2.06\RivaTuner.exe" [2007-10-30 20:05 2650112] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 12:09 63712] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-11-29 02:17 55824 C:\WINDOWS\KHALMNPR.Exe] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2007-03-16 09:06 868352] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776] "nwiz"="nwiz.exe" [2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 02:41 81920] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360] C:\Documents and Settings\Jacek\Menu Start\Programy\Autostart\ Skr˘t do Core Maximizer.lnk - F:\CoreMaximizer1.03\Core Maximizer.exe [2008-01-02 10:42:28 1740800] SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe [2007-09-17 19:04:02 2902528] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-01-13 17:52:12 67128] Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-04-05 10:57:48 789008] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] c:\program files\common files\logitech\bluetooth\LBTWlgn.dll 2008-01-09 12:30 72208 c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll "aux1"= ctwdm32.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KamikazeKat] --------- 2008-01-24 13:22 283648 C:\Program Files\ScreenMates\kamikazekat.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] -ra------ 2007-09-13 14:31 22880040 C:\Program Files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] F:\Steam\Steam.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Gadu-Gadu\\gg.exe"= "C:\\Program Files\\Hamachi\\hamachi.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "F:\\Diablo II\\Game.exe"= "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "F:\\mmm\\3DMark05.exe"= "F:\\Program Files\\Quake III Arena\\quake3.exe"= "C:\\Program Files\\Internet Explorer\\iexplore.exe"= "C:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\Polish\\setup.exe"= "F:\\Program Files\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"= "F:\\Program Files\\ICQ6\\ICQ.exe"= "C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "F:\\Program Files\\Valve\\Steam\\SteamApps\\alacham\\counter-strike\\hl.exe"= "F:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"= "F:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"= "C:\\WINDOWS\\system32\\PnkBstrA.exe"= "C:\\WINDOWS\\system32\\PnkBstrB.exe"= "F:\\Program Files\\Codemasters\\DiRT\\DiRT.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\FlashGet\\flashget.exe"= "F:\\Program Files\\Electronic Arts\\Medal of Honor Airborne\\UnrealEngine3\\Binaries\\MOHA.exe"= R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc);C:\WINDOWS\system32\drivers\pe3ah4nc.sys [2007-05-18 21:53] R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);C:\WINDOWS\system32\drivers\ps6ah4nc.sys [2007-05-18 21:52] R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16] R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2007-05-04 10:27] R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-07-28 06:28] S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);C:\WINDOWS\system32\pr2ah4nc.exe svc [] S3 WFIOCTL;WFIOCTL;C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS [2005-01-06 17:55] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J] \Shell\AutoRun\command - J:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{75abd978-0b25-11dd-a97a-0018f38b78e0}] \Shell\AutoRun\command - J:\LaunchU3.exe -a . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-25 20:30:27 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\nvsvc32.exe F:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe . ************************************************************************** . Completion time: 2008-05-25 20:34:23 - machine was rebooted ComboFix-quarantined-files.txt 2008-05-25 18:34:21 ComboFix2.txt 2008-05-25 10:30:47 Pre-Run: 9,072,697,344 bajtów wolnych Post-Run: 9,066,303,488 bajt˘w wolnych 242 --- E O F --- 2008-05-17 01:01:29 » Naciśnij aby pokazać/ukryć tekst oznaczony jako spoiler « - SDFix SDFix: Version 1.185 Run by Jacek on 2008-05-25 at 20:14 Microsoft Windows XP [Wersja 5.1.2600] Running From: C:\SDFix\SDFix Checking Services : Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-25 20:18:29 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:af,a0,0c,3a,af,c5,7e,f9,41,c7,51,ca,af,f4,2e,83,d8,5e,50,c7,ea,.. "p0"="C:\Program Files\DAEMON Tools Lite\" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "khjeh"=hex:23,2e,6b,6c,23,55,40,e0,21,04,5b,95,8b,41,68,76,54,17,95,c1,3e,.. "a0"=hex:20,01,00,00,82,14,10,59,3a,8b,4a,ed,1e,4e,f5,82,a2,bf,31,46,34,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:b8,ee,ad,08,38,31,94,dc,a0,8c,b5,a3,24,a3,c8,99,6a,4a,c8,c3,01,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41] "khjeh"=hex:24,76,01,9b,f9,ec,ba,7c,bc,bd,27,74,a2,33,81,d4,05,4a,cd,ca,fa,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:af,a0,0c,3a,af,c5,7e,f9,41,c7,51,ca,af,f4,2e,83,d8,5e,50,c7,ea,.. "p0"="C:\Program Files\DAEMON Tools Lite\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "khjeh"=hex:23,2e,6b,6c,23,55,40,e0,21,04,5b,95,8b,41,68,76,54,17,95,c1,3e,.. "a0"=hex:20,01,00,00,82,14,10,59,3a,8b,4a,ed,1e,4e,f5,82,a2,bf,31,46,34,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:b8,ee,ad,08,38,31,94,dc,a0,8c,b5,a3,24,a3,c8,99,6a,4a,c8,c3,01,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41] "khjeh"=hex:24,76,01,9b,f9,ec,ba,7c,bc,bd,27,74,a2,33,81,d4,05,4a,cd,ca,fa,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Gadu-Gadu\\gg.exe"="C:\\Program Files\\Gadu-Gadu\\gg.exe:*:Enabled:Gadu-Gadu - program g˘wny" "C:\\Program Files\\Hamachi\\hamachi.exe"="C:\\Program Files\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client" "C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "F:\\Diablo II\\Game.exe"="F:\\Diablo II\\Game.exe:*:Enabled:Diablo II" "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "F:\\mmm\\3DMark05.exe"="F:\\mmm\\3DMark05.exe:*:Enabled:3DMark05" "F:\\Program Files\\Quake III Arena\\quake3.exe"="F:\\Program Files\\Quake III Arena\\quake3.exe:*:Enabled:quake3" "C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer" "C:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\Polish\\setup.exe"="C:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\Polish\\setup.exe:*:Enabled:Kaspersky Anti-Virus 7.0 Setup" "F:\\Program Files\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"="F:\\Program Files\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe:*:Enabled:Supreme Commander" "F:\\Program Files\\ICQ6\\ICQ.exe"="F:\\Program Files\\ICQ6\\ICQ.exe:*:Enabled:ICQ6" "C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="C:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb" "C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray" "C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client" "F:\\Program Files\\Valve\\Steam\\SteamApps\\alacham\\counter-strike\\hl.exe"="F:\\Program Files\\Valve\\Steam\\SteamApps\\alacham\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher" "F:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"="F:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe:*:Enabled:Crysis_32" "F:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"="F:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32" "C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB" "F:\\Program Files\\Codemasters\\DiRT\\DiRT.exe"="F:\\Program Files\\Codemasters\\DiRT\\DiRT.exe:*:Disabled:DiRT Executable" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" "C:\\Program Files\\FlashGet\\flashget.exe"="C:\\Program Files\\FlashGet\\flashget.exe:*:Enabled:Flashget" "F:\\Program Files\\Electronic Arts\\Medal of Honor Airborne\\UnrealEngine3\\Binaries\\MOHA.exe"="F:\\Program Files\\Electronic Arts\\Medal of Honor Airborne\\UnrealEngine3\\Binaries\\MOHA.exe:*:Enabled:Medal of Honor Airborne" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" Remaining Files : File Backups: - C:\SDFix\SDFix\backups\backups.zip Files with Hidden Attributes : Wed 13 Oct 2004 1,694,208 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe" Thu 2 Mar 2006 60,928 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe" Tue 6 Nov 2007 6,219,320 A..H. --- "C:\Program Files\Picasa2\setup.exe" Tue 6 Nov 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Tue 13 Nov 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp" Wed 7 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\05030212059e1b9876d47b8cf2fa5e95\BIT1.tmp" Wed 4 Oct 2006 3,072,000 A..H. --- "C:\Documents and Settings\Jacek\Dane aplikacji\U3\temp\Launchpad Removal.exe" Finished! (wogole to dzieki za fatyge)
-
HEh po uruchomieniu programu ktory mi podales Avast przestal wykrywać robala w zwiazku z tym niemoge podac jego dokladnej lokalizacji. Napewno dawniej bylo to: C:\docume~1\Jacek\USTAWI~1\Temp\ "COŚ".kdll, oraz jakies CUŚ z "moem" - nie pamietam dokladnie - lipa troche - Może jeszcze sie uaktywni » Naciśnij aby pokazać/ukryć tekst oznaczony jako spoiler « - ComboFix ComboFix 08-05-24.1 - Jacek 2008-05-25 12:22:12.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1250.48.1045.18.1369 [GMT 2:00] Running from: E:\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\autorun.inf C:\WINDOWS\system32\amvo.exe C:\WINDOWS\system32\amvo1.dll D:\Autorun.inf E:\Autorun.inf F:\Autorun.inf I:\Autorun.inf . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NWSAPAGENT -------\Service_NwSapAgent ((((((((((((((((((((((((( Files Created from 2008-04-25 to 2008-05-25 ))))))))))))))))))))))))))))))) . 2008-05-24 01:07 . 2008-05-24 01:11 <DIR> d-------- C:\Program Files\FlashGet 2008-05-24 00:54 . 2008-05-24 08:10 <DIR> d-------- C:\Program Files\Spyware Doctor 2008-05-24 00:54 . 2008-05-24 00:54 <DIR> d-------- C:\Documents and Settings\Jacek\Dane aplikacji\PC Tools 2008-05-24 00:54 . 2007-12-10 14:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys 2008-05-24 00:54 . 2007-12-10 14:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys 2008-05-24 00:54 . 2008-02-01 12:55 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys 2008-05-24 00:54 . 2007-12-10 14:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys 2008-05-22 16:35 . 2008-05-22 16:35 <DIR> d-------- C:\cos 2008-05-17 17:02 . 2008-05-17 17:02 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-05-17 14:25 . 2007-01-18 14:00 3,968 --a------ C:\WINDOWS\system32\drivers\AvgArCln.sys 2008-05-17 14:15 . 2008-05-17 14:15 2,021,790 --a------ C:\WINDOWS\system32\2051.mht 2008-05-17 14:15 . 2008-05-17 14:15 185,824 --a------ C:\WINDOWS\system32\96a2.sys 2008-05-17 09:25 . 2008-05-17 09:26 <DIR> d-------- C:\Program Files\Panda Security 2008-05-15 22:31 . 2008-04-16 17:30 103,424 -r-hs---- C:\pa39xth.cmd 2008-05-14 07:35 . 2008-05-14 07:35 <DIR> d-------- C:\WINDOWS\system32\Adobe 2008-05-14 00:34 . 2008-05-14 00:36 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll 2008-04-26 12:19 . 2008-04-26 12:19 <DIR> d-------- C:\WINDOWS\system32\URTTEMP 2008-04-26 12:18 . 2008-04-26 12:18 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-04-26 12:18 . 2008-04-26 12:18 22,328 --a------ C:\Documents and Settings\Jacek\Dane aplikacji\PnkBstrK.sys 2008-04-26 12:17 . 2008-04-26 12:17 669,184 --a------ C:\WINDOWS\system32\pbsvc.exe 2008-04-26 12:17 . 2008-04-26 12:18 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2008-04-26 12:17 . 2008-04-26 12:17 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-25 06:59 --------- d---a-w C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2008-05-25 06:59 --------- d-----w C:\Program Files\SpeedFan 2008-05-24 13:01 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\OpenOffice.org2 2008-05-18 06:01 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy 2008-05-17 08:43 --------- d-----w C:\Program Files\SkanerOnline 2008-05-17 07:24 --------- d-----w C:\Program Files\ICQToolbar 2008-05-17 01:04 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\Skype 2008-05-15 21:04 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-15 20:29 --------- d-----w C:\Program Files\DAEMON Tools Lite 2008-04-22 00:32 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\U3 2008-04-19 18:36 --------- d-----w C:\Program Files\NAPI-PROJEKT 2008-04-18 20:00 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\Winamp 2008-04-18 19:41 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\MegauploadToolbar 2008-04-18 19:35 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\ICQ 2008-04-18 18:53 --------- d-----w C:\Program Files\Winamp Remote 2008-04-18 18:53 --------- d-----w C:\Program Files\Winamp 2008-04-18 18:53 --------- d-----w C:\Documents and Settings\All Users\Dane aplikacji\OrbNetworks 2008-04-15 20:27 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\gtk-2.0 2008-04-15 16:40 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\ICQ Toolbar 2008-04-07 00:24 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-04-05 09:05 --------- d-----w C:\Program Files\Office Mouse Driver 2008-04-02 19:25 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\Atari 2008-04-01 12:22 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-04-01 12:22 --------- d-----w C:\Program Files\DAEMON Tools 2008-04-01 12:22 --------- d-----w C:\Documents and Settings\Jacek\Dane aplikacji\DAEMON Tools 2008-03-26 22:26 --------- d-----w C:\Program Files\Google . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360] "Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 09:39 2119104] "TaskSwitchXP"="C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe" [2007-05-09 22:33 106904] "Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" [2008-03-25 04:59 507904] "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488] "Fraps"="F:\PROGRAM FILES\FRAPS\FRAPS.EXE" [2008-01-14 14:53 913064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-06-02 10:45 385024] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 23:48 479232] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-11-06 03:30 1840128] "RivaTuner"="C:\Program Files\RivaTuner v2.06\RivaTuner.exe" [2007-10-30 20:05 2650112] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 12:09 63712] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-11-29 02:17 55824 C:\WINDOWS\KHALMNPR.Exe] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2007-03-16 09:06 868352] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776] "nwiz"="nwiz.exe" [2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 02:41 81920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "combofix"="C:\WINDOWS\system32\CF5354.exe" [2006-03-02 14:00 395776] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360] C:\Documents and Settings\Jacek\Menu Start\Programy\Autostart\ Skr˘t do Core Maximizer.lnk - F:\CoreMaximizer1.03\Core Maximizer.exe [2008-01-02 10:42:28 1740800] SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe [2007-09-17 19:04:02 2902528] C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\ Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-01-13 17:52:12 67128] Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-04-05 10:57:48 789008] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] c:\program files\common files\logitech\bluetooth\LBTWlgn.dll 2008-01-09 12:30 72208 c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll "aux1"= ctwdm32.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KamikazeKat] --------- 2008-01-24 13:22 283648 C:\Program Files\ScreenMates\kamikazekat.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] -ra------ 2007-09-13 14:31 22880040 C:\Program Files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] F:\Steam\Steam.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Gadu-Gadu\\gg.exe"= "C:\\Program Files\\Hamachi\\hamachi.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "F:\\Diablo II\\Game.exe"= "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "F:\\mmm\\3DMark05.exe"= "F:\\Program Files\\Quake III Arena\\quake3.exe"= "C:\\Program Files\\Internet Explorer\\iexplore.exe"= "C:\\Documents and Settings\\All Users\\Dane aplikacji\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\Polish\\setup.exe"= "F:\\Program Files\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"= "F:\\Program Files\\ICQ6\\ICQ.exe"= "C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "F:\\Program Files\\Valve\\Steam\\SteamApps\\alacham\\counter-strike\\hl.exe"= "F:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"= "F:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"= "C:\\WINDOWS\\system32\\PnkBstrA.exe"= "C:\\WINDOWS\\system32\\PnkBstrB.exe"= "F:\\Program Files\\Codemasters\\DiRT\\DiRT.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\FlashGet\\flashget.exe"= R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc);C:\WINDOWS\system32\drivers\pe3ah4nc.sys [2007-05-18 21:53] R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);C:\WINDOWS\system32\drivers\ps6ah4nc.sys [2007-05-18 21:52] R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16] R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2007-05-04 10:27] R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-07-28 06:28] S0 02615;02615;C:\WINDOWS\system32\drivers\02615.SYS [] S1 44f16;44f16;C:\WINDOWS\system32\drivers\44f16.SYS [] S2 9ab17;9ab17;C:\WINDOWS\system32\drivers\9ab17.SYS [] S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);C:\WINDOWS\system32\pr2ah4nc.exe svc [] S3 96a2;96a2;C:\WINDOWS\system32\96a2.sys [2008-05-17 14:15] S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Documents and Settings\Jacek\Pulpit\everestultimate420(dobreprogramy.pl)\kerneld.wnt [] S3 GGNYJCSMACO;GGNYJCSMACO;C:\DOCUME~1\Jacek\USTAWI~1\Temp\GGNYJCSMACO.exe [] S3 GoogleDesktopManager-091907-194040;Google Desktop Manager 5.1.709.19590;"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-11-06 03:30] S3 RSFLXHWSDVZX;RSFLXHWSDVZX;C:\DOCUME~1\Jacek\USTAWI~1\Temp\RSFLXHWSDVZX.exe [] S3 WFIOCTL;WFIOCTL;C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS [2005-01-06 17:55] S3 YWVQOPBMV;YWVQOPBMV;C:\DOCUME~1\Jacek\USTAWI~1\Temp\YWVQOPBMV.exe [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J] \Shell\AutoRun\command - J:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{75abd978-0b25-11dd-a97a-0018f38b78e0}] \Shell\AutoRun\command - J:\LaunchU3.exe -a . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-25 12:25:57 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver] "ImagePath"="\??\C:\Documents and Settings\Jacek\Pulpit\everestultimate420(dobreprogramy.pl)\kerneld.wnt" . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe . ************************************************************************** . Completion time: 2008-05-25 12:30:47 - machine was rebooted ComboFix-quarantined-files.txt 2008-05-25 10:30:44 Pre-Run: 8,183,386,112 bajtów wolnych Post-Run: 8,583,852,032 bajt˘w wolnych 201 --- E O F --- 2008-05-17 01:01:29
-
Proszę o pomoc w związku z tym robakiem, chce zaznaczyć ze przed pojawieniem sie Trojan-gena byłem posiadaczem Rootkita (coooL!), który zniknął na miejsce TYTULOWEGO robala. Nie powiem jak pozbylem sie Rootkita bo uzylem wszystkich polecanych programow. Widzialem tematy juz na temat tego robala, ale sa dosyć stare i mam nadzieje ze są mozliwe jakies latwiejsze metody "rzekomego" pozbycia go. Dodam tylko ze identyczne rzeczy dzieja sie na kompie kolegi czyli Rootkit>Trojan-gen Posiadam spybota i avasta, ale mialem tez inne programy ktore nie pomogly (moze to byly zle programy) ps. Jeszcze jedno, ten robal wgryza sie tylko w system czy mam wszystko zawirusowane....? (prosze o jezyk ktory zrozumie nie-zaawansowany uzytkownik)
-
Dzieki za pomoc. :lol2:
-
Witam. Zamowilem 3 mychy Logitech g5 z USA i jedna nie dziala. Wlasnie zaczelem kontaktowac sie z moim posrednikiem w USA ale zastanawia mnie jedna rzecz. Czy moge wyslac myche do serwisu Logitecha, nie majac zadnego rachunku na nią? Jezeli tak to mam pytanie ile to kosztuje ( do tych którzy korzystali z serwisu Logitecha)?
-
Duze znaczenie ma procek(C2D czy AMD 64) w ujeciu zastosowania jakie napisalem?
-
Masz racje. Szukam laptopa który nie bedzie miał problemów z OPTYMALNA praca w systemie visty, w miare lekki (szczerze- nie znam miary lekkosci laptopow), ma pełnić głownie funkcje multimedialne, chociaz moja Kobieta nie obrazila by sie gdyby poszly na tym simsy (bo to dla Niej ten laptop).....aa...no i ma być ładny....(dlatego Acerki...wiem są ok....ale ranią oczy.), ngrywarka tez jest wymogiem..... Ni ewiem czy to wybredne Ram nie jest dla mnie wyznacznikiem - zawsze chyba moge dokupić kosteczke. Czekam na propozycje.
