PROBLEM z otwarciem dysku C i D.. wyskakuje okienko..
Witam !
Otóz mam taki problem ze jak chce sie dostać na dysk [obojetnie który] to po podwójnym klikniecu zamiast otworzyć wyskakuje mi takie okienko "Otwieranie za pomocą" i tam klikam 2 razy w Internet Explorer i dopiero sie otwiera dysk... nie moge zaznaczyć opcji "Zawsze uzywaj wybranego programu.."
Oto [url=http://www.fotosik.pl/pokaz_obrazek/pelny/75cf972a8e56677b.html]Foto[/url]
Pomózcie , nie wiem co mam zrobić a wkurza mnie takie otwieranie dysków :/
Odpowiedzi: 6
stukiziom - pomijając to, że minął ponad miesiąc od założenia tematu - akurat w tym przypadku nic to nie da - Combofix skasował plik o którym piszesz.
Otwierasz Windows w trybie awaryjnym.
Otwierasz dowolne okno...
Narzędzia -> Opcje folderów -> Zakładka Widok -> Odznacz opcje "Ukryj Chronione Pliki Systemu Operacyjnego" i jeszcze Pokaz ukryte pliki i foldery-> zastosuj ->ok
Start -> uruchom -> wpisz C:/ -> otworzy ci sie okno "c:/" -> ukarze ci sie plik Autorun.inf skasuj go i uruchom ponownie komputer
I wszystko będzie dobrze...:)
Od "zapomniałem dodać" jest przycisk "edytuj" a nie piszesz post pod postem.
Teraz tak
Wytnij klucz HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2
Usuń z wszelakich pendrivów pliki
G:\ntde1ect.com
H:\ntde1ect.com
J:\ntde1ect.com
Jak gdzieś na dysu odnajdziesz plik ntde1ect.com - skasuj (tylko uważaj bo systemowy ma bardzo podobna nazwę - róznią się jedna literką ntde[b][color=red]t[/color][/b]ect.com i ntde[color=red][b]1[/b][/color]ect.com - ten z t jest OK)
Skasuj pliki w trybie awaryjnym
C:\WINDOWS\system32\is-NI3CD.tmp
C:\WINDOWS\isRS-000.tmp
C:\WINDOWS\system32\superiorads-uninst.exe
C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe
Usuń klucz HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C17E102B-BD29-4e92-B699-1A21D2CB8E6C} i plik C:\WINDOWS\system32\mysidesearch_sidebar.dll
Pokaz potem loga combofixa i hijacka
Aj jeszcze zapomniałem dodać że teraz działa wszystko OK :)
Przejechałem ComboFix'em i oto Log , wszystko jest OK??
ComboFix 08-03-26.1 - Stefan 2008-03-27 16:22:44.1 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.321 [GMT 1:00]
Running from: C:\Documents and Settings\Stefan\Pulpit\ComboFix.exe
* Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Autorun.inf
C:\Documents and Settings\Stefan\Dane aplikacji\urlredir.cfg
C:\WINDOWS\system32\dcads-remove.exe
C:\WINDOWS\system32\dcads_sidebar.dll
C:\WINDOWS\system32\dcads_sidebar_uninstall.exe
C:\WINDOWS\system32\DcadsSocial-uninstall.exe
C:\WINDOWS\system32\iebrowserc.dll
C:\WINDOWS\system32\nsn37.dll
C:\WINDOWS\system32\sprt_ads.dll
D:\Autorun.inf
H:\Autorun.inf
I:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2008-02-27 to 2008-03-27 )))))))))))))))))))))))))))))))
.
2008-03-27 14:56 . 2008-03-27 14:56 819,200 --a------ C:\WINDOWS\isRS-000.tmp
2008-03-27 14:56 . 2006-09-24 16:11 389,120 --a------ C:\WINDOWS\system32\is-NI3CD.tmp
2008-03-27 14:56 . 2001-02-25 02:19 287,744 --a------ C:\WINDOWS\system32\divxa32.acm
2008-03-27 14:55 . 2007-12-04 02:33 682,496 --a------ C:\WINDOWS\system32\divx.dll
2008-03-27 14:55 . 2007-12-24 13:49 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-03-27 14:55 . 2007-07-10 17:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-03-27 14:16 . 2008-03-27 14:16 177 --a------ C:\ioSpecial.ini
2008-03-27 13:13 . 2008-03-27 13:13 d-------- C:\Documents and Settings\Stefan\Dane aplikacji\Nokia Multimedia Player
2008-03-27 13:03 . 2008-03-27 13:03 d-------- C:\Program Files\Any Video Converter
2008-03-27 13:03 . 2008-03-27 13:03 d-------- C:\Documents and Settings\Stefan\Dane aplikacji\Any Video Converter
2008-03-27 09:19 . 2008-03-27 09:19 d-------- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth
2008-03-27 09:07 . 2004-08-04 00:44 91,136 --a------ C:\WINDOWS\system32\drivers\kswdmcap.ax
2008-03-27 09:07 . 2004-08-04 00:44 61,952 --a------ C:\WINDOWS\system32\drivers\kstvtune.ax
2008-03-27 09:07 . 2004-08-04 00:44 54,784 --a------ C:\WINDOWS\system32\drivers\vfwwdm32.dll
2008-03-27 09:07 . 2004-08-04 00:44 43,008 --a------ C:\WINDOWS\system32\drivers\ksxbar.ax
2008-03-27 09:07 . 2004-08-04 00:44 28,672 --a------ C:\WINDOWS\system32\drivers\vidcap.ax
2008-03-27 01:10 . 2008-03-27 01:10 d-------- C:\Documents and Settings\Stefan\Dane aplikacji\Toshiba
2008-03-26 19:42 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-03-26 19:42 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-03-26 19:42 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-03-26 19:42 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-03-26 19:33 . 2008-03-26 19:33 d-------- C:\Program Files\Common Files\PCSuite
2008-03-26 19:33 . 2008-03-26 19:33 d-------- C:\Program Files\Common Files\Nokia
2008-03-26 15:34 . 2008-03-26 15:34 d-------- C:\Program Files\NSS
2008-03-26 15:34 . 2006-08-29 15:56 32,377 --a------ C:\WINDOWS\system32\drivers\prodigy.sys
2008-03-25 03:38 . 2008-03-25 15:50 38 --a------ C:\WINDOWS\avisplitter.INI
2008-03-24 17:19 . 2008-03-24 17:19 d-------- C:\Program Files\Smallvideosoft
2008-03-24 17:19 . 2007-03-01 04:18 4,762,112 --a------ C:\WINDOWS\system32\NCMedia.dll
2008-03-24 17:19 . 2007-02-25 15:36 383,238 --a------ C:\WINDOWS\system32\libmp3lame-0.dll
2008-03-18 13:19 . 2008-03-18 13:19 153,600 --a------ C:\WINDOWS\system32\mysidesearch_sidebar.dll
2008-03-17 16:06 . 2008-03-17 16:06 d-------- C:\Documents and Settings\Stefan\Dane aplikacji\Orbit
2008-03-14 00:46 . 2008-03-14 00:46 d-------- C:\Documents and Settings\Stefan\Dane aplikacji\Media Player Classic
2008-03-14 00:45 . 2008-03-14 00:45 d-------- C:\Program Files\K-Lite Codec Pack
2008-03-09 20:35 . 2008-03-09 20:35 d--hs---- C:\FOUND.009
2008-03-08 19:36 . 2007-03-04 13:55 1,936,528 --a------ C:\WINDOWS\system32\ltmm15.dll
2008-03-08 19:36 . 2008-03-08 19:35 737,280 --a------ C:\WINDOWS\iun6002.exe
2008-03-08 19:36 . 2007-03-04 13:55 135,168 --a------ C:\WINDOWS\system32\DSKernel2.dll
2008-03-08 17:58 . 2008-03-08 17:58 d-------- C:\Program Files\Replay Converter
2008-03-08 17:27 . 2008-03-08 17:27 d-------- C:\Documents and Settings\Stefan\Dane aplikacji\GetRightToGo
2008-03-08 01:14 . 2008-03-08 01:14 d-------- C:\Program Files\RADVideo
2008-03-06 02:51 . 2001-10-26 17:29 99,328 --a------ C:\WINDOWS\system32\srusd.dll
2008-03-06 02:51 . 2001-10-26 17:29 99,328 --a------ C:\WINDOWS\system32\dllcache\srusd.dll
2008-03-06 02:51 . 2001-10-26 17:29 71,680 --a------ C:\WINDOWS\system32\fnfilter.dll
2008-03-06 02:51 . 2001-10-26 17:29 71,680 --a------ C:\WINDOWS\system32\dllcache\fnfilter.dll
2008-03-06 02:51 . 2001-10-26 17:05 6,912 --a------ C:\WINDOWS\system32\drivers\serscan.sys
2008-03-06 02:51 . 2001-10-26 17:05 6,912 --a------ C:\WINDOWS\system32\dllcache\serscan.sys
2008-03-04 13:47 . 2008-03-04 13:47 d--hs---- C:\FOUND.008
2008-03-03 14:41 . 2008-03-03 14:41 d-------- C:\Program Files\eSkiMoS R2
2008-03-03 14:41 . 2008-03-03 14:41 d-------- C:\Documents and Settings\Stefan\Dane aplikacji\eSkiMoS R2
2008-03-02 23:48 . 2008-03-02 23:48 d-------- C:\Program Files\Picasa2
2008-03-02 23:48 . 2008-03-02 23:48 d-------- C:\Program Files\Google
2008-02-28 18:39 . 2008-02-28 18:39 d-------- C:\Program Files\MarBit
2008-02-28 18:35 . 2008-02-28 18:35 116 -r-hs---- C:\WINDOWS\PCGWIN32.LI3
2008-02-28 18:34 . 2008-02-28 18:34 d-------- C:\WINDOWS\speech
2008-02-28 18:34 . 2008-02-28 18:34 d-------- C:\Program Files\ivo
2008-02-28 18:32 . 2008-02-28 18:32 d-------- C:\Program Files\Sensory
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-19 13:16 84,729 ----a-w C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe
2008-03-13 11:43 40,730 ----a-w C:\WINDOWS\system32\superiorads-uninst.exe
2008-02-17 21:09 --------- d-----w C:\Program Files\iPlus
2008-02-17 20:24 --------- d-----w C:\Program Files\WinPcap
2008-02-17 20:23 --------- d-----w C:\Documents and Settings\Stefan\Dane aplikacji\iPlus
2008-02-13 21:56 --------- d-----w C:\Program Files\FlashGet
2008-02-11 12:54 --------- d-----w C:\Program Files\MSXML 4.0
2008-02-10 22:37 2,321,280 ----a-w C:\WINDOWS\system32\TUKernel.exe
2008-02-07 17:46 691,545 ----a-w C:\WINDOWS\unins000.exe
2008-02-07 12:14 --------- d-----w C:\Program Files\iolo
2008-02-04 23:01 --------- d-----w C:\Program Files\Volleyball Manager 2007
2008-02-03 13:25 --------- d-----w C:\Program Files\SDP Multimedia
2008-01-10 12:16 159,839 ----a-w C:\WINDOWS\system32\xvidvfw.dll
2008-01-10 12:15 755,027 ----a-w C:\WINDOWS\system32\xvidcore.dll
2007-10-31 23:02 24,192 ----a-w C:\Documents and Settings\Stefan\usbsermptxp.sys
2007-10-31 23:02 22,768 ----a-w C:\Documents and Settings\Stefan\usbsermpt.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C17E102B-BD29-4e92-B699-1A21D2CB8E6C}]
2008-03-18 13:19 153600 --a------ C:\WINDOWS\system32\mysidesearch_sidebar.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2007-07-09 08:39 2119104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2006-10-14 02:37 110592]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-30 13:49 16269312 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe]
"Wireless Console 2"="C:\Program Files\Wireless Console 2\wcourier.exe" [2005-10-17 17:09 987136]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 05:02 786521]
"Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 18:01 90112]
"Control Center"="C:\Program Files\ASUS\WLAN Card Utilities\Center.exe" [2006-11-10 17:11 1725440]
"SMSERIAL"="C:\WINDOWS\sm56hlpr.exe" [2006-03-21 07:54 544768]
"iPlusManager"="C:\Program Files\iPlus\iPlusChecker.exe" [2008-01-03 10:59 389120]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088]
C:\Documents and Settings\All Users\Menu Start\Programy\AutostartKalendarz XP.lnk - C:\Program Files\Kalendarz XP\Kalendarz.exe [2007-09-23 10:02:35 882176]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoLowDiscSpaceChecks"= 000000000000f03f
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\BearShare\\BearShare.exe"=
"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8461:TCP"= 8461:TCP:GoD High Port
"8462:TCP"= 8462:TCP:GoD Low Port
"4662:TCP"= 4662:TCP:TCP
R2 edgesrv;EDGE helper;C:\Program Files\EDGE Dialer\edgesrv.exe [2006-12-07 15:45]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2006-03-02 14:00]
R3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\system32\ASNDIS5.SYS [2002-09-09 19:54]
R3 RTSTOR;USB Mass Stroage Device;C:\WINDOWS\system32\drivers\RTSTOR.SYS [2006-06-10 00:07]
R3 SynMini;USB2.0 1.3M WebCam;C:\WINDOWS\system32\Drivers\SynMini.sys [2006-08-08 23:15]
R3 SynScan;USB2.0 1.3M WebCam Still Image;C:\WINDOWS\system32\Drivers\SynScan.sys [2006-08-08 23:15]
R3 usbstor;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-03-02 14:00]
S3 AtcL002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\atl02_xp.sys [2006-08-13 20:40]
S3 ATE_PROCMON;ATE_PROCMON;C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 ipswuio;ipswuio;C:\WINDOWS\system32\DRIVERS\ipswuio.sys [2006-01-24 10:45]
S3 motccgp;Motorola USB Composite Device Driver;C:\WINDOWS\system32\DRIVERS\motccgp.sys [2007-06-18 15:19]
S3 motccgpfl;MotCcgpFlService;C:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2007-01-22 19:33]
S3 MotDev;Motorola Inc. USB Device;C:\WINDOWS\system32\DRIVERS\motodrv.sys [2007-05-07 15:11]
S3 PRODIGY;PRODIGY;C:\WINDOWS\system32\Drivers\PRODIGY.SYS [2006-08-29 15:56]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ea19388-61f3-11dc-88b6-001bfcde5481}]
\Shell\AutoRun\command - ntde1ect.com
\Shell\explore\Command - ntde1ect.com
\Shell\open\Command - ntde1ect.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ea19389-61f3-11dc-88b6-001bfcde5481}]
\Shell\AutoRun\command - ntde1ect.com
\Shell\explore\Command - ntde1ect.com
\Shell\open\Command - ntde1ect.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{24e9a7c6-706c-11dc-88d8-edb06563b5cb}]
\Shell\AutoRun\command - H:\ntde1ect.com
\Shell\explore\Command - H:\ntde1ect.com
\Shell\open\Command - H:\ntde1ect.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ab81c2c-5fd2-11dc-88ac-806d6172696f}]
\Shell\AutoRun\command - ntde1ect.com
\Shell\explore\Command - ntde1ect.com
\Shell\open\Command - ntde1ect.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d28a218-e7df-11dc-8948-efa9fa2f989c}]
\Shell\AutoRun\command - J:\y82td3td.com
\Shell\explore\Command - J:\y82td3td.com
\Shell\open\Command - J:\y82td3td.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84047c7e-cb8c-11dc-892b-fe69885e54d5}]
\Shell\AutoRun\command - H:\ntde1ect.com
\Shell\explore\Command - H:\ntde1ect.com
\Shell\open\Command - H:\ntde1ect.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5050e76-bb23-11dc-8923-bdd4d720069d}]
\Shell\AutoRun\command - G:\ntde1ect.com
\Shell\explore\Command - G:\ntde1ect.com
\Shell\open\Command - G:\ntde1ect.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a73f7ed8-7cad-11dc-88ea-b833b03b6ed4}]
\Shell\AutoRun\command - G:\ntde1ect.com
\Shell\explore\Command - G:\ntde1ect.com
\Shell\open\Command - G:\ntde1ect.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae7e2166-7417-11dc-88de-e24056364df3}]
\Shell\AutoRun\command - G:\ntde1ect.com
\Shell\explore\Command - G:\ntde1ect.com
\Shell\open\Command - G:\ntde1ect.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1d6424c-6529-11dc-88bd-001bfcde5481}]
\Shell\AutoRun\command - G:\ntde1ect.com
\Shell\explore\Command - G:\ntde1ect.com
\Shell\open\Command - G:\ntde1ect.com
*Newly Created Service* - ASNDIS5
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {857D4360-762B-978B-76AD-491AA719E47A} /qb
.
Contents of the 'Scheduled Tasks' folder
"2008-03-21 16:30:20 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-27 16:24:19
Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-03-27 16:24:34
ComboFix-quarantined-files.txt 2008-03-27 15:24:32
Pre-Run: 23,061,594,112 bajtów wolnych
Post-Run: 23,054,745,600 bajtów wolnych
.
2008-02-11 13:02:21 --- E O F ---
Dział bezpieczeństwo - bieżaca strona - jest jeden podobny temat.
Strona 1 / 1