wybierz program do otwarcia pliku... ?

Witam Mam taki problem: nie mogę wejść w zawartość dysków ("C", "D", czasami inne zewnętrzne). Po kliknięciu na ikonę dysku pojawia się okno "wybierz program za pomocą którego chcesz otworzyć ten plik...". Zupełnie nie wiem o co chodzi. Bardzo proszę o pomoc. Pozdrawiam.

Odpowiedzi: 6

Bardzo dziękuję za pomoc :)
ELKO-BIS
Dodano
20.03.2008 15:56:54
Nie pisz posta pod postem HIjack - starej wersji uzyłes - nic w nim nie widac Skasuj klucz HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2 - obuduje się sam Sprawdź czy nigdzie nie masz plików activexdebugger32.exe i xp19.com na dysku - jak masz rźnij bez litości Z pendrivów które masz usuń (ale nie wtykaj ich przed wyłączeniem autoodtwarzania na nich - np za pomocą TweakUI) F:\3wcxx91.cmd F:\xp19.com F:\32e2.com
Żółty
Dodano
19.03.2008 21:51:22
... i jeszcze log Hijacka, bo też wygląda podejrzanie: Logfile of HijackThis v1.98.2 Scan saved at 15:22:24, on 2008-03-19 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$INSERTGT\Binn\sqlservr.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ATK0100\HControl.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\sm56hlpr.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\Wireless Console 2\wcourier.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\iPlus\iPlusChecker.exe C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\PROGRA~1\MOZILL~1\FIREFOX.EXE D:\Programy\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ingbank.pl/u235/navi/31264/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1 O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [iPlusManager] C:\Program Files\iPlus\iPlusChecker.exe O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Utwórz łącze Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab O16 - DPF: {4723200F-7E63-423B-8FE3-6969DCEDC2D0} (EcodInitializerControl.EcodInitCtl) - https://www.ecod.pl/webapp/EcodInit.cab O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} (Instalator oprogramowania Onet.pl) - http://slimak.onet.pl/_m/kamerzysta/OnetInstalator012s.ocx O16 - DPF: {A7E929B7-AE94-4C38-9BD2-FF77237BCA97} (ECODFakturaCtl.ECODFaktura) - https://www.ecod.pl/webapp/ecodfaktura.cab O16 - DPF: {AF37AC44-CDB9-494B-887F-AD1972C2507A} (ECODPotwierdzenieCtl.ECODPotwierdzenie) - https://www.ecod.pl/webapp/ecodpotwierdzenie.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll pozdrawiam
ELKO-BIS
Dodano
19.03.2008 16:23:19
Witam znów Znalazłem problem we wcześniejszym temacie i zadziałałem zgodnie z poradą. Problem "prawie" zniknął. Potraktowałem sprzęt Combofixem, i mam możliwość wejść na dysk, ale nie z dwukliku, bo wtedy otwiera się okno "wyszukaj....." Jak mogę to zmienić ? Poniżej przedstawiam log z Combo do obejrzenia. Z góry dziękuję za pomoc. ComboFix 08-03-18.1 - Ja 2008-03-19 14:32:09.1 - [color=red][b]FAT32[/b][/color]x86 Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.185 [GMT 1:00] Running from: C:\Documents and Settings\Ja\Pulpit\ComboFix.exe * Created a new restore point [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Autorun.inf C:\WINDOWS\hosts C:\WINDOWS\system32\lsprst7.dll C:\WINDOWS\system32\nsprs.dll C:\WINDOWS\system32\serauth1.dll C:\WINDOWS\system32\serauth2.dll C:\WINDOWS\system32\ssprs.dll D:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2008-02-19 to 2008-03-19 ))))))))))))))))))))))))))))))) . 2008-03-18 09:03 . 2008-03-18 09:02 691,545 --a------ C:\WINDOWS\unins001.exe 2008-03-18 09:03 . 2008-03-18 09:03 2,538 --a------ C:\WINDOWS\unins001.dat 2008-03-17 09:49 . 2008-03-17 09:49 d-------- C:\Program Files\Csgware 2008-03-17 09:17 . 2008-03-17 09:17 d-------- C:\Program Files\Juwentus 2008-03-13 07:48 . 2008-03-13 07:48 d-------- C:\Program Files\MSXML 6.0 2008-03-12 10:12 . 2008-03-12 10:12 775 --a------ C:\PlotandPublishLog.CSV 2008-03-12 10:04 . 2008-03-12 10:04 d-------- C:\Documents and Settings\Ja\Dane aplikacji\Autodesk 2008-03-12 10:03 . 2008-03-12 10:03 d-------- C:\Program Files\DWG TrueView 2008 2008-03-12 10:03 . 2008-03-12 10:03 d-------- C:\Program Files\Common Files\Autodesk Shared 2008-03-12 10:03 . 2008-03-12 10:03 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Autodesk 2008-03-12 09:58 . 2008-03-12 09:58 d-------- C:\install 2008-03-10 14:04 . 2008-03-10 14:04 d-------- C:\Program Files\Mio Technology 2008-03-07 09:22 . 2008-03-07 09:22 d-------- C:\WINDOWS\Cache 2008-02-29 15:01 . 2008-02-29 15:09 725 --a------ C:\Rysunek1.htm 2008-02-29 15:00 . 2008-02-29 15:00 d-------- C:\Rysunek1 2008-02-28 15:28 . 2008-02-28 15:28 1,025 --a------ C:\WINDOWS\system32\sysprs7.tgz 2008-02-28 15:28 . 2008-02-28 15:28 1,025 --a------ C:\WINDOWS\system32\sysprs7.dll 2008-02-28 15:28 . 2008-02-28 15:28 219 --a------ C:\WINDOWS\system32\lsprst7.tgz 2008-02-28 15:28 . 2008-02-28 15:29 16 ---h----- C:\WINDOWS\system32\servdat.slm 2008-02-28 15:23 . 2008-02-28 15:23 1,024 --a------ C:\WINDOWS\system32\clauth2.dll 2008-02-28 15:23 . 2008-02-28 15:23 1,024 --a------ C:\WINDOWS\system32\clauth1.dll 2008-02-28 15:23 . 2008-02-28 15:28 14 --a------ C:\WINDOWS\system32\ssprs.tgz 2008-02-28 15:23 . 2008-02-28 15:23 0 --a------ C:\WINDOWS\system32\nsprs.tgz 2008-02-28 15:20 . 2008-02-28 15:20 d-------- C:\Program Files\SPSS . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-16 15:31 --------- d-----w C:\Program Files\Common Files\HP 2008-02-16 14:49 --------- d-----w C:\DOCUME~1\ALLUSE~1\DANEAP~1\WEBREG 2008-02-15 15:11 --------- d-----w C:\DOCUME~1\ALLUSE~1\DANEAP~1\HPSSUPPLY 2008-02-15 15:09 --------- d-----w C:\DOCUME~1\ALLUSE~1\DANEAP~1\HP 2008-02-15 15:08 --------- d-----w C:\DOCUME~1\ALLUSE~1\DANEAP~1\zvprt50 2008-02-15 12:29 --------- d-----w C:\Documents and Settings\Ja\Dane aplikacji\progeSOFT 2008-02-06 08:40 --------- d-----w C:\Program Files\Platan 2008-01-11 05:41 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll 2007-12-19 22:58 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 13:00 15360] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208] "updateMgr"="c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [ ] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-27 01:54 1211176] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2006-04-17 05:24 110592] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-02-06 19:39 94208] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-02-06 19:36 77824] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-02-06 19:40 118784] "SMSERIAL"="sm56hlpr.exe" [2006-01-19 23:34 544768 C:\WINDOWS\sm56hlpr.exe] "RTHDCPL"="RTHDCPL.EXE" [2006-01-11 04:23 15961088 C:\WINDOWS\RTHDCPL.exe] "ASUS Live Update"="C:\Program Files\ASUS\ASUS Live Update\ALU.exe" [2006-02-21 15:20 180224] "Wireless Console 2"="C:\Program Files\Wireless Console 2\wcourier.exe" [2005-10-17 17:09 987136] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-10-21 02:26 761945] "ABLKSR"="C:\WINDOWS\ABLKSR\ABLKSR.exe" [2006-01-02 21:14 61440] "RemoteControl"="C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [2005-01-12 03:01 32768] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 16:40 155648] "Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2006-03-06 17:13 86016] "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-02-28 14:25 667718] "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-02-28 14:25 602182] "EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [2006-02-28 14:29 569413] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-01-23 11:19 223232] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09 63712] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 10:00 267064] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "iPlusManager"="C:\Program Files\iPlus\iPlusChecker.exe" [2006-08-28 11:30 274432] "ToolBoxFX"="C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2007-07-30 10:36 53248] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 13:00 15360] "PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 17:15 1634304] C:\DOCUME~1\ALLUSE~1\MENUST~1\Programy\AUTOST~1ASUS ChkMail.lnk - C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe [2006-10-16 15:49:01 32768] Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2005-06-16 11:11:42 49152] Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 16:23:32 74308] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Gadu-Gadu\\gg.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Kazaa Lite Rewolucja\\kazaalite.kpp"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\WINDOWS\\System32\\spool\\drivers\\w32x86\\3\\HP1005MC.EXE"= "C:\\Program Files\\HP\\hp laserjet m2727\\Fax Config utility0.exe"= "C:\\Program Files\\HP\\hp laserjet m2727\\hppfaxnc0.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1225:UDP"= 1225:UDP:subiekt "1084:TCP"= 1084:TCP:subiekt. "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "1225:TCP"= 1225:TCP:x R2 Kmm4xNT;Kmm4xNT;C:\WINDOWS\system32\drivers\Kmm4xNT.sys [1999-10-01 13:13] R2 MSSQL$INSERTGT;MSSQL$INSERTGT;C:\Program Files\Microsoft SQL Server\MSSQL$INSERTGT\Binn\sqlservr.exe [2002-12-17 16:26] S3 SQLAgent$INSERTGT;SQLAgent$INSERTGT;C:\Program Files\Microsoft SQL Server\MSSQL$INSERTGT\Binn\sqlagent.EXE [2002-12-17 16:23] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2f196040-6aa2-11db-a5fd-806d6172696f}] \Shell\AutoRun\command - xp19.com \Shell\explore\Command - xp19.com \Shell\open\Command - xp19.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2f196041-6aa2-11db-a5fd-806d6172696f}] \Shell\AutoRun\command - xp19.com \Shell\explore\Command - xp19.com \Shell\open\Command - xp19.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82d360e6-6d9a-11db-a616-0018f371e8f3}] \Shell\AutoRun\command - F:\3wcxx91.cmd \Shell\explore\Command - F:\3wcxx91.cmd \Shell\open\Command - F:\3wcxx91.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3ac5376-f3f9-11dc-a8ef-0018f371e8f3}] \Shell\AutoRun\command - F:\xp19.com \Shell\explore\Command - F:\xp19.com \Shell\open\Command - F:\xp19.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c20f358e-f105-11db-a727-0018de63f9e0}] \Shell\Auto\command - activexdebugger32.exe f \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL activexdebugger32.exe f \Shell\explore\Command - activexdebugger32.exe f \Shell\open\Command - activexdebugger32.exe f [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f6310197-9d7a-11dc-a868-0018f371e8f3}] \Shell\AutoRun\command - F:\32e2.com \Shell\explore\Command - F:\32e2.com \Shell\open\Command - F:\32e2.com . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-19 14:34:23 Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-03-19 14:34:43 ComboFix-quarantined-files.txt 2008-03-19 13:34:40 . 2008-03-13 06:48:13 --- E O F ---
ELKO-BIS
Dodano
19.03.2008 16:20:34
Temat zabieram do działu Bezpieczeństwo - bo to syfa wina jest.
Żółty
Dodano
19.03.2008 14:37:31
niedawno ktoś przedstawił taki problem... wystarczy poszukać!
domin45670
Dodano
19.03.2008 14:17:26
ELKO-BIS
Dodano:
19.03.2008 12:12:21
Komentarzy:
6
Strona 1 / 1