- Forum komputerowe
- → Przeglądanie profilu: Posty: piter23
Moja zawartośćStatystyki
- Grupa: Użytkownik
- Całość postów: 3
- Odwiedzin: 706
- Tytuł: Nowy
- Wiek: Wiek nie został ustalony
- Urodziny: Data urodzin nie została podana
-
Płeć
Nie podano
0
Neutralna
Znajomi
piter23 nie posiada znajomych
Ostatnio byli
-
toska
gru 10 2007 - 20:02
Moje posty
W temacie: problem z wejściem na partycję w win XP
09 12 2007 - 23:03
Statbar to pasek narzedzi, soltek moja płyta główna, więc pewnie jakiś jej soft, trzeciego nie znam, pewnie jakiś syf do kasacji.
W temacie: problem z wejściem na partycję w win XP
09 12 2007 - 21:48
Wielkie dzieki! Program usunął problem. Wklejam loga, jeśli jest coś jeszcze do załatania?
ComboFix 07-12-09.1 - piter 2000-12-09 20:50:57.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.180 [GMT 1:00]
Running from: E:\Program Files\Opera\profile\cache4\temporary_download\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\autorun.ini
D:\Autorun.inf
E:\Autorun.inf
F:\auto.exe
F:\Autorun.inf
G:\auto.exe
G:\Autorun.inf
H:\auto.exe
H:\Autorun.inf
I:\auto.exe
I:\Autorun.inf
J:\Autorun.inf
K:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2007-11-09 to 2007-12-09 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2005-05-11 22:36 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
2000-12-09 16:59 96,374 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\firstlsp.reg.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StatBar"="J:\Program Files\Globe Software\StatBar\StatBar.exe" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 00:55]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdReg"="C:\WINDOWS\Updreg.exe" [2000-05-11 01:00]
"AHQInit"="C:\Program Files\Creative\SBLive\Program\AHQInit.exe" [2001-05-10 18:49]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 21:05]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 16:40]
"Soltek"="C:\WINDOWS\system32\autorun.exe" [2001-10-30 08:00]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12]
"WinFastDTV"="C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" [2007-02-12 18:16]
"WinFast Schedule"="C:\Program Files\WinFast\WFDTV\WFWIZ.exe" [2007-02-12 16:22]
"AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 15:53]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exe" [2007-04-02 10:35]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 22:44]
C:\DOCUME~1\ALLUSE~1\Menu Start\Programy\Autostart\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26]
HP Image Zone - szybkie uruchamianie.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-12 00:49:24]
Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe [2007-10-06 22:10:50]
R0 hotcore3;hotcore3;C:\WINDOWS\system32\drivers\hotcore3.sys
R1 Uim_IM;UIM Drive Backup Image Plugin;C:\WINDOWS\system32\Drivers\Uim_IM.sys
R1 UimBus;Universal Image Mounter Controller;C:\WINDOWS\system32\DRIVERS\UimBus.sys
R2 AntiVirMailService;AntiVir PersonalEdition Premium MailGuard;"C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe"
R2 AVEService;AntiVir PersonalEdition Premium MailGuard helper service;"C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe"
R2 CX23880;WinFast CX2388x WDM Video Capture.;C:\WINDOWS\system32\drivers\cx88vid.sys
R2 CXAVXBAR;WinFast CX2388x WDM Crossbar.;C:\WINDOWS\system32\drivers\cxavxbar.sys
R2 CXTUNE;WinFast CX2388x WDM TVTuner.;C:\WINDOWS\system32\drivers\CX88TUNE.sys
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys
R3 WFIOCTL;WFIOCTL;\??\C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS
S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\C:\WINDOWS\system32\ZDCndis5.SYS
S3 ZDPNDIS5;ZDPNDIS5 NDIS Protocol Driver;\??\C:\WINDOWS\system32\ZDPNDIS5.SYS
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\Auto\command - auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\Auto\command - auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
\Shell\open\ComMand - E:\soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af451-7446-11dc-9fce-806d6172696f}]
\Shell\AutoRun\command - L:\cda_menu.exe
\Shell\install\command - L:\Setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af453-7446-11dc-9fce-806d6172696f}]
\Shell\Auto\command - auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
\Shell\open\ComMand - E:\soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af454-7446-11dc-9fce-806d6172696f}]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af455-7446-11dc-9fce-806d6172696f}]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af456-7446-11dc-9fce-806d6172696f}]
\Shell\Auto\command - auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af457-7446-11dc-9fce-806d6172696f}]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af458-7446-11dc-9fce-806d6172696f}]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af459-7446-11dc-9fce-806d6172696f}]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af45a-7446-11dc-9fce-806d6172696f}]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
*Newly Created Service* - SSMDRV
.
Contents of the 'Scheduled Tasks' folder
"2007-10-06 20:51:04 C:\WINDOWS\Tasks\WebReg psc 1500 series.job"
- C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe
.
**************************************************************************
catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-09 20:54:06
Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
StatBar = J:\Program Files\Globe Software\StatBar\StatBar.exe????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-09 20:55:03
.
--- E O F ---
ComboFix 07-12-09.1 - piter 2000-12-09 20:50:57.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.180 [GMT 1:00]
Running from: E:\Program Files\Opera\profile\cache4\temporary_download\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\autorun.ini
D:\Autorun.inf
E:\Autorun.inf
F:\auto.exe
F:\Autorun.inf
G:\auto.exe
G:\Autorun.inf
H:\auto.exe
H:\Autorun.inf
I:\auto.exe
I:\Autorun.inf
J:\Autorun.inf
K:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2007-11-09 to 2007-12-09 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2005-05-11 22:36 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
2000-12-09 16:59 96,374 ----a-w C:\Documents and Settings\All Users\Dane aplikacji\firstlsp.reg.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StatBar"="J:\Program Files\Globe Software\StatBar\StatBar.exe" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 00:55]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdReg"="C:\WINDOWS\Updreg.exe" [2000-05-11 01:00]
"AHQInit"="C:\Program Files\Creative\SBLive\Program\AHQInit.exe" [2001-05-10 18:49]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 21:05]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2006-01-12 16:40]
"Soltek"="C:\WINDOWS\system32\autorun.exe" [2001-10-30 08:00]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12]
"WinFastDTV"="C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" [2007-02-12 18:16]
"WinFast Schedule"="C:\Program Files\WinFast\WFDTV\WFWIZ.exe" [2007-02-12 16:22]
"AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 15:53]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exe" [2007-04-02 10:35]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 22:44]
C:\DOCUME~1\ALLUSE~1\Menu Start\Programy\Autostart\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26]
HP Image Zone - szybkie uruchamianie.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-05-12 00:49:24]
Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe [2007-10-06 22:10:50]
R0 hotcore3;hotcore3;C:\WINDOWS\system32\drivers\hotcore3.sys
R1 Uim_IM;UIM Drive Backup Image Plugin;C:\WINDOWS\system32\Drivers\Uim_IM.sys
R1 UimBus;Universal Image Mounter Controller;C:\WINDOWS\system32\DRIVERS\UimBus.sys
R2 AntiVirMailService;AntiVir PersonalEdition Premium MailGuard;"C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe"
R2 AVEService;AntiVir PersonalEdition Premium MailGuard helper service;"C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe"
R2 CX23880;WinFast CX2388x WDM Video Capture.;C:\WINDOWS\system32\drivers\cx88vid.sys
R2 CXAVXBAR;WinFast CX2388x WDM Crossbar.;C:\WINDOWS\system32\drivers\cxavxbar.sys
R2 CXTUNE;WinFast CX2388x WDM TVTuner.;C:\WINDOWS\system32\drivers\CX88TUNE.sys
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys
R3 WFIOCTL;WFIOCTL;\??\C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS
S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\C:\WINDOWS\system32\ZDCndis5.SYS
S3 ZDPNDIS5;ZDPNDIS5 NDIS Protocol Driver;\??\C:\WINDOWS\system32\ZDPNDIS5.SYS
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\Auto\command - auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\Auto\command - auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
\Shell\open\ComMand - E:\soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af451-7446-11dc-9fce-806d6172696f}]
\Shell\AutoRun\command - L:\cda_menu.exe
\Shell\install\command - L:\Setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af453-7446-11dc-9fce-806d6172696f}]
\Shell\Auto\command - auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
\Shell\open\ComMand - E:\soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af454-7446-11dc-9fce-806d6172696f}]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af455-7446-11dc-9fce-806d6172696f}]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af456-7446-11dc-9fce-806d6172696f}]
\Shell\Auto\command - auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af457-7446-11dc-9fce-806d6172696f}]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af458-7446-11dc-9fce-806d6172696f}]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af459-7446-11dc-9fce-806d6172696f}]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{427af45a-7446-11dc-9fce-806d6172696f}]
\Shell\AutoRun\command - soS.Exe
\Shell\open\ComMand - soS.Exe
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
*Newly Created Service* - SSMDRV
.
Contents of the 'Scheduled Tasks' folder
"2007-10-06 20:51:04 C:\WINDOWS\Tasks\WebReg psc 1500 series.job"
- C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe
.
**************************************************************************
catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-09 20:54:06
Windows 5.1.2600 Dodatek Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
StatBar = J:\Program Files\Globe Software\StatBar\StatBar.exe????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-09 20:55:03
.
--- E O F ---
- Forum Komputerowe Tweaks.pl
- → Przeglądanie profilu: Posty: piter23
- Polityka prywatności
- Szukaj
- Regulamin Forum ·
