Pendrive się nie otwiera

roofi · 6 Listopad 2008 19:29

Mam problem z pendrivem otóż chodzi o to, że jeśli próbuje otworzyć pendriva to otwiera mi się okienko “otwórz za pomocą” a nie otwiera mi się zawartość pendriva

Proszę o pomoc

Olcia · 7 Listopad 2008 15:14

roofi , daj logi z HijackThis i Combofix.

roofi · 7 Listopad 2008 20:31

Przesyłam log z Combofixa

ComboFix 08-11-07.01 - Radek 2008-11-07 21:18:42.1 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1045.18.127 [GMT 1:00] Uruchomiony z: c:\documents and settings\Radek\Pulpit\ComboFix.exe UWAGA - TEN KOMPUTER NIE MA ZAINSTALOWANEJ KONSOLI ODZYSKIWANIA . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Altnet c:\program files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab.cab (incomplete) c:\program files\MyWay c:\program files\MyWay\myBar\History\search c:\program files\MyWay\myBar\Settings\prevcfg.htm c:\program files\Need2Find c:\windows\cdmxtras E:\Autorun.inf . ((((((((((((((((((((((((( Pliki utworzone od 2008-10-07 do 2008-11-07 ))))))))))))))))))))))))))))))) . 2008-11-07 19:32 . 2008-11-07 19:32 2008-11-06 11:52 . 2006-09-07 15:51 49,265 --a------ c:\windows\system32\jpicpl32.cpl 2008-11-06 08:36 . 2008-11-06 08:35 410,976 --a------ c:\windows\system32\deploytk.dll 2008-11-04 19:28 . 2008-11-04 19:28 2008-11-04 19:28 . 2008-11-04 19:28 2008-11-04 19:28 . 2008-11-04 19:28 2008-11-04 19:19 . 2008-11-04 19:19 2008-11-04 18:56 . 2008-11-04 18:56 2008-11-04 15:29 . 2006-03-02 14:00 184,137 --------- c:\windows\system32\dllcache\compact.wmz 2008-11-04 15:29 . 2006-03-02 14:00 9,585 --------- c:\windows\system32\dllcache\controls.css 2008-11-04 15:29 . 2006-03-02 14:00 5,971 --------- c:\windows\system32\dllcache\events.js 2008-11-04 15:29 . 2006-03-02 14:00 999 --------- c:\windows\system32\dllcache\bktrh.gif 2008-11-04 15:29 . 2006-03-02 14:00 773 --------- c:\windows\system32\dllcache\cnth.gif 2008-11-04 15:29 . 2006-03-02 14:00 773 --------- c:\windows\system32\dllcache\cnt.gif 2008-11-04 15:29 . 2006-03-02 14:00 772 --------- c:\windows\system32\dllcache\cntd.gif 2008-11-04 15:29 . 2006-03-02 14:00 760 --------- c:\windows\system32\dllcache\cloapph.gif 2008-11-04 15:29 . 2006-03-02 14:00 717 --------- c:\windows\system32\dllcache\cloapp.gif 2008-10-24 17:52 . 2008-10-15 18:36 337,408 --------- c:\windows\system32\dllcache\netapi32.dll 2008-10-17 21:06 . 2008-08-14 15:26 2,190,464 --------- c:\windows\system32\dllcache\ntoskrnl.exe 2008-10-17 21:06 . 2008-08-14 15:26 2,146,816 --------- c:\windows\system32\dllcache\ntkrnlmp.exe 2008-10-17 21:06 . 2008-08-14 15:26 2,067,328 --------- c:\windows\system32\dllcache\ntkrnlpa.exe 2008-10-17 21:06 . 2008-08-14 15:26 2,025,472 --------- c:\windows\system32\dllcache\ntkrpamp.exe 2008-10-15 16:24 . 2008-09-08 12:41 333,824 --------- c:\windows\system32\dllcache\srv.sys 2008-10-15 16:14 . 2008-09-15 17:27 1,846,656 --------- c:\windows\system32\dllcache\win32k.sys 2008-10-07 17:36 . 2008-10-07 17:36 2008-10-07 17:36 . 2008-10-07 17:36 . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-03 18:26 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll 2008-09-28 20:46 --------- d-----w c:\program files\ESKK MemoPlus 2008-09-28 20:46 --------- d-----w c:\program files\ESKK InternetPlus 2008-09-25 18:12 --------- d-----w c:\program files\ToniArts 2008-09-20 20:08 --------- d-----w c:\program files\Common Files\xing shared 2008-09-20 20:07 499,712 ----a-w c:\windows\system32\msvcp71.dll 2008-09-20 20:07 --------- d-----w c:\program files\Real 2008-09-20 20:06 --------- d-----w c:\program files\Common Files\Real 2008-09-15 16:27 1,846,656 ----a-w c:\windows\system32\win32k.sys 2008-09-11 20:44 535,040 ----a-w c:\windows\flashax.exe 2008-09-11 20:44 12,288 ----a-w c:\windows\impborl.dll 2008-09-08 11:41 333,824 ----a-w c:\windows\system32\drivers\srv.sys 2008-08-27 10:27 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll 2008-08-26 09:27 826,368 ----a-w c:\windows\system32\wininet.dll 2008-08-26 09:27 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll 2008-08-26 09:27 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll 2008-08-26 09:27 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll 2008-08-26 09:27 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll 2008-08-26 09:27 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll 2008-08-26 09:27 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll 2008-08-26 09:27 233,472 ----a-w c:\windows\system32\dllcache\webcheck.dll 2008-08-26 09:27 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll 2008-08-26 09:27 105,984 ----a-w c:\windows\system32\dllcache\url.dll 2008-08-26 09:27 102,912 ----a-w c:\windows\system32\dllcache\occache.dll 2008-08-26 09:27 1,159,680 ----a-w c:\windows\system32\dllcache\urlmon.dll 2008-08-26 09:26 63,488 ------w c:\windows\system32\dllcache\icardie.dll 2008-08-26 09:26 44,544 ----a-w c:\windows\system32\dllcache\iernonce.dll 2008-08-26 09:26 384,512 ----a-w c:\windows\system32\dllcache\iedkcs32.dll 2008-08-26 09:26 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll 2008-08-26 09:26 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll 2008-08-26 09:26 27,648 ----a-w c:\windows\system32\dllcache\jsproxy.dll 2008-08-26 09:26 267,776 ------w c:\windows\system32\dllcache\iertutil.dll 2008-08-26 09:26 230,400 ----a-w c:\windows\system32\dllcache\ieaksie.dll 2008-08-26 09:26 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll 2008-08-26 09:26 153,088 ----a-w c:\windows\system32\dllcache\ieakeng.dll 2008-08-26 09:26 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll 2008-08-26 09:26 124,928 ----a-w c:\windows\system32\dllcache\advpack.dll 2008-08-25 09:42 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe 2008-08-25 09:38 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe 2008-08-23 06:56 635,848 ----a-w c:\windows\system32\dllcache\iexplore.exe 2008-08-23 06:54 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll 2008-08-14 14:26 2,190,464 ----a-w c:\windows\system32\ntoskrnl.exe 2008-08-14 14:26 2,067,328 ----a-w c:\windows\system32\ntkrnlpa.exe 2008-08-14 11:04 138,496 ------w c:\windows\system32\dllcache\afd.sys . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Gadu-Gadu”=“c:\program files\Gadu-Gadu\gg.exe” [2006-11-14 1849032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “MSConfig”=“c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe” [2008-04-14 171520] [HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2008-04-14 15360] c:\documents and settings\Radek\Menu Start\Programy\Autostart\ Stickies.lnk - c:\program files\Stickies\stickies.exe [2008-01-16 757760] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ QuickTV.lnk - c:\program files\AVerTV\QuickTV.exe [2005-10-30 393216] [HKLM~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^GlobeTrotter Connect.lnk] path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\GlobeTrotter Connect.lnk backup=c:\windows\pss\GlobeTrotter Connect.lnkCommon Startup [HKLM~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk] path=c:\documents and settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] NvQTwk [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2008-04-14 18:21 15360 c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu] --a------ 2006-11-14 11:12 1849032 c:\program files\Gadu-Gadu\gg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --------- 2008-04-14 18:21 1695232 c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2006-09-07 15:51 49263 c:\program files\Java\jre1.5.0_09\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2008-09-20 21:06 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] --a------ 2002-05-03 10:06 364544 c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] -ra------ 2001-05-29 11:02 124416 c:\windows\soundman.exe [HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] “%windir%\system32\sessmgr.exe”= “c:\WINDOWS\System32\LMabcoms.exe”= “c:\Program Files\WebServ\mysql\bin\WebServ(mysqld).exe”= “c:\Program Files\WebServ\apache2\bin\WebServ(apache).exe”= “c:\Program Files\Mozilla Firefox\firefox.exe”= “c:\usr\apache\Apache.exe”= “c:\usr\SMTP Server\localsrv.exe”= “%windir%\Network Diagnostic\xpnetdiag.exe”= R2 GtDetectSc;GtDetectSc;c:\program files\ERA\GlobeTrotter Connect\GtDetectSc.exe [2007-11-05 204915] R3 Cap7134;AVerMedia, AVerTV WDM Video Capture (Silicon);c:\windows\system32\DRIVERS\Cap7134.sys [2008-07-23 407072] R3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\DRIVERS\Gt51Ip.sys [2007-07-09 95744] R3 GT72UBUS;GT 72 U BUS;c:\windows\system32\DRIVERS\gt72ubus.sys [2007-06-26 51968] R3 GTPTSER;GT PT SER;c:\windows\system32\DRIVERS\gtptser.sys [2007-03-30 8064] R3 PhTVTune;Cap7134 TVTuner;c:\windows\system32\DRIVERS\PhTVTune.sys [2008-07-23 57152] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{537d8e50-58dc-11dd-aa5d-c0eed0713d44}] \Shell\AutoRun\command - G:\setup.exe AUTORUN=1 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{db848ae0-7bed-11dd-aac5-00f1d000f1d0}] \Shell\AutoRun\command - rthrw.com \Shell\explore\Command - rthrw.com \Shell\open\Command - rthrw.com *Newly Created Service* - PROCEXP90 . - - - - USUNIĘTO PUSTE WPISY - - - - MSConfigStartUp-AltnetPointsManager - c:\program files\altnet\points manager\points manager.exe MSConfigStartUp-ares - c:\program files\Ares\Ares.exe MSConfigStartUp-avgnt - c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe MSConfigStartUp-BearShare - c:\program files\BearShare\BearShare.exe MSConfigStartUp-DownloadAccelerator - c:\program files\DAP\DAP.EXE MSConfigStartUp-Trickler - c:\windows\temp\adware\fsg_4203.exe . ------- Skan uzupełniający ------- . FireFox -: Profile - c:\documents and settings\Radek\Dane aplikacji\Mozilla\Firefox\Profiles\qk5yqq19.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.conduit.com/ResultsExt.as … ource=3q= FF -: plugin - c:\program files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll FF -: plugin - c:\program files\Adobe\Acrobat 5.0\Reader\browser\nppdf32.dll FF -: plugin - c:\program files\Java\jre1.5.0_09\bin\NPJava11.dll FF -: plugin - c:\program files\Java\jre1.5.0_09\bin\NPJava12.dll FF -: plugin - c:\program files\Java\jre1.5.0_09\bin\NPJava13.dll FF -: plugin - c:\program files\Java\jre1.5.0_09\bin\NPJava14.dll FF -: plugin - c:\program files\Java\jre1.5.0_09\bin\NPJava32.dll FF -: plugin - c:\program files\Java\jre1.5.0_09\bin\NPJPI150_09.dll FF -: plugin - c:\program files\Java\jre1.5.0_09\bin\NPOJI610.dll FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdeploytk.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-07 21:21:24 Windows 5.1.2600 Dodatek Service Pack 3 FAT NTAPI skanowanie ukrytych procesów … skanowanie ukrytych wpisów autostartu … skanowanie ukrytych plików … skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MySql] “ImagePath”=“c:\usr/MYSQL/bin/mysqld.exe” . Czas ukończenia: 2008-11-07 21:22:09 ComboFix-quarantined-files.txt 2008-11-07 20:22:06 Przed: 3 233 497 088 bajtów wolnych Po: 3,460,612,096 bajtów wolnych 193 — E O F — 2008-11-06 06:49:01

randrzejs · 8 Listopad 2008 20:08

Sprawdź PPM i Eksploruj.Jeżeli zadziała to przeskanuj pena antyvirusem.Jeżeli coś znajdzie a będzie problem z usunięciem format.

Oczywiście pliki z pena możesz skopiować na kompa.