od kilku dni mi wyskakuje ostrzezenie :
"A program can't display a massage on your desktop"
nie wiem co jest grane i czego tam brak,Jak to naprawic?wie ktos?
Windows script host-problem
Posty: 19
• Strona 1 z 2 • 1, 2
So 22 lis, 2008 21:32
musisz podac chlopie wiecej szczegolow
taki blad w systemie windows moga powodowac rozne programy. napisz jakie masz oprogramowanie - czesto taki blad powoduja sterowniki HP albo program PDFCreator, albo jakis inny korzystajacy ze scriptow windows.
sprawdz tez komputer programem ''hijackthis'' - moze masz jakiegos szkodnika.
podaj wiecej szczegolow a pomoge.
pozdrawiam
taki blad w systemie windows moga powodowac rozne programy. napisz jakie masz oprogramowanie - czesto taki blad powoduja sterowniki HP albo program PDFCreator, albo jakis inny korzystajacy ze scriptow windows.
sprawdz tez komputer programem ''hijackthis'' - moze masz jakiegos szkodnika.
podaj wiecej szczegolow a pomoge.
pozdrawiam
Scofield
Weteran
- Posty: 1125
- Dołączył(a): So 30 wrz, 2006 07:26
So 22 lis, 2008 21:59
Mam Windows Vista (niestety).oto calosc komunikatu:
Show mi the message-jak na to klikam to wszystko znika a caly ekran robi sie jasno niebieski.Wyskakuje ze nie moze mi pokazac komunikatu i ze cos jest niekompatybilne z Windows.
Message title:Windows Script Host
Program Path: C:\Windows\System32\ wscript.exe
This problem happens because of partial incompatibiliti with Windows
Skanowalem Panda(pelna wersja),nic nie wykrylo.jutro sprobuje tym co poleciles.Dzieki
Show mi the message-jak na to klikam to wszystko znika a caly ekran robi sie jasno niebieski.Wyskakuje ze nie moze mi pokazac komunikatu i ze cos jest niekompatybilne z Windows.
Message title:Windows Script Host
Program Path: C:\Windows\System32\ wscript.exe
This problem happens because of partial incompatibiliti with Windows
Skanowalem Panda(pelna wersja),nic nie wykrylo.jutro sprobuje tym co poleciles.Dzieki
Trombel
Weteran
- Posty: 280
- Dołączył(a): Cz 17 sie, 2006 16:37
- Lokalizacja: suwalki/newcastel
Śr 26 lis, 2008 15:55
Masz infekcje z pendrive.
Jest to robak skryptowy posługujący się plikami VBS.
1. Pobierz ComboFix
2. Wklej do notatnika:
Plik >>> zapisz pod nazwą CFScript.txt a nastepnie przeciągnij go i upuść na ikonę ComboFixa w taki sposób:
3. Dajesz log z ComboFix.
Potem powiem co dalej
[ Dodano: Sro 26 Lis, 2008 15:59 ]
Jak nie wiesz jak dodac log z Combo przeczytaj to http://peb.pl/logi-do-sprawdzenia/10056 ... -opis.html
Jest to robak skryptowy posługujący się plikami VBS.
1. Pobierz ComboFix
2. Wklej do notatnika:
KOD
File::
C:\`.vbs
Folder::
C:\Deckard
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"explorer"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{be82d8f6-28bf-11dd-bbeb-0060b343e591}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cbff5d46-25c3-11dd-bbe3-0060b343e591}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e0bbedad-7572-11dc-b9f0-0060b343e591}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb0070b6-d7ca-11dc-bb0c-0060b343e591}]
Plik >>> zapisz pod nazwą CFScript.txt a nastepnie przeciągnij go i upuść na ikonę ComboFixa w taki sposób:
3. Dajesz log z ComboFix.
Potem powiem co dalej
[ Dodano: Sro 26 Lis, 2008 15:59 ]
Jak nie wiesz jak dodac log z Combo przeczytaj to http://peb.pl/logi-do-sprawdzenia/10056 ... -opis.html
Vodun
Cz 27 lis, 2008 16:44
Pomysle co z tym zrobie Ludzie chca pomoc a ty format, pamietaj, format to ostatecznosc. Ja nie robie po 3 lata i komp smiga. Zrob tak jak napisalem
Vodun
Cz 27 lis, 2008 23:32
wszystko zalezy od osoby - kto jak system uzywa. Niektorym przydaloby sie robic formata co tydzien a niektorym 5 lat starcza tak jak z kazda rzecza - wystarczy odpowiednio o nia dbac. System operacyjny to zywy organizm, potrzebuje czasami swiezych witamin (latki), odrobne oddechu (defrag dysku), odrobaczanie (wiadomo ) zrzucenie zbednych kilogramow( odinstalowanie zbednych aplikacji)
Trombel napisał(a):Niektorzy radza zeby robic format co dwa-trzy miesiace...
Ale ok zrobie tak.dopiero sie ucze wiec wole byc ostrozny.dam znak jak poszlo.dzieki
wszystko zalezy od osoby - kto jak system uzywa. Niektorym przydaloby sie robic formata co tydzien a niektorym 5 lat starcza tak jak z kazda rzecza - wystarczy odpowiednio o nia dbac. System operacyjny to zywy organizm, potrzebuje czasami swiezych witamin (latki), odrobne oddechu (defrag dysku), odrobaczanie (wiadomo ) zrzucenie zbednych kilogramow( odinstalowanie zbednych aplikacji)
Scofield
Weteran
- Posty: 1125
- Dołączył(a): So 30 wrz, 2006 07:26
Pn 01 gru, 2008 18:21
- Kod: Zaznacz cały
ComboFix 08-11-27.03 - Tomasz 2008-11-28 19:19:03.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.174 [GMT 0:00]
Running from: c:\users\Tomasz\Desktop\ComboFix.exe
Command switches used :: c:\users\Tomasz\Desktop\CFScript.txt
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2008-10-28 to 2008-11-28 )))))))))))))))))))))))))))))))
.
2008-11-28 17:43 . 2008-11-28 17:43 <DIR> d-------- c:\program files\Trend Micro
2008-11-27 12:46 . 2008-11-27 12:46 0 --a------ c:\windows\System32\Ä_Ä_
2008-11-27 10:27 . 2008-11-27 10:27 161,762,335 --a------ c:\windows\MEMORY.DMP
2008-11-26 21:54 . 2008-10-21 05:25 1,645,568 --a------ c:\windows\System32\connect.dll
2008-11-26 21:08 . 2008-11-26 21:08 0 --a------ c:\windows\System32\ÄTÄT
2008-11-26 20:46 . 2008-10-22 03:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll
2008-11-26 20:45 . 2008-08-28 03:40 712,704 --a------ c:\windows\System32\WindowsCodecs.dll
2008-11-26 20:45 . 2008-08-28 03:40 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll
2008-11-26 20:45 . 2008-08-28 03:40 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll
2008-11-26 16:52 . 2008-11-26 16:52 0 --a------ c:\windows\System32\ÄVÄV
2008-11-23 15:32 . 2008-11-23 15:32 0 --a------ c:\windows\System32\Ä(Ä(
2008-11-20 21:09 . 2008-01-02 16:33 172,032 --a------ c:\windows\System32\igfxres.dll
2008-11-20 11:36 . 2008-11-20 11:37 <DIR> d-------- c:\users\Tomasz\{02b40ffc-2c62-4a06-8e05-d10f405e77e9}
2008-11-19 17:27 . 2008-11-19 17:28 <DIR> d-------- c:\program files\LimeWire
2008-11-14 15:07 . 2008-11-14 15:07 0 --a------ c:\windows\System32\ÄOÄO
2008-11-12 16:57 . 2008-09-10 03:40 1,334,272 --a------ c:\windows\System32\msxml6.dll
2008-11-12 16:56 . 2008-08-27 01:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys
2008-11-12 16:51 . 2008-09-05 05:14 1,191,936 --a------ c:\windows\System32\msxml3.dll
2008-11-11 18:48 . 2008-11-11 18:48 0 --a------ c:\windows\System32\Ä$Ä$
2008-11-07 15:49 . 2008-10-16 21:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll
2008-11-07 15:49 . 2008-10-16 20:56 1,524,736 --a------ c:\windows\System32\wucltux.dll
2008-11-07 15:49 . 2008-10-16 21:09 51,224 --a------ c:\windows\System32\wuauclt.exe
2008-11-07 15:49 . 2008-10-16 21:09 43,544 --a------ c:\windows\System32\wups2.dll
2008-11-07 15:48 . 2008-10-16 21:12 561,688 --a------ c:\windows\System32\wuapi.dll
2008-11-07 15:48 . 2008-10-16 20:55 83,456 --a------ c:\windows\System32\wudriver.dll
2008-11-07 15:48 . 2008-10-16 21:08 34,328 --a------ c:\windows\System32\wups.dll
2008-11-07 15:47 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll
2008-11-07 15:47 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe
2008-11-06 17:29 . 2008-11-07 16:19 921,624 --a------ C:\img2-001.raw
2008-11-06 16:59 . 2008-11-06 17:01 <DIR> d-------- c:\program files\Microsoft LifeCam
2008-11-06 09:24 . 2008-11-20 21:08 16,068 --a------ c:\windows\System32\results.xml
2008-11-05 20:34 . 2008-11-05 20:34 <DIR> d-------- c:\windows\System32\Lang
2008-11-05 20:34 . 2008-02-16 10:26 920,088 --a------ c:\windows\System32\igxpun.exe
2008-11-05 14:48 . 2008-11-05 21:56 510 --a------ c:\windows\WORDPAD.INI
2008-11-05 13:52 . 2008-11-05 13:52 0 --a------ c:\windows\System32\ÄzÄz
2008-11-05 08:30 . 2008-11-05 08:30 0 --a------ c:\windows\System32\Ä=Ä=
2008-11-03 17:52 . 2008-11-03 17:52 0 --a------ c:\windows\System32\Ä6Ä6
2008-11-03 09:10 . 2008-11-03 09:10 0 --a------ c:\windows\System32\Ä8Ä8
2008-11-02 14:00 . 2008-11-02 14:00 0 --a------ c:\windows\System32\Ä#Ä#
2008-11-01 20:45 . 2004-02-05 21:53 389,120 --a------ c:\windows\System32\actskn43.ocx
2008-11-01 20:45 . 2004-01-08 02:43 253,952 --a------ c:\windows\System32\histogram.ocx
2008-11-01 20:45 . 2004-01-09 11:54 188,416 --a------ c:\windows\System32\actsplash.ocx
2008-11-01 20:45 . 2000-07-15 00:00 118,784 --a------ c:\windows\System32\MSSTDFMT.DLL
2008-11-01 20:45 . 2000-07-15 06:00 101,888 --a------ c:\windows\System32\VB6STKIT.DLL
2008-10-29 18:17 . 2008-08-05 09:49 428,544 --a------ c:\windows\System32\EncDec.dll
2008-10-29 18:17 . 2008-08-05 09:48 217,088 --a------ c:\windows\System32\psisrndr.ax
2008-10-29 18:17 . 2008-08-05 09:48 177,664 --a------ c:\windows\System32\mpg2splt.ax
2008-10-29 18:17 . 2008-08-05 09:48 80,896 --a------ c:\windows\System32\MSNP.ax
2008-10-29 18:16 . 2008-08-05 09:49 293,376 --a------ c:\windows\System32\psisdecd.dll
2008-10-29 16:37 . 2008-08-12 03:39 443,392 --a------ c:\windows\System32\win32spl.dll
2008-10-29 16:37 . 2008-09-18 04:56 147,456 --a------ c:\windows\System32\Faultrep.dll
2008-10-29 16:37 . 2008-09-18 04:56 125,952 --a------ c:\windows\System32\wersvc.dll
2008-10-28 15:23 . 2008-10-28 15:23 0 --a------ c:\windows\System32\ÄIÄI
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-28 19:15 1,244 ----a-w c:\windows\system32\drivers\APPFLTR.CFG.bck
2008-11-28 19:15 1,244 ----a-w c:\windows\system32\drivers\APPFLTR.CFG
2008-11-28 18:46 256,032 ----a-w c:\windows\system32\drivers\APPFCONT.DAT.bck
2008-11-28 18:46 256,032 ----a-w c:\windows\system32\drivers\APPFCONT.DAT
2008-11-27 20:27 --------- d-----w c:\users\Tomasz\AppData\Roaming\Skype
2008-11-27 20:26 --------- d-----w c:\users\Tomasz\AppData\Roaming\skypePM
2008-11-27 13:12 --------- d-----w c:\users\Tomasz\AppData\Roaming\LimeWire
2008-11-22 19:20 --------- d-----w c:\program files\Common Files\Adobe
2008-10-17 07:23 --------- d-----w c:\program files\Windows Mail
2008-10-09 22:34 2,560 ----a-w c:\windows\_MSRSTRT.EXE
2008-10-08 21:33 --------- d-----w c:\program files\AOL 9.0 VR
2008-10-07 11:32 --------- d-----w c:\programdata\HPSSUPPLY
2008-09-30 17:50 --------- d-----w c:\program files\Skype
2008-09-30 17:49 --------- d-----w c:\programdata\Skype
2008-09-30 17:49 --------- d-----w c:\program files\Common Files\Skype
2008-09-04 09:12 174 --sha-w c:\program files\desktop.ini
2007-11-28 17:53 32 ----a-w c:\users\All Users\ezsid.dat
2007-11-28 17:53 32 ----a-w c:\programdata\ezsid.dat
2008-08-05 10:54 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-08-05 10:54 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-08-05 10:54 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
((((((((((((((((((((((((((((( snapshot@2008-11-28_18.09.56.53 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-11-28 17:30:50 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-11-28 18:48:43 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-11-28 17:30:50 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-11-28 18:48:43 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-11-28 17:30:50 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-11-28 18:48:43 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-01-18 171448]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-05-25 17920]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-04-28 857648]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2007-10-09 77824]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-03-21 1548288]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-09-21 184320]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-10-09 1862144]
"HostManager"="c:\program files\Common Files\AOL\1191968599\ee\AOLSoftware.exe" [2006-11-14 50736]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"APVXDWIN"="c:\program files\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE" [2007-07-19 455984]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"VX3000"="c:\windows\vVX3000.exe" [2007-04-10 709992]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-16 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-16 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-16 133656]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"SigmatelSysTrayApp"="sttray.exe" [2007-03-06 c:\windows\sttray.exe]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-10-09 50688]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
QuickSet.lnk - c:\windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2007-10-09 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2007-02-15 19:02 50736 c:\windows\System32\avldr.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3504846565-2921440528-1118049048-1000]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{59D2C6EF-84E2-446A-ADD1-A726E9583F10}"= UDP:c:\program files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{B227B677-9621-49EB-AC68-AB075A669DDD}"= c:\program files\Dell\MediaDirect\PowerCinema.exe:CyberLink PowerCinema
"{8FC95AAE-2855-4C09-BBA8-08849AF440C5}"= c:\program files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{A5A18A79-5B43-48F6-AB20-C99FC9A8A7E1}"= c:\program files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{FD0E3F62-1E21-4AFB-9782-9E4064A9232B}"= c:\program files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{4D566484-C06B-4573-924A-6F4E7FD906B5}"= UDP:c:\program files\Common Files\aol\acs\AOLDial.exe:AOL Connectivity Service Dialler
"{DC034218-B847-4A5D-BC8C-A471EE3C337F}"= TCP:c:\program files\Common Files\aol\acs\AOLDial.exe:AOL Connectivity Service Dialler
"{6D811071-62E5-4922-B7B9-E9576D8D1B9D}"= UDP:c:\program files\Common Files\aol\acs\AOLacsd.exe:AOL Connectivity Services
"{A9D10C32-4542-43C2-BE8B-32104853094A}"= TCP:c:\program files\Common Files\aol\acs\AOLacsd.exe:AOL Connectivity Services
"{FB64352C-3942-4A4E-85E7-F2CC0DE5812E}"= UDP:c:\program files\AOL 9.0 VR\waol.exe:AOL
"{F781062D-690E-4A57-A234-569B5FB00E29}"= TCP:c:\program files\AOL 9.0 VR\waol.exe:AOL
"{DED1E519-2372-48EE-A6A0-4C802BA9116B}"= UDP:c:\program files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{A7023FF6-7C03-4772-BAFC-D2EBEEB49222}"= TCP:c:\program files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{FF628431-E870-479C-AAD8-04AB3FC053FE}"= UDP:c:\program files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{5507E42F-2407-405F-8CD9-D86ABAA516B8}"= TCP:c:\program files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{07A75988-4F89-4D5B-920E-C76D84B3B15B}"= UDP:c:\program files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{ED2414C6-038C-454C-A225-B3E1DE0B7F93}"= TCP:c:\program files\Common Files\aol\System Information\sinf.exe:AOL System Information
"TCP Query User{535FB303-4A4B-40E8-84C9-A366E3C90B18}c:\\program files\\gadu-gadu\\gg.exe"= UDP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program glówny
"UDP Query User{CF8A103E-E2DD-41EB-BC7E-839DC3ECA86E}c:\\program files\\gadu-gadu\\gg.exe"= TCP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program glówny
"TCP Query User{90547FE4-E129-4FF5-BD64-18E6CC6A95F9}c:\\program files\\nero\\nero 7\\nero showtime\\showtime.exe"= UDP:c:\program files\nero\nero 7\nero showtime\showtime.exe:Nero ShowTime
"UDP Query User{526C889F-086C-45FE-8AD3-69ABADC8ADF8}c:\\program files\\nero\\nero 7\\nero showtime\\showtime.exe"= TCP:c:\program files\nero\nero 7\nero showtime\showtime.exe:Nero ShowTime
"{CA171ACC-BF33-4EF0-8AFA-24B879FE02AA}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{BCD26D36-CB11-47B0-8223-C9B541FD0AE4}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{CFFEB6BC-7A31-486D-A22E-F0A4211A6503}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{94CC1115-0F18-4A1B-930B-BD40063722F5}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{ACA17D86-9DFF-477E-9B94-98A21E42DDF9}"= UDP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{60EC444E-C9A6-42A9-AB3F-2D2CF47D1B08}"= TCP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{2390DDAB-0063-49E5-B174-C9EF2CFF73E4}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{25252A19-05D3-4E4C-A84A-AA814343EEE1}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{4A40DCB0-F748-4272-A7AA-F3AAD9009FDF}"= UDP:c:\program files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:VoipDiscount
"{4193ACFC-DE14-4325-ACA3-523A41EFE45F}"= TCP:c:\program files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:VoipDiscount
"TCP Query User{59558FE5-4AB6-4346-A147-499C710216CB}c:\\program files\\azureus\\azureus.exe"= UDP:c:\program files\azureus\azureus.exe:Azureus
"UDP Query User{59F75769-AC74-4CFE-B2A0-4CA1BE48012D}c:\\program files\\azureus\\azureus.exe"= TCP:c:\program files\azureus\azureus.exe:Azureus
"TCP Query User{BF6CCA41-C443-4159-BF97-80F7FF6F6ADA}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= UDP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"UDP Query User{D7A53BF4-3C5E-4C44-89C6-7A6320A4ED56}c:\\program files\\bearshare applications\\bearshare\\bearshare.exe"= TCP:c:\program files\bearshare applications\bearshare\bearshare.exe:BearShare
"TCP Query User{B0E643E1-F5E9-463D-A80D-7D84DB95360C}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{8118DEDB-43A6-4C9C-B1E4-43AF6FE11A22}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows
"TCP Query User{19BBF1C0-BB28-4A69-B71F-5E9AC2340E17}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{21270902-EEC8-4A6A-8B6D-396F24D03B1B}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{EF246996-C7AB-45C1-8E42-000F43B63738}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{C9358BBA-3101-4310-91E8-C582A4B30028}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows
"TCP Query User{C2A9867D-7DF3-47A3-A293-151533AE934F}c:\\program files\\gadu-gadu\\gg.exe"= UDP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program glówny
"UDP Query User{77E89DEB-52C4-4706-825E-FC5121ADCA4F}c:\\program files\\gadu-gadu\\gg.exe"= TCP:c:\program files\gadu-gadu\gg.exe:Gadu-Gadu - program glówny
"{2F6F8F84-09B3-47F9-A683-E1F900B25BC4}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{BED3B46E-4A77-4D13-9DF0-2AEF4553652F}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{AF8237A3-B3D0-40B8-A831-D71B032B2B5A}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{63C9B7EE-27A3-4B49-BDF1-FC5E639B7990}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{34847805-AB67-4C84-82FA-8580381755BF}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{44928851-D4BD-4826-B375-8D242F56734F}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{2F78D131-CCE2-4ABE-8369-D0862AA20E20}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{D31281F0-4B2D-4625-8C24-B4A7C4B1B093}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{2D55D1C1-1A07-4409-BC85-28F7225852D9}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{3AEAF983-B6A5-4C8A-8490-06336701C9BF}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{810924DD-1AD3-4512-9E2F-16AB8E8FAA2D}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{E8F5E5C3-D79E-4FF7-9C2B-00D2D7E44B32}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{10AEFB5C-D6F9-4ACC-B413-B3252CBA6E1A}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{7B1F0C6B-B5DC-4468-9B60-019B3B4A1E10}"= UDP:c:\program files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe
"{0AE4951E-ED33-4CED-A75C-D6B9A3B6EA6F}"= TCP:c:\program files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe
"{0A8A9B5F-19F4-4057-8779-D71E0796E66A}"= UDP:c:\program files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe
"{E0F38AD8-9020-41FD-A3E5-EF451A81410B}"= TCP:c:\program files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-07-19 28544]
R1 APPFLT;App Filter Plugin;\??\c:\windows\system32\Drivers\APPFLT.SYS [2008-07-19 71736]
R1 DSAFLT;DSA Filter Plugin;\??\c:\windows\system32\Drivers\DSAFLT.SYS [2008-07-19 51256]
R1 FNETMON;NetMon Filter Plugin;\??\c:\windows\system32\Drivers\fnetmon.SYS [2008-07-19 22072]
R1 IDSFLT;Ids Filter Plugin;\??\c:\windows\system32\Drivers\IDSFLT.SYS [2008-07-19 191672]
R1 NETFLTDI;Panda Net Driver [TDI Layer];\??\c:\windows\system32\Drivers\NETFLTDI.SYS [2008-07-19 15:03:58 132920]
R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShlDrv51.sys [2008-07-19 38456]
R1 SMSFLT;SMS Filter Plugin;\??\c:\windows\system32\Drivers\SMSFLT.SYS [2008-07-19 37304]
R1 WNMFLT;Wifi Monitor Filter Plugin;\??\c:\windows\system32\Drivers\WNMFLT.SYS [2008-07-19 30648]
R2 AmFSM;AmFSM;c:\windows\system32\DRIVERS\amm8660.sys [2008-07-19 46904]
R2 ComFiltr;Panda Anti-Dialer;\??\c:\windows\system32\DRIVERS\COMFiltr.sys [2008-07-19 13880]
R2 cpoint;Panda CPoint Driver;c:\windows\system32\Drivers\cpoint.sys [2008-07-19 24760]
R2 PavProc;Panda Process Protection Driver;\??\c:\windows\system32\DRIVERS\PavProc.sys [2008-07-19 178872]
R2 PskSvcRetail;Panda PSK service;"c:\program files\Panda Security\Panda Antivirus + Firewall 2008\PskSvc.exe" [2008-07-19 27696]
R3 NETIMFLT;PANDA NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\netimflt.sys [2008-07-19 142128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{26c8faab-9c90-11dd-8e07-001c2394e578}]
\shell\AutoRun\command - G:\LaunchU3.exe -a
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-28 19:24:00
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-11-28 19:26:22
ComboFix-quarantined-files.txt 2008-11-28 19:26:14
Pre-Run: 27,109,060,608 bytes free
Post-Run: 26,969,677,824 bytes free
249 --- E O F --- 2008-11-27 09:00:25
Trombel
Weteran
- Posty: 280
- Dołączył(a): Cz 17 sie, 2006 16:37
- Lokalizacja: suwalki/newcastel
Posty: 19
• Strona 1 z 2 • 1, 2
Kto przegląda forum
Użytkownicy przeglądający ten dział: Brak zidentyfikowanych użytkowników i 3 gości