dziwny problem z pomoca,wyszukiwaniem i java .
witam.
od paru dni mam nastepujacy problem(win xp service pack 1)
1.nie wyswielaja mi sie pliki pomocy w zakladce start
2.nie wyswietla sie opcja wyszukiwania plikow w zakladce start
3.mimo zainstalowania javyscript nie wyskakuja calkowicie strony(java jest wlaczona w opcjach internetowych)
myslalem ze to jakis wirus i przeskanowalem wszystko panda 2005 , avastem ,adwarem i nic nie znalazl. ponizej wklejam log z hijacka
Logfile of HijackThis v1.99.1
Scan saved at 06:08:23, on 2005–11–18
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\SRVLOAD.EXE
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ABC\abc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Winamp\Winamp.exe
C:\Program Files\Outlook Express\MSIMN.EXE
C:\Documents and Settings\Damian\Pulpit\hijackthis\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Inicio.exe"
O4 – HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE" /s
O4 – HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"
O4 – HKCU\..\Run: [autoupdatev2] C:\WINDOWS\System32\autoupdatev2.exe
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – (no file)
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1127054082917
O16 – DPF: {8AD9C840–044E–11D1–B3E9–00805F499D93} (Java Runtime Environment 1.4.1_01) –
O16 – DPF: {CAFEEFAC–0014–0001–0001–ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) –
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
O23 – Service: Panda Antispam Server Service (PASSRV) – Unknown owner – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
O23 – Service: Panda Firewall Service (PAVFIRES) – Panda Software – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
O23 – Service: Panda Function Service (PAVFNSVR) – Panda Software – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
O23 – Service: Panda Pavkre (Pavkre) – Panda Software – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
O23 – Service: Panda PavProt (PavProt) – Panda Software – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
O23 – Service: Panda Process Protection Service (PavPrSrv) – Panda Software – C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 – Service: Panda anti–virus service (PAVSRV) – Panda Software – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
O23 – Service: Panda Preventium+ Service (PREVSRV) – Panda Software – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
O23 – Service: Panda IManager Service (PSIMSVC) – Panda Software Internacional – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
przywracana systemu nie moge zrobic bo mialem je wyłączone.
od paru dni mam nastepujacy problem(win xp service pack 1)
1.nie wyswielaja mi sie pliki pomocy w zakladce start
2.nie wyswietla sie opcja wyszukiwania plikow w zakladce start
3.mimo zainstalowania javyscript nie wyskakuja calkowicie strony(java jest wlaczona w opcjach internetowych)
myslalem ze to jakis wirus i przeskanowalem wszystko panda 2005 , avastem ,adwarem i nic nie znalazl. ponizej wklejam log z hijacka
Logfile of HijackThis v1.99.1
Scan saved at 06:08:23, on 2005–11–18
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\SRVLOAD.EXE
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ABC\abc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Winamp\Winamp.exe
C:\Program Files\Outlook Express\MSIMN.EXE
C:\Documents and Settings\Damian\Pulpit\hijackthis\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Inicio.exe"
O4 – HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\APVXDWIN.EXE" /s
O4 – HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"
O4 – HKCU\..\Run: [autoupdatev2] C:\WINDOWS\System32\autoupdatev2.exe
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – (no file)
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1127054082917
O16 – DPF: {8AD9C840–044E–11D1–B3E9–00805F499D93} (Java Runtime Environment 1.4.1_01) –
O16 – DPF: {CAFEEFAC–0014–0001–0001–ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) –
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
O23 – Service: Panda Antispam Server Service (PASSRV) – Unknown owner – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
O23 – Service: Panda Firewall Service (PAVFIRES) – Panda Software – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
O23 – Service: Panda Function Service (PAVFNSVR) – Panda Software – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
O23 – Service: Panda Pavkre (Pavkre) – Panda Software – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
O23 – Service: Panda PavProt (PavProt) – Panda Software – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
O23 – Service: Panda Process Protection Service (PavPrSrv) – Panda Software – C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 – Service: Panda anti–virus service (PAVSRV) – Panda Software – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
O23 – Service: Panda Preventium+ Service (PREVSRV) – Panda Software – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\prevsrv.exe
O23 – Service: Panda IManager Service (PSIMSVC) – Panda Software Internacional – C:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PsImSvc.exe
przywracana systemu nie moge zrobic bo mialem je wyłączone.
Odpowiedzi: 3
Skocz do gpedit.msc, Konfiguracja uzytkownika >> Szablony administracyjne >> Menu start i pasek zadań
– Usun menu wyszukaj...
– Usun menu pomoc...
Wyłączone albo nie skonfigurowane.
O trojanie wiecej przeczytasz tutaj
– Usun menu wyszukaj...
– Usun menu pomoc...
Wyłączone albo nie skonfigurowane.
O trojanie wiecej przeczytasz tutaj
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091
a tu drugie:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum]
"{BDEADF00–C265–11D0–BCED–00A0C90AB50F}"=dword:00000001
"{6DFD7C5C–2451–11d3–A299–00C04F8EF6AF}"=dword:40000021
"{0DF44EAA–FF21–4412–828E–260A8728E7F1}"=dword:00000020
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
a jakim programem mozna usunac tego trojana skora ad ware go nie wykrywa?
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:00000091
a tu drugie:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum]
"{BDEADF00–C265–11D0–BCED–00A0C90AB50F}"=dword:00000001
"{6DFD7C5C–2451–11d3–A299–00C04F8EF6AF}"=dword:40000021
"{0DF44EAA–FF21–4412–828E–260A8728E7F1}"=dword:00000020
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
a jakim programem mozna usunac tego trojana skora ad ware go nie wykrywa?
Tak przy okazji to trojan jest, dokladniej Dropper–DM (plik autoupdatev2.exe)
Wyeksportuj klucze:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies
Pokaź je tutaj.
Java troszkę kulawa, jej wpisy w logu poucinane, odinstaluj ja i zainstaluj raz jeszcze.
Wyeksportuj klucze:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies
Pokaź je tutaj.
Java troszkę kulawa, jej wpisy w logu poucinane, odinstaluj ja i zainstaluj raz jeszcze.
Strona 1 / 1