Jakim cudem ????
Proszę mi powiedzieć jakim cudem instalują mi się niektóre aplikacje [ ostatio yahoo ] która zainstalowała się Cprogram Files.Uźywam Internet Explorera 6 + Servis Pack 2 itp.Nie dostaję źadnej komendy na instalowanie tych aplikacjii.Prosze przy okazji sprawdzić logLogfile of HijackThis v1.99.0
Scan saved at 20:04:00, on 2005–01–05
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32LEXPPS.EXE
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:Program FilesNorton AntiVirus avapsvc.exe
C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesCursorXPCursorXP.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:DOCUME~1AUSTAWI~1TempKatalog tymczasowy 4 dla hijackthis.zipHijackThis.exe
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.interia.pl/
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – C:PROGRA~1SPYBOT~1SDHelper.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:program filesgooglegoogletoolbar2.dll
O2 – BHO: CNavExtBho Class – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:program filesgooglegoogletoolbar2.dll
O3 – Toolbar: Yahoo! Companion – {EF99BD32–C1FB–11D2–892F–0090271D4F88} – C:Program FilesYahoo!CompanionInstallscpnycomp5_5_7_0.dll (file missing)
O4 – HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe
O4 – HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 – HKLM..Run: [ccRegVfy] "C:Program FilesCommon FilesSymantec SharedccRegVfy.exe"
O4 – HKCU..Run: [CursorXP] C:Program FilesCursorXPCursorXP.exe
O4 – HKCU..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NVMCTRAY.DLL,NvTaskbarInit
O4 – Global Startup: Adobe Gamma Loader.exe.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O6 – HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 – HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 – Extra context menu item: &Google Search – res://c:program filesgoogleGoogleToolbar2.dll/cmsearch.html
O8 – Extra context menu item: Backward Links – res://c:program filesgoogleGoogleToolbar2.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:program filesgoogleGoogleToolbar2.dll/cmcache.html
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 – Extra context menu item: Similar Pages – res://c:program filesgoogleGoogleToolbar2.dll/cmsimilar.html
O8 – Extra context menu item: Translate into English – res://c:program filesgoogleGoogleToolbar2.dll/cmtrans.html
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:Program FilesMessengermsmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:Program FilesMessengermsmsgs.exe
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O23 – Service: Symantec Event Manager – Symantec Corporation – C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 – Service: Symantec Password Validation Service – Symantec Corporation – C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 – Service: LexBce Server – Lexmark International, Inc. – C:WINDOWSsystem32LEXBCES.EXE
O23 – Service: Usługa Auto–Protect w programie Norton AntiVirus – Symantec Corporation – C:Program FilesNorton AntiVirus avapsvc.exe
O23 – Service: ScriptBlocking Service – Symantec Corporation – C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 – Service: SoundMAX Agent Service – Analog Devices, Inc. – C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
Scan saved at 20:04:00, on 2005–01–05
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32LEXPPS.EXE
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:Program FilesNorton AntiVirus avapsvc.exe
C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesCursorXPCursorXP.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:DOCUME~1AUSTAWI~1TempKatalog tymczasowy 4 dla hijackthis.zipHijackThis.exe
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.interia.pl/
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – C:PROGRA~1SPYBOT~1SDHelper.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:program filesgooglegoogletoolbar2.dll
O2 – BHO: CNavExtBho Class – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:program filesgooglegoogletoolbar2.dll
O3 – Toolbar: Yahoo! Companion – {EF99BD32–C1FB–11D2–892F–0090271D4F88} – C:Program FilesYahoo!CompanionInstallscpnycomp5_5_7_0.dll (file missing)
O4 – HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe
O4 – HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 – HKLM..Run: [ccRegVfy] "C:Program FilesCommon FilesSymantec SharedccRegVfy.exe"
O4 – HKCU..Run: [CursorXP] C:Program FilesCursorXPCursorXP.exe
O4 – HKCU..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NVMCTRAY.DLL,NvTaskbarInit
O4 – Global Startup: Adobe Gamma Loader.exe.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O6 – HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 – HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 – Extra context menu item: &Google Search – res://c:program filesgoogleGoogleToolbar2.dll/cmsearch.html
O8 – Extra context menu item: Backward Links – res://c:program filesgoogleGoogleToolbar2.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:program filesgoogleGoogleToolbar2.dll/cmcache.html
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 – Extra context menu item: Similar Pages – res://c:program filesgoogleGoogleToolbar2.dll/cmsimilar.html
O8 – Extra context menu item: Translate into English – res://c:program filesgoogleGoogleToolbar2.dll/cmtrans.html
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:Program FilesMessengermsmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:Program FilesMessengermsmsgs.exe
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O23 – Service: Symantec Event Manager – Symantec Corporation – C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 – Service: Symantec Password Validation Service – Symantec Corporation – C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 – Service: LexBce Server – Lexmark International, Inc. – C:WINDOWSsystem32LEXBCES.EXE
O23 – Service: Usługa Auto–Protect w programie Norton AntiVirus – Symantec Corporation – C:Program FilesNorton AntiVirus avapsvc.exe
O23 – Service: ScriptBlocking Service – Symantec Corporation – C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 – Service: SoundMAX Agent Service – Analog Devices, Inc. – C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
Odpowiedzi: 3
O6 to moga byc jakies ograniczenia Opcji internetowych/IE – usun. Ten O3 z Yahoo toolbar rowniez. Zobacz w Dodaj/usunn czy nie mozna stamtad usunac.
Ok zrobię tak jak kaźesz powiedz jeszcze co to jest to 06 i 03 Yahoo Tolbar ja tego nie instalowałem i nie wiem czy to wyawlać
Jesli sie zainstalowalo, to usun/odinstaluj. Usun rowniez dwa wpisy O6.
Strona 1 / 1