Stało się to pod moją nieobecność na kompie. Nie wiem na jaką strone wtedy ktoś weszedł ale skutki są tego że gdy chcę jakiś program uruchomic przez skrót to najpierw Avast zgłasza mi że to wirus (choć to jest najzwyklejszy program, dzieje sie to przy każdym skrócie), oraz pojawia się Error!
System Windows nie może uzyskać dostępu do określonego urządzenia, ścieżki lub pliku. Możesz nie mieć odpowiednich uprawnien, aby uzyskać dostęp do elementu.
Czy jest jakaś rada na ten problem… A i jeszcze jak skanuje Abastem dysk to Avast myśli ze kazdy plik jest wirusem :oops: .
=======================
Proszę poprawic tytuł na konkretny
Monczkin
MaYsTeR
(Mayster X)
15 Maj 2006 18:41
#2
Nie moge wkleic loga bo ciągle mi ten kompunikat wyskakuje. I jeszcze jedno, jak uruchamiam program przez jakis skrót to mo pokazuje ze ten plik został usuniety albo przeniesy
MaYsTeR
(Mayster X)
15 Maj 2006 18:48
#4
kuz5
(Kuz5)
15 Maj 2006 18:50
#5
A powiedz jak cała ta sprawa wyglada w trybie awaryjnym ??
Jest ok czy także są jakies problemy ??
Logfile of HijackThis v1.99.1
Scan saved at 20:56:20, on 2006-05-15
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\D-Link AirPlus\AirPlus.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Tlen.pl\tlen.exe
C:\Documents and Settings\WIATER-DOM\Pulpit\hijackthis.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Internet Anonym - {00000000-0002-0002-0000-000000000000} - c:\program files\steganos internet anonym pro 6\siaiep.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - Global Startup: D-Link AirPlus.lnk = ?
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
*.com mi naszczęscie nie zablokowało, no i może ktoś sprawdzi log?
Bieniol
(Bbieniol)
15 Maj 2006 18:57
#7
Kosmetycznie do usunięcia te wpisy:
Poza tym czysto :roll:
adam9870
(adam9870)
15 Maj 2006 18:57
#8
Log masz ok.
Kosmetycznie możesz ciachnąć
Pobierz program Ewido zrób update i przeskanuj.
Może wklej loga z SilentRunners .
kuz5
(Kuz5)
15 Maj 2006 19:22
#9
A działaja ci exeki bo wychodzi na to że nie ??
no nie dzialaja “exeki” a tego silentrunners to chyba nie sciagne bo mi cos nie chce sie polaczyc z tamta stronka:/
moze ktosa by mi go podeslal na gg 7910504
adam9870
(adam9870)
15 Maj 2006 19:28
#11
Kliknij na to prawym klawiszem myszki i wybierz “Zapisz element docelowy jako” .
Kliknij w ten link co wyżej podałem w tamten sposób. Powinno dać się ściągnąć wtedy :?
kuz5
(Kuz5)
15 Maj 2006 19:36
#12
bartek_olsztyn:
no nie dzialaja “exeki”
Użyj tego programuUnHookExec.inf może cos z tego bedzie
Dodatkowo przeleć system Skanerami on line
jak mam go urzyc? jak kliknalem na niego to mi sie notatnik otworzyl :roll:
MaYsTeR
(Mayster X)
15 Maj 2006 19:47
#14
sciągasz poprzez "Zapisz element docelowy jako"
Po ściągnięciu kilkasz PPM -> Zainstaluj
Bieniol
(Bbieniol)
15 Maj 2006 19:47
#15
Czy to było o Silencie? Jeżeli tak, to poczytaj --> Wyłączenie/włączenie WSH
ma loga z silent runners
“Silent Runners.vbs”, revision 45, http://www.silentrunners.org/ Operating System: Windows XP Output limited to non-default values, except where indicated by “{++}” Startup items buried in registry: --------------------------------- HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} “Gadu-Gadu” = ““C:\Program Files\Gadu-Gadu\gg.exe” /tray” [file not found] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} “avast!” = “C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [null data] “NeroFilterCheck” = “C:\WINDOWS\system32\NeroCheck.exe” [“Ahead Software Gmbh”] “Zone Labs Client” = ““C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe”” [“Zone Labs Inc.”] “NvMediaCenter” = “RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit” [MS] “NvCplDaemon” = “RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup” [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided) -> {HKLM…CLSID} = “AcroIEHlprObj Class” \InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll” [“Adobe Systems Incorporated”] {53707962-6F74-2D53-2644-206D7942484F}(Default) = (no title provided) -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\PROGRA~1\SPYBOT~1\SDHelper.dll” [“Safer Networking Limited”] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ “{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Rozszerzenie CPL kadrowania wyświetlania” -> {HKLM…CLSID} = “Rozszerzenie CPL kadrowania wyświetlania” \InProcServer32(Default) = “deskpan.dll” [file not found] “{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu” -> {HKLM…CLSID} = “HyperTerminal Icon Ext” \InProcServer32(Default) = “C:\WINDOWS\System32\hticons.dll” [“Hilgraeve, Inc.”] “{59850401-6664-101B-B21C-00AA004BA90B}” = “Microsoft Office Binder Unbind” -> {HKLM…CLSID} = “Microsoft Office Binder Unbind” \InProcServer32(Default) = “C:\PROGRA~1\MICROS~2\Office\1045\UNBIND.DLL” [MS] “{A70C977A-BF00-412C-90B7-034C51DA2439}” = “NvCpl DesktopContext Class” -> {HKLM…CLSID} = “DesktopContext Class” \InProcServer32(Default) = “C:\WINDOWS\System32\nvcpl.dll” [“NVIDIA Corporation”] “{1CDB2949-8F65-4355-8456-263E7C208A5D}” = “Desktop Explorer” -> {HKLM…CLSID} = “Desktop Explorer” \InProcServer32(Default) = “C:\WINDOWS\System32\nvshell.dll” [“NVIDIA Corporation”] “{1E9B04FB-F9E5-4718-997B-B8DA88302A47}” = “Desktop Explorer Menu” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\WINDOWS\System32\nvshell.dll” [“NVIDIA Corporation”] “{1E9B04FB-F9E5-4718-997B-B8DA88302A48}” = “nView Desktop Context Menu” -> {HKLM…CLSID} = “nView Desktop Context Menu” \InProcServer32(Default) = “C:\WINDOWS\System32\nvshell.dll” [“NVIDIA Corporation”] “{472083B0-C522-11CF-8763-00608CC02F24}” = “avast” -> {HKLM…CLSID} = “avast” \InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”] “{FFB699E0-306A-11d3-8BD1-00104B6F7516}” = “Play on my TV helper” -> {HKLM…CLSID} = “NVIDIA CPL Extension” \InProcServer32(Default) = “C:\WINDOWS\System32\nvcpl.dll” [“NVIDIA Corporation”] “{00000000-0001-0001-0000-000000000000}” = “shredderse” -> {HKLM…CLSID} = “shredderse” \InProcServer32(Default) = “c:\program files\steganos internet anonym pro 6\shredderse.dll” [null data] HKLM\Software\Classes*\shellex\ContextMenuHandlers\ 7-Zip(Default) = “{23170F69-40C1-278A-1000-000100020000}” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\7-Zip\7-zipn.dll” [“Igor Pavlov”] avast(Default) = “{472083B0-C522-11CF-8763-00608CC02F24}” -> {HKLM…CLSID} = “avast” \InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”] shredderse(Default) = “{00000000-0001-0001-0000-000000000000}” -> {HKLM…CLSID} = “shredderse” \InProcServer32(Default) = “c:\program files\steganos internet anonym pro 6\shredderse.dll” [null data] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ 7-Zip(Default) = “{23170F69-40C1-278A-1000-000100020000}” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\7-Zip\7-zipn.dll” [“Igor Pavlov”] shredderse(Default) = “{00000000-0001-0001-0000-000000000000}” -> {HKLM…CLSID} = “shredderse” \InProcServer32(Default) = “c:\program files\steganos internet anonym pro 6\shredderse.dll” [null data] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ 7-Zip(Default) = “{23170F69-40C1-278A-1000-000100020000}” -> {HKLM…CLSID} = (no title provided) \InProcServer32(Default) = “C:\Program Files\7-Zip\7-zipn.dll” [“Igor Pavlov”] avast(Default) = “{472083B0-C522-11CF-8763-00608CC02F24}” -> {HKLM…CLSID} = “avast” \InProcServer32(Default) = “C:\Program Files\Alwil Software\Avast4\ashShell.dll” [“ALWIL Software”] Default executables: -------------------- HKLM\Software\Classes\scrfile\shell\open\command(Default) = “”%1" %*" [file not found] Active Desktop and Wallpaper: ----------------------------- Active Desktop is disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState HKCU\Control Panel\Desktop\ “Wallpaper” = “C:\Documents and Settings\WIATER-DOM\Dane aplikacji\IrfanView\IrfanView_Wallpaper.bmp” Startup items in “WIATER-DOM” & “All Users” startup folders: ------------------------------------------------------------ C:\Documents and Settings\All Users\Menu Start\Programy\Autostart “D-Link AirPlus” -> shortcut to: “C:\Program Files\D-Link AirPlus\AirPlus.exe” [“D-Link”] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] 000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS] 000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: C:\Program Files\Steganos Internet Anonym Pro 6\sselsp.dll [null data], 01 - 03, 09 %SystemRoot%\system32\mswsock.dll [MS], 04 - 06, 10 - 15 %SystemRoot%\system32\rsvpsp.dll [MS], 07 - 08 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ “{00000000-0002-0002-0000-000000000000}” -> {HKLM…CLSID} = “Internet Anonym” \InProcServer32(Default) = “c:\program files\steganos internet anonym pro 6\siaiep.dll” [null data] HKLM\Software\Microsoft\Internet Explorer\Toolbar\ “{00000000-0002-0002-0000-000000000000}” = “Internet Anonym” -> {HKLM…CLSID} = “Internet Anonym” \InProcServer32(Default) = “c:\program files\steganos internet anonym pro 6\siaiep.dll” [null data] Explorer Bars Dormant Explorer Bars in “View, Explorer Bar” menu HKLM\Software\Classes\CLSID{00000000-0002-0017-0000-000000000000}(Default) = “Private Favorites” Implemented Categories{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32(Default) = “c:\program files\steganos internet anonym pro 6\spfiep.dll” [null data] Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ “MenuText” = “Sun Java Console” “CLSIDExtension” = “{08B0E5C0-4FCB-11CF-AAA5-00401C608501}” {36ECAF82-3300-8F84-092E-AFF36D6C7040}\ “ButtonText” = “Run WinHTTrack” “MenuText” = “Launch WinHTTrack” “CLSIDExtension” = “{86529161-034E-4F8A-88D2-3C625E612E04}” -> {HKLM…CLSID} = “WinHTTrackLauncher Class” \InProcServer32(Default) = “C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll” [null data] {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A}\ “ButtonText” = “eBay - Homepage” “CLSIDExtension” = “{1FBA04EE-3024-11D2-8F1F-0000F87ABD16}” -> {HKLM…CLSID} = “Toolbar Extension for Executable” \InProcServer32(Default) = “C:\WINDOWS\System32\SHDOCVW.DLL” [MS] “Exec” = “C:\Program Files\IrfanView\Ebay\Ebay.htm” [null data] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ avast! Antivirus, avast! Antivirus, ““C:\Program Files\Alwil Software\Avast4\ashServ.exe”” [null data] avast! iAVS4 Control Service, aswUpdSv, ““C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe”” [null data] avast! Mail Scanner, avast! Mail Scanner, ““C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe” /service” [“ALWIL Software”] avast! Web Scanner, avast! Web Scanner, ““C:\Program Files\Alwil Software\Avast4\ashWebSv.exe” /service” [“ALWIL Software”] NVIDIA Display Driver Service, NVSvc, “C:\WINDOWS\System32\nvsvc32.exe” [“NVIDIA Corporation”] TrueVector Internet Monitor, vsmon, “C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service” [“Zone Labs Inc.”] Windows User Mode Driver Framework, UMWdf, “C:\WINDOWS\System32\wdfmgr.exe” [MS] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ hpzsnt08\Driver = “hpzsnt08.dll” [“HP”] ---------- + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 193 seconds. + The search for all Registry CLSIDs containing dormant Explorer Bars took 146 seconds. ---------- (total run time: 1193 seconds)
no i tyle ;p
Złączono Posta : 15.05.2006 (Pon) 22:03
a ten UnHookExec.inf nie dal zadnego rezultatu nadal exeki sa zablkowane
Gutek
(Gutek)
15 Maj 2006 21:00
#17
A tego spóbuj? - exefix.reg - http://www.kellys-korner-xp.com/regs_edits/exefix.reg - zapisz na pulpicie i uruchom fix-a
no i nic, nadal jak chce jakis program uruchomic to mi teraz pokazuje ze to wirus
kuz5
(Kuz5)
16 Maj 2006 12:20
#19
Odinstaluj tego avasta i zobacz czy problem bezie wystepował dalej
no jak odinstaluje avasta to nie bedzie mi pokazwac ze to wirus bo wkoncu nie bede mial zadnego antyvirusa; :lol: