Nadležni favorites v IE

Ob novi instalaciji XP sem pridobil nekaj priljubljenih, katere pa nikjer ni mogoče odstraniti… Ali pač ?

Ti samo klikni na Organiziraj priljubljene (poglej na sliki, ki si jo priložil) pa boš videl, kaj se vse da 😉

Ne, teh se ne da, nebi pisal drugače–

Probaj jih tukaj izbrisat: C:\Documents and Settings\XXX\Favorites ali pa pojdi v Safe mode in tam probaj…

Max, jih ni ! Niti v urejanju priljubljenih, niti pod favorites, niti pod skrite datoteke – enostavno so nekje zapečeni, mater..

In če klikneš na njih, so sploh aktvine? Lahko pa da je to kakšen spy… Popucaj mašino pred nesnago…

Lp, Max

So aktivne, mašina pa je popucana z vsem živim, res…

Quick Tips: If your Internet Explorer home page changes by itself, or if you suddenly find Bookmarks in your Favorites that you didn’t put there, your computer may be infected with a nasty type of spyware called a Browser Hijacker.

Tako da probaj še s tem programom:

Lp, Max

Ne vem kaj od tega bi bilo za ven vrečt:

Logfile of HijackThis v1.99.1
Scan saved at 9:20:14, on 3.8.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\SM Pro 6\SMSystemAnalyzer.exe
C:\Program Files\SM Pro 6\PopupBlocker.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Maret\Local Settings\Temp\wzd512\HijackThis.exe

R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.najdi.si
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 – BHO: AcroIEHlprObj Class – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: Najdi.si – {442599A9-EB41-4F1F-B999-737BC587F314} – C:\Program Files\Noviforum\Najdi.si toolbar\NajdiSiToolbar.3.dll
O2 – BHO: (no name) – {698CB232-089A-36E8-B8CF-F17C67A8C557} – C:\DOCUME~1\Maret\APPLIC~1\teamhold\Save Slow.exe (file missing)
O2 – BHO: AcroIEToolbarHelper Class – {AE7CD045-E861-484f-8273-0445EE161910} – C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 – BHO: NAV Helper – {BDF3E430-B101-42AD-A544-FADC6B084872} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 – Toolbar: Najdi.si – {442599A9-EB41-4F1F-B999-737BC587F314} – C:\Program Files\Noviforum\Najdi.si toolbar\NajdiSiToolbar.3.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 – Toolbar: Adobe PDF – {47833539-D0C5-4125-9FA8-0819E2EAAC93} – C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 – HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 – HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 – HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [SMSystemAnalyzer] “C:\Program Files\SM Pro 6\SMSystemAnalyzer.exe”
O4 – HKCU\..\Run: [System Mechanic Popup Blocker] “C:\Program Files\SM Pro 6\PopupBlocker.exe”
O4 – HKCU\..\Run: [plus settings] C:\DOCUME~1\Maret\APPLIC~1\INSIDE~1\Lovepureway.exe
O8 – Extra context menu item: Convert link target to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: Convert link target to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: Convert selected links to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 – Extra context menu item: Convert selected links to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 – Extra context menu item: Convert selection to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: Convert selection to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: Convert to Adobe PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 – Extra context menu item: Convert to existing PDF – res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 – Extra context menu item: I&zvoz v Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 – Extra button: Raziskovanje – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) – http://212.103.151.248//activex/AMC.cab
O18 – Protocol: livecall – {828030A1-22C1-4009-854F-8E305202313F} – C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 – Protocol: msnim – {828030A1-22C1-4009-854F-8E305202313F} – C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 – Winlogon Notify: PCANotify – C:\WINDOWS\SYSTEM32\PCANotify.dll
O20 – Winlogon Notify: WgaLogon – C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 – Service: Adobe LM Service – Adobe Systems – C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: pcAnywhere Host Service (awhost32) – Symantec Corporation – C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 – Service: Diskeeper – Executive Software International, Inc. – C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 – Service: GhostStartService – Symantec Corporation – C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 – Service: NajdiSiToolbarUpdate – Unknown owner – C:\Program Files\Noviforum\Najdi.si toolbar\NajdiSiToolbarUpdate.exe
O23 – Service: Norton AntiVirus Auto Protect Service (navapsvc) – Symantec Corporation – C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 – Service: ScriptBlocking Service (SBService) – Symantec Corporation – C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 – Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) – Analog Devices, Inc. – C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 – Service: StarWind iSCSI Service (StarWindService) – Rocket Division Software – C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

Imel sem podoben šmoren; odstranil sem MSN Plus in so tud nadležni favoriti izginili 🙂

Probaj…

Poglej pod Add/Remove Programs, če se ti je kaj sumljivega inštaliralo brez tvoje vednosti.

Lahko pa probaš še s tem programom:

Si si v kratkem inštaliral kakšen Toolbar ali kakšen free program (Lahko da je vseboval to nesnago)?

Lp, Max