log z hijack'a
Hej prosze o sprawdzenie loga :
Logfile of HijackThis v1.99.1
Scan saved at 19:39:17, on 2005–05–10
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Media Access\MediaAccK.exe
C:\Program Files\Media Access\MediaAccess.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\Documents and Settings\xx\Pulpit\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – Default URLSearchHook is missing
F2 – REG:system.ini: UserInit=userinit.exe,userinit32.exe
O2 – BHO: &EliteBar – {28CAEFF3–0F18–4036–B504–51D73BD81ABC} – C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 – HKLM\..\Run: [checkrun] C:\windows\system32\elitelsh32.exe
O4 – HKLM\..\Run: [HELPER] C:\WINDOWS\System32\poland.exe –N
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O15 – Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
Logfile of HijackThis v1.99.1
Scan saved at 19:39:17, on 2005–05–10
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Media Access\MediaAccK.exe
C:\Program Files\Media Access\MediaAccess.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\Documents and Settings\xx\Pulpit\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – Default URLSearchHook is missing
F2 – REG:system.ini: UserInit=userinit.exe,userinit32.exe
O2 – BHO: &EliteBar – {28CAEFF3–0F18–4036–B504–51D73BD81ABC} – C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 – HKLM\..\Run: [checkrun] C:\windows\system32\elitelsh32.exe
O4 – HKLM\..\Run: [HELPER] C:\WINDOWS\System32\poland.exe –N
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O15 – Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
Odpowiedzi: 3
dzięki wywaliłem wszystko i jest ok :)
O4 – HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 – HKLM\..\Run: [checkrun] C:\windows\system32\elitelsh32.exe
tego nie moge wywalić, spróbuje jeszcze w trybie awaryjnym
O4 – HKLM\..\Run: [checkrun] C:\windows\system32\elitelsh32.exe
tego nie moge wywalić, spróbuje jeszcze w trybie awaryjnym
Wyłacz przywracanie
Zakoncz procesy:
MediaAccK.exe
MediaAccess.exe
Odinstaluj z dodaj/usun: Media Access
Pozbadz sie pogrubionych plików/katalogow z dysku oraz FIX:
Zakoncz procesy:
MediaAccK.exe
MediaAccess.exe
Odinstaluj z dodaj/usun: Media Access
Pozbadz sie pogrubionych plików/katalogow z dysku oraz FIX:
R3 – Default URLSearchHook is missing
F2 – REG:system.ini: UserInit=userinit.exe,userinit32.exe
O2 – BHO: &EliteBar – {28CAEFF3–0F18–4036–B504–51D73BD81ABC} – C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O4 – HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 – HKLM\..\Run: [checkrun] C:\windows\system32\elitelsh32.exe
O4 – HKLM\..\Run: [HELPER] C:\WINDOWS\System32\poland.exe –N
O15 – Trusted Zone: http://ny.contentmatch.net (HKLM)
Strona 1 / 1