-
wyłącz przywracanie systemu.
-
wejdz w tryb awaqryjny.
Za pomocą Hijack This usuń :
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://c:/spad/start.html
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O4 - HKLM…\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”
O4 - HKLM…\Run: [ccRegVfy] “C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe”
O4 - HKLM…\Run: [startupDelayer] “C:\Program Files\r2 studios\Startup Delayer\Startup Launcher GUI.exe”
Odnajdz na dysku C:\Program Files\r2 studios\Startup Delayer\Startup Launcher GUI.exe - wywal to
PISZE WYRAŻNIE “Startup Delayer” -nie umie czytac ?
sorry ale jestem zylekka wk …@@@@.
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://skaner.mks.com.pl/SkanerOnline.cab
O17 - HKLM\System\CCS\Services\Tcpip…{C0285D1D-6A83-4954-A6BB-9925856C49EA}: NameServer = 157.158.1.4
O17 - HKLM\System\CCS\Services\Tcpip…{CA5F2782-31E0-4CB5-B1E1-C3DFF1FF55AC}: NameServer = 130.235.20.3
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 157.158.1.4
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 157.158.1.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 157.158.1.4
Pozatym zastosuj sie do tego :
Pozatym znadz to> ( może nie być) To trojanek.
Browser helper objects:
{206E52E0-D52E-11D4-AD54-0000E86C26F6} C:\PROGRA~1\FRESHD~1\FRESHD~1\FDCATCH.DLL
{A045DC85-FC44-45be-8A50-E4F9C62C9A84} C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL
{0494D0D1-F8E0-41ad-92A3-14154ECE70AC} C:\PROGRAM
FILES\MYWAY\MYBAR\1.BIN\MYBAR.DLL
****************************************
Toolbars:
{8E718888-423F-11D2-876E-00A0C9082467} C:\WINDOWS\SYSTEM\MSDXM.OCX
{0494D0D9-F8E0-41ad-92A3-14154ECE70AC} C:\PROGRAM
FILES\MYWAY\MYBAR\1.BIN\MYBAR.DLL
{01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
{01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
{0E5CBF21-D15F-11D0-8301-00AA005B4383} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
{0494D0D9-F8E0-41AD-92A3-14154ECE70AC} C:\PROGRAM
FILES\MYWAY\MYBAR\1.BIN\MYBAR.DLL
{4D5C8C25-D075-11d0-B416-00C04FB90376} C:\WINDOWS\SYSTEM\SHDOCVW.DLL
{32683183-48a0-441b-a342-7c2a440a9478} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
{EFA24E61-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\SYSTEM\SHDOCVW.DLL
****************************************
All processes:
4293948487 C:\WINDOWS\SYSTEM\KERNEL32.DLL
4294943543 C:\WINDOWS\SYSTEM\MSGSRV32.EXE
4294950563 C:\WINDOWS\SYSTEM\MPREXE.EXE
4294958699 C:\WINDOWS\SYSTEM\mmtask.tsk
4294910279 C:\WINDOWS\SYSTEM\MSTASK.EXE
4294915183 C:\WINDOWS\SYSTEM\MDM.EXE
4294923827 C:\WINDOWS\EXPLORER.EXE
4294810999 C:\WINDOWS\TASKMON.EXE
4294813083 C:\WINDOWS\SYSTEM\SYSTRAY.EXE
4294819931 C:\WINDOWS\SYSTEM\TRIDTRAY.EXE
4294826799 C:\MOUSE\SYSTEM\EM_EXEC.EXE
4294832287 C:\PROGRAM FILES\NETROPA\MULTIMEDIA KEYBOARD\MMKEYBD.EXE
4294777967 C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
4294800915 C:\WINDOWS\LOADQM.EXE
4294749683 C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE
4294752223 C:\WINDOWS\SYSTEM\DDHELP.EXE
4294749323 C:\PROGRAM FILES\ALTNET\POINTS MANAGER\POINTS MANAGER.EXE
4294765639 C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
4294718423 C:\INTEL\INTEL PSNCU\CPUNUMBER.EXE
4294646903 C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE
4294623415 C:\PROGRAM FILES\COMMON FILES\GMT\GMT.EXE
4294590131 C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
4294544483 C:\PROGRAM FILES\NETROPA\MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
4294558547 C:\WINDOWS\RUNDLL32.EXE
4294550995 C:\WINDOWS\SYSTEM\WMIEXE.EXE
4294411915 C:\PROGRAM FILES\ALTNET\DOWNLOAD MANAGER\ASM.EXE
4294294995 C:\WINDOWS\SYSTEM\RNAAPP.EXE
4294526467 C:\WINDOWS\SYSTEM\TAPISRV.EXE
4294456251 C:\000.EXE
4142545835 C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
4171904155 C:\PROGRAM FILES\BAZOOKA ADWARE AND SPYWARE
SCANNER\SPYWARESCANNER.EXE
****************************************
Result when scanning:
Cydoor 399.000.000 %SystemDir%\AdCache\
Cydoor 399.000.001 Cd_clint.dll
Gator 102.098.947 CMESys
Gator 112.198.918 %WinDir%\temp\adware\
GlobalDialer 139.300.000 %ProgramsDir%\GlobalDialer\
GlobalDialer 139.300.001 sws.exe
My Search Bar 132.098.655
My Search Bar 777.777.778 c:\Program Files\MyWay\
My Search Bar.B 778.777.000 {0494D0D9-F8E0-41ad-92A3-14154ECE70AC}
My Search Bar.C 779.777.001 {0494D0D1-F8E0-41ad-92A3-14154ECE70AC}
P2P Networking 123.000.334
Points Manager 126.693.451 AltnetPointsManager
Points Manager 123.321.334
PerfectNav 352.900.000 {A045DC85-FC44-45be-8A50-E4F9C62C9A84}
PerfectNav 352.900.001 %ProgramsDir%\PerfectNav\
StarDialer 739.000.001
StarDialer 739.000.002
Viewpoint Media Player 666.555.444
Zmień tego “Symantec” na inny.