Strony sami się otwierają

To popularna w ostatnich dniach infekcja.

Na dobry początek:

Daj log z OTL

jessi

Uruchom OTL i w oknie Custom Scans/Fixes wklej to:

:OTL

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

FF - prefs.js..extensions.enabledItems: {0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}:2.0.0.1050

FF - prefs.js..extensions.enabledItems: {2224E955-00E9-4613-A844-CE69FCCAAE91}:3.8.1.4690

FF - HKLM\software\mozilla\Firefox\Extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.8.1.4690\FF [2009-09-14 16:19:30 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\2.0.0.1050\FF [2009-09-14 16:19:45 | 00,000,000 | ---D | M]


:Files

C:\Program Files\Media Access Startup\2.0.0.1050\HPIEAddOn.dll

C:\Program Files\Internet Saving Optimizer\3.8.1.4690\NPIEAddOn.dll

C:\Program Files\System Search Dispatcher\1.4.3.1040\ssd.dll

C:\Documents and Settings\Bartek Szulc\Ustawienia lokalne\Dane aplikacji\Internet Saving Optimizer

C:\Program Files\Sukoku

C:\Documents and Settings\All Users\Dane aplikacji\Sukoku

C:\Documents and Settings\Bartek Szulc\Ustawienia lokalne\Dane aplikacji\Media Access Startup

C:\Program Files\Media Access Startup

C:\Program Files\Internet Saving Optimizer

C:\Program Files\System Search Dispatcher

C:\Program Files\DoubleD

C:\Documents and Settings\Bartek Szulc\Ustawienia lokalne\Dane aplikacji\DoubleD

C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll


:Services

FAH2

FAH3


:Reg

[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}]

[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]

[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404}]

[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{37B85A29-692B-4205-9CAD-2626E4993404}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}"=-

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{37B85A29-692B-4205-9CAD-2626E4993404} "=-

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{5617ECA9-488D-4BA2-8562-9710B9AB78D2}"=-

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}"=-


:Commands

[emptytemp]

[start explorer]

[Reboot]

Kliknij w Run Fix. Zatwierdź restart komputera.

Następnie uruchom OTL ponownie, tym razem wywołaj opcję Run Scan.

Pokaż nowy log OTL.txt oraz log z czyszczenia.

jessi