Problem jak w temacie.
Zaczęło się od tego że nie moglem otwierać stron www
Odinstalowalem symanteca /internet security/ i okazalo sie że net działa .
Natomiast ponowna proba zainstalowania zakończyła się fiaskiem. W symantecu powiedziano mi że mam wirusa “Bagele” - jakiś trojan który wykorzystuje program symanteca do blokowania neta. Zablokował też ponowną instalacje.
Kazali przeskanować system skanerem, ale skaner on-line nie działa /biala strona i pod spodem - gotowe/
Zainstalowalem AntyVirenKit Internet Security ale on też nic nie znalazł
Pozostaje stary dobry HiJack.
Bardzo proszę o pomoc
Logfile of HijackThis v1.99.1
Scan saved at 11:43:13, on 05-03-09
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\KHOOKER.EXE
C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\AVK\AVKWCTL9.EXE
C:\PROGRAM FILES\COMMON FILES\G DATA\AVKMAIL\AVKPOP.EXE
C:\PROGRAM FILES\GADU-GADU\GG.EXE
C:\PROGRAM FILES\OLYMPUS\CAMEDIA MASTER 4.1\CM_CAMERA.EXE
C:\PROGRAM FILES\PLANET\WL-8303\RTLWAKE.EXE
C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\WEBFILTER.EXE
C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\FIREWALL\KAVPF.EXE
C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\ADSCLEANER.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEINT.DLL (file missing)
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0 CE\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: Poly HTML Filter BHO - {0140DF95-9128-4053-AE72-F43F0CFCA062} - C:\WINDOWS\SYSTEM\SiKernel.dll
O2 - BHO: SIPAKBHO Class - {40FB69E1-9B7B-453F-B238-37D8E9528929} - C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\PAKIEPLUGINS.DLL
O2 - BHO: Offliner AdFilter Helper - {DC9377A2-2E8D-44A1-99DB-F8A821DF254D} - C:\WINDOWS\SYSTEM\SiPlugins.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Pasek Webfilter - {75CD0BC5-E317-449C-9FF6-4986B3D48F64} - C:\PROGRA~1\GDATA~1\ANTIVI~1\WEBFIL~1\PAKIEGUI.DLL
O4 - HKLM…\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM…\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM…\Run: [internat.exe] internat.exe
O4 - HKLM…\Run: [systemTray] SysTray.Exe
O4 - HKLM…\Run: [siS KHooker] C:\WINDOWS\SYSTEM\khooker.exe
O4 - HKLM…\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM…\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”
O4 - HKLM…\Run: [symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM…\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM…\Run: [AVKWCtl] C:\PROGRA~1\GDATA~1\ANTIVI~1\AVK\AVKWCTL9.EXE
O4 - HKLM…\Run: [AVK Mail Checker] “C:\PROGRAM FILES\COMMON FILES\G DATA\AVKMAIL\AVKPOP.EXE”
O4 - HKLM…\RunServices: [internet Proxy Access] C:\WINDOWS\SYSTEM32\adsl.exe /service
O4 - HKLM…\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM…\RunServices: [ccEvtMgr] “C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe”
O4 - HKLM…\RunServices: [ccSetMgr] “C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe”
O4 - HKLM…\RunServices: [iSSVC] “C:\Program Files\Norton Internet Security\ISSVC.exe”
O4 - HKLM…\RunServices: [scriptBlocking] “C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe” -reg
O4 - HKLM…\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM…\RunServices: [schedulingAgent] C:\WINDOWS\SYSTEM\mstask.exe
O4 - HKCU…\Run: [Gadu-Gadu] “C:\PROGRAM FILES\GADU-GADU\GG.EXE” /tray
O4 - HKCU…\Run: [Komunikator] C:\PROGRAM FILES\TLEN.PL\TLEN.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: CAMEDIA Master.lnk = C:\Program Files\OLYMPUS\CAMEDIA Master 4.1\CM_camera.exe
O4 - Startup: PLANET WL-8303.lnk = C:\Program Files\PLANET\WL-8303\RtlWake.exe
O4 - Startup: Webfilter.lnk = C:\Program Files\G DATA\AntiVirenKit InternetSecurity\Webfilter\Webfilter.exe
O4 - Startup: Firewall.lnk = C:\Program Files\G DATA\AntiVirenKit InternetSecurity\Firewall\kavpf.exe
O8 - Extra context menu item: Download with Star Downloader - C:\PROGRAM FILES\STAR DOWNLOADER\sdie.htm
O8 - Extra context menu item: Add selected links to Link Container - C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\System\Scripts\off_collector_sel.htm
O8 - Extra context menu item: Show domain links - C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\System\Scripts\off_domain_links.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/pi/components/SignActivX.cab
O16 - DPF: Notowania ONET - http://notowania.bph.pl/arkusz/notowania.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://kamera.wszib.edu.pl/activex/AxisCamControl.ocx
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 194.204.159.1,194.204.152.34