Nie moge uruchomić skanerow on-line

Dla specjalistów Bezpieczeństwo
#1

Problem jak w temacie.

Zaczęło się od tego że nie moglem otwierać stron www

Odinstalowalem symanteca /internet security/ i okazalo sie że net działa .

Natomiast ponowna proba zainstalowania zakończyła się fiaskiem. W symantecu powiedziano mi że mam wirusa “Bagele” - jakiś trojan który wykorzystuje program symanteca do blokowania neta. Zablokował też ponowną instalacje.

Kazali przeskanować system skanerem, ale skaner on-line nie działa /biala strona i pod spodem - gotowe/

Zainstalowalem AntyVirenKit Internet Security ale on też nic nie znalazł

Pozostaje stary dobry HiJack.

Bardzo proszę o pomoc

Logfile of HijackThis v1.99.1

Scan saved at 11:43:13, on 05-03-09

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\MDM.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\INTERNAT.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\WINDOWS\SYSTEM\KHOOKER.EXE

C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\AVK\AVKWCTL9.EXE

C:\PROGRAM FILES\COMMON FILES\G DATA\AVKMAIL\AVKPOP.EXE

C:\PROGRAM FILES\GADU-GADU\GG.EXE

C:\PROGRAM FILES\OLYMPUS\CAMEDIA MASTER 4.1\CM_CAMERA.EXE

C:\PROGRAM FILES\PLANET\WL-8303\RTLWAKE.EXE

C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\WEBFILTER.EXE

C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\FIREWALL\KAVPF.EXE

C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\ADSCLEANER.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\WINDOWS\SYSTEM\PSTORES.EXE

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\PROGRAM FILES\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEINT.DLL (file missing)

O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0 CE\READER\ACTIVEX\ACROIEHELPER.DLL

O2 - BHO: Poly HTML Filter BHO - {0140DF95-9128-4053-AE72-F43F0CFCA062} - C:\WINDOWS\SYSTEM\SiKernel.dll

O2 - BHO: SIPAKBHO Class - {40FB69E1-9B7B-453F-B238-37D8E9528929} - C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\PAKIEPLUGINS.DLL

O2 - BHO: Offliner AdFilter Helper - {DC9377A2-2E8D-44A1-99DB-F8A821DF254D} - C:\WINDOWS\SYSTEM\SiPlugins.dll

O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O3 - Toolbar: Pasek Webfilter - {75CD0BC5-E317-449C-9FF6-4986B3D48F64} - C:\PROGRA~1\GDATA~1\ANTIVI~1\WEBFIL~1\PAKIEGUI.DLL

O4 - HKLM…\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun

O4 - HKLM…\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe

O4 - HKLM…\Run: [internat.exe] internat.exe

O4 - HKLM…\Run: [systemTray] SysTray.Exe

O4 - HKLM…\Run: [siS KHooker] C:\WINDOWS\SYSTEM\khooker.exe

O4 - HKLM…\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup

O4 - HKLM…\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”

O4 - HKLM…\Run: [symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start

O4 - HKLM…\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM…\Run: [AVKWCtl] C:\PROGRA~1\GDATA~1\ANTIVI~1\AVK\AVKWCTL9.EXE

O4 - HKLM…\Run: [AVK Mail Checker] “C:\PROGRAM FILES\COMMON FILES\G DATA\AVKMAIL\AVKPOP.EXE”

O4 - HKLM…\RunServices: [internet Proxy Access] C:\WINDOWS\SYSTEM32\adsl.exe /service

O4 - HKLM…\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE

O4 - HKLM…\RunServices: [ccEvtMgr] “C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe”

O4 - HKLM…\RunServices: [ccSetMgr] “C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe”

O4 - HKLM…\RunServices: [iSSVC] “C:\Program Files\Norton Internet Security\ISSVC.exe”

O4 - HKLM…\RunServices: [scriptBlocking] “C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe” -reg

O4 - HKLM…\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM…\RunServices: [schedulingAgent] C:\WINDOWS\SYSTEM\mstask.exe

O4 - HKCU…\Run: [Gadu-Gadu] “C:\PROGRAM FILES\GADU-GADU\GG.EXE” /tray

O4 - HKCU…\Run: [Komunikator] C:\PROGRAM FILES\TLEN.PL\TLEN.EXE

O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Startup: CAMEDIA Master.lnk = C:\Program Files\OLYMPUS\CAMEDIA Master 4.1\CM_camera.exe

O4 - Startup: PLANET WL-8303.lnk = C:\Program Files\PLANET\WL-8303\RtlWake.exe

O4 - Startup: Webfilter.lnk = C:\Program Files\G DATA\AntiVirenKit InternetSecurity\Webfilter\Webfilter.exe

O4 - Startup: Firewall.lnk = C:\Program Files\G DATA\AntiVirenKit InternetSecurity\Firewall\kavpf.exe

O8 - Extra context menu item: Download with Star Downloader - C:\PROGRAM FILES\STAR DOWNLOADER\sdie.htm

O8 - Extra context menu item: Add selected links to Link Container - C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\System\Scripts\off_collector_sel.htm

O8 - Extra context menu item: Show domain links - C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\System\Scripts\off_domain_links.htm

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/pi/components/SignActivX.cab

O16 - DPF: Notowania ONET - http://notowania.bph.pl/arkusz/notowania.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://kamera.wszib.edu.pl/activex/AxisCamControl.ocx

O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 194.204.159.1,194.204.152.34

#2

Widzę jakieś pozostałości po Nortonie, czy ty go masz jeszcze zainstalowanego?

Przeskanuj system programem jv16 PowerTools, wyczyść rejestr.

Jakiej przeglądarki internetowej uzywasz?

w takim razie usuń:

O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEINT.DLL (file missing)

   	O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)

   	O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)

   	O4 - HKLM\..\Run: [SystemTray] SysTray.Exe

   	O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

   	O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start

   	O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE

 	O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"

   	O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"

   	O4 - HKLM\..\RunServices: [ISSVC] "C:\Program Files\Norton Internet Security\ISSVC.exe"

   	O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg

   	O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

   	O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O4 - HKLM…\RunServices: [internet Proxy Access] C:\WINDOWS\SYSTEM32\adsl.exe /service - znasz/zostawiasz, nie/usuwasz.

#3

Nortona już skasowalem

Przeglądarka IE - ale coś jest nie tak… widze że nie wyświetla wersji …

#4

Ale masz pozostałości po nim. Dokonaj czyszczenia rejestru: TYM programem.

Ja widzę Twoją wersję IE w logu:

#5

dalej nic - na dodatek niechodzi strona windowsupdate

Gdzie mogę szukac przyczyny?

Logfile of HijackThis v1.99.1

Scan saved at 13:12:58, on 05-03-09

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\MDM.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\INTERNAT.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\WINDOWS\SYSTEM\KHOOKER.EXE

C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\AVK\AVKWCTL9.EXE

C:\PROGRAM FILES\COMMON FILES\G DATA\AVKMAIL\AVKPOP.EXE

C:\PROGRAM FILES\GADU-GADU\GG.EXE

C:\PROGRAM FILES\OLYMPUS\CAMEDIA MASTER 4.1\CM_CAMERA.EXE

C:\PROGRAM FILES\PLANET\WL-8303\RTLWAKE.EXE

C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\WEBFILTER.EXE

C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\FIREWALL\KAVPF.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\ADSCLEANER.EXE

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\WINDOWS\SYSTEM\PSTORES.EXE

C:\PROGRAM FILES\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0 CE\READER\ACTIVEX\ACROIEHELPER.DLL

O2 - BHO: SIPAKBHO Class - {40FB69E1-9B7B-453F-B238-37D8E9528929} - C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\PAKIEPLUGINS.DLL

O2 - BHO: Offliner AdFilter Helper - {DC9377A2-2E8D-44A1-99DB-F8A821DF254D} - C:\WINDOWS\SYSTEM\SiPlugins.dll

O2 - BHO: Poly HTML Filter BHO - {0140DF95-9128-4053-AE72-F43F0CFCA062} - C:\WINDOWS\SYSTEM\SiKernel.dll

O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEINT.DLL (file missing)

O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O3 - Toolbar: Pasek Webfilter - {75CD0BC5-E317-449C-9FF6-4986B3D48F64} - C:\PROGRA~1\GDATA~1\ANTIVI~1\WEBFIL~1\PAKIEGUI.DLL

O4 - HKLM…\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun

O4 - HKLM…\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe

O4 - HKLM…\Run: [internat.exe] internat.exe

O4 - HKLM…\Run: [systemTray] SysTray.Exe

O4 - HKLM…\Run: [siS KHooker] C:\WINDOWS\SYSTEM\khooker.exe

O4 - HKLM…\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup

O4 - HKLM…\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM…\Run: [AVKWCtl] C:\PROGRA~1\GDATA~1\ANTIVI~1\AVK\AVKWCTL9.EXE

O4 - HKLM…\Run: [AVK Mail Checker] “C:\PROGRAM FILES\COMMON FILES\G DATA\AVKMAIL\AVKPOP.EXE”

O4 - HKLM…\RunServices: [internet Proxy Access] C:\WINDOWS\SYSTEM32\adsl.exe /service

O4 - HKLM…\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE

O4 - HKLM…\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM…\RunServices: [schedulingAgent] C:\WINDOWS\SYSTEM\mstask.exe

O4 - HKCU…\Run: [Gadu-Gadu] “C:\PROGRAM FILES\GADU-GADU\GG.EXE” /tray

O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Startup: CAMEDIA Master.lnk = C:\Program Files\OLYMPUS\CAMEDIA Master 4.1\CM_camera.exe

O4 - Startup: PLANET WL-8303.lnk = C:\Program Files\PLANET\WL-8303\RtlWake.exe

O4 - Startup: Webfilter.lnk = C:\Program Files\G DATA\AntiVirenKit InternetSecurity\Webfilter\Webfilter.exe

O4 - Startup: Firewall.lnk = C:\Program Files\G DATA\AntiVirenKit InternetSecurity\Firewall\kavpf.exe

O8 - Extra context menu item: Add selected links to Link Container - C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\System\Scripts\off_collector_sel.htm

O8 - Extra context menu item: Show domain links - C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\System\Scripts\off_domain_links.htm

O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 194.204.159.1,194.204.152.34

#6

usun

O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEINT.DLL (file missing)

O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)

i daj log na nowo

bruzdzi ci norton

#7

Logfile of HijackThis v1.99.1

Scan saved at 13:33:45, on 05-03-09

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\MDM.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\INTERNAT.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\WINDOWS\SYSTEM\KHOOKER.EXE

C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\AVK\AVKWCTL9.EXE

C:\PROGRAM FILES\COMMON FILES\G DATA\AVKMAIL\AVKPOP.EXE

C:\PROGRAM FILES\GADU-GADU\GG.EXE

C:\PROGRAM FILES\OLYMPUS\CAMEDIA MASTER 4.1\CM_CAMERA.EXE

C:\PROGRAM FILES\PLANET\WL-8303\RTLWAKE.EXE

C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\WEBFILTER.EXE

C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\FIREWALL\KAVPF.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\ADSCLEANER.EXE

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

C:\PROGRAM FILES\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0 CE\READER\ACTIVEX\ACROIEHELPER.DLL

O2 - BHO: SIPAKBHO Class - {40FB69E1-9B7B-453F-B238-37D8E9528929} - C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\PAKIEPLUGINS.DLL

O2 - BHO: Offliner AdFilter Helper - {DC9377A2-2E8D-44A1-99DB-F8A821DF254D} - C:\WINDOWS\SYSTEM\SiPlugins.dll

O2 - BHO: Poly HTML Filter BHO - {0140DF95-9128-4053-AE72-F43F0CFCA062} - C:\WINDOWS\SYSTEM\SiKernel.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O3 - Toolbar: Pasek Webfilter - {75CD0BC5-E317-449C-9FF6-4986B3D48F64} - C:\PROGRA~1\GDATA~1\ANTIVI~1\WEBFIL~1\PAKIEGUI.DLL

O4 - HKLM…\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun

O4 - HKLM…\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe

O4 - HKLM…\Run: [internat.exe] internat.exe

O4 - HKLM…\Run: [systemTray] SysTray.Exe

O4 - HKLM…\Run: [siS KHooker] C:\WINDOWS\SYSTEM\khooker.exe

O4 - HKLM…\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup

O4 - HKLM…\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM…\Run: [AVKWCtl] C:\PROGRA~1\GDATA~1\ANTIVI~1\AVK\AVKWCTL9.EXE

O4 - HKLM…\Run: [AVK Mail Checker] “C:\PROGRAM FILES\COMMON FILES\G DATA\AVKMAIL\AVKPOP.EXE”

O4 - HKLM…\RunServices: [internet Proxy Access] C:\WINDOWS\SYSTEM32\adsl.exe /service

O4 - HKLM…\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE

O4 - HKLM…\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM…\RunServices: [schedulingAgent] C:\WINDOWS\SYSTEM\mstask.exe

O4 - HKCU…\Run: [Gadu-Gadu] “C:\PROGRAM FILES\GADU-GADU\GG.EXE” /tray

O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Startup: CAMEDIA Master.lnk = C:\Program Files\OLYMPUS\CAMEDIA Master 4.1\CM_camera.exe

O4 - Startup: PLANET WL-8303.lnk = C:\Program Files\PLANET\WL-8303\RtlWake.exe

O4 - Startup: Webfilter.lnk = C:\Program Files\G DATA\AntiVirenKit InternetSecurity\Webfilter\Webfilter.exe

O4 - Startup: Firewall.lnk = C:\Program Files\G DATA\AntiVirenKit InternetSecurity\Firewall\kavpf.exe

O8 - Extra context menu item: Add selected links to Link Container - C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\System\Scripts\off_collector_sel.htm

O8 - Extra context menu item: Show domain links - C:\PROGRAM FILES\G DATA\ANTIVIRENKIT INTERNETSECURITY\WEBFILTER\System\Scripts\off_domain_links.htm

O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 194.204.159.1,194.204.152.34

Dalej nic

Myśle, że najszybszym rozwiązaniem będzie format

Nie wiem czy to ma znaczenie, ale dodatkowo nie moge sie zalogowac na stronie poczta.interia.pl - może mam jakos przeglądarke ustawioną - może tam trzeba poszukać - tylko ja sam nic nigdy tam nie zmienialem.

#8

czekaj

zaden format

wejdz na ta stronke

http://www.2-spyware.com/file-windows_c … e-exe.html

tam masz scaner i sprobuj nim

u gory masz go po prawej stronie

remove wubdater.exe

przeskanuj