Atak trojanów, po oczyszczeniu nadal problemy

abate · 25 Maj 2007 13:01

Wczoraj odkryłam, że zaatakowało mnie kilka trojanów. Internet działał, mogłam pingować strony, gg działało, Skype, itp. z wyjątkiem otwierania się stron www .

Przeczyściłam całość (Ad Awarem SE, Super Ad Blockerem i Avastem!, na koniec NoLop’em), wywaliłam kilka śmieci. Pomogło na wyświetlanie stron. Dziś jednak nadal wyskakują mi od czasu do czasu pop-up’y (mam odpalonego FF ale pop-upy otwierają się w IE, czasem tylko pojawia się okienko FF). Przeskanowałam ponownie, znowu znalazł kilka trojanków, ale poradził sobie z nimi. Po jakimś czasie wracają.

Przeglądając system znalazłam: ALCMTR, ALCWZRD, MicCal, RtlUpd, SOUNDMAN… ale nie widzę ich w logach hjt.

Log z HJT:

Logfile of HijackThis v1.99.1 Scan saved at 13:46:26, on 2007-05-25 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe D:\Programs\lavasoft\SABSVC.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe C:\WINDOWS\ATK0100\HControl.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Gadu-Gadu\gg.exe D:\Programs\lavasoft\SAdBlock.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Skype\Plugin Manager\SkypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe D:\Przydatniki\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: SuperAdBlockerBHO Class - {00000000-6C30-11D8-9363-000AE6309654} - D:\Programs\lavasoft\SABBHO.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O3 - Toolbar: Super Ad Blocker Toolbar - {B4B3001E-0F56-4E51-8250-BDE11547EC55} - D:\Programs\lavasoft\sabtb.dll O4 - HKLM…\Run: [intelZeroConfig] “C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe” O4 - HKLM…\Run: [intelWireless] “C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe” /tf Intel PROSet/Wireless O4 - HKLM…\Run: [EOUApp] “C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe” O4 - HKLM…\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [skrót do strony właściwości High Definition Audio] HDAShCut.exe O4 - HKLM…\Run: [sMSERIAL] sm56hlpr.exe O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE O4 - HKCU…\Run: [skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [superAdBlocker] D:\Programs\lavasoft\SAdBlock.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SABWinLogon - D:\Programs\lavasoft\SABWINLO.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Gupta SQLBase ANNASB - Unknown owner - C:\Program Files\Gupta\SQLBase901\dbntsrv.exe" “SERVICE=Gupta SQLBase ANNASB” “INI=C:\Program Files\Gupta\SQLBase901\sql.ini (file missing) O23 - Service: Gupta SQLBase Resource Manager ANNASB - Unknown owner - C:\Program Files\Gupta\SQLBase901\SQLBrm.EXE” /service=“Gupta SQLBase Resource Manager ANNASB” /ini=“C:\Program Files\Gupta\SQLBase901\sql.ini” /server=“C:\Program Files\Gupta\SQLBase901\dbntsrv.exe (file missing) O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe” -sSQLEXPRESS (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Super Ad Blocker Service (SABSVC) - SuperAdBlocker.com - D:\Programs\lavasoft\SABSVC.EXE O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Gutek · 25 Maj 2007 17:51

możesz usunąć plik

Daj log z Combofix

abate · 25 Maj 2007 19:09

Plik usunięty. Mam nadzieję, że realtek sie nie obrazi

ComboFix log:

“Ania” - 2007-05-25 19:55:40 Dodatek Service Pack 2 ComboFix 07-05.25.3V - Running from: “D:\Przydatniki\HJT” (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) “C:\DOCUME~1\LOCALS~1\DANEAP~1\netmon\domains.txt” “C:\DOCUME~1\LOCALS~1\DANEAP~1\netmon\log.txt” “C:\Program Files\inetget2” “C:\DOCUME~1\LOCALS~1\DANEAP~1\netmon” “C:\WINDOWS\system32\drivers\core.sys” Purity Folders: C:\DOCUME~1\Ania\DANEAP~1\ICROSO~1 ((((((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) -------\LEGACY_CORE -------\core ((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-25 )))))))))))))))))))))))))))))))))) 2007-05-25 01:50 2007-05-25 00:49 0 --a------ C:\WINDOWS\system32\drivers\SETUP.EXE 2007-05-25 00:49 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE 2007-05-25 00:41 2007-05-25 00:41 2007-05-25 00:15 2007-05-25 00:13 2007-05-24 16:59 2007-05-09 18:07 2007-05-09 18:07 2007-05-09 18:07 2007-05-09 14:02 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-16 13:32:24 -------- d-----w C:\DOCUME~1\Ania\DANEAP~1\Apple Computer 2007-06-16 13:32:20 -------- d-----w C:\Program Files\iTunes 2007-06-16 13:32:15 -------- d-----w C:\Program Files\iPod 2007-06-16 13:32:03 -------- d-----w C:\Program Files\QuickTime 2007-06-16 13:31:30 -------- d-----w C:\Program Files\Apple Software Update 2007-05-25 18:55:28 -------- d-----w C:\DOCUME~1\Ania\DANEAP~1\Skype 2007-05-25 13:08:50 -------- d-----w C:\Program Files\Messenger 2007-05-21 16:36:36 -------- d-----w C:\DOCUME~1\Ania\DANEAP~1\OpenOffice.org2 2007-05-18 12:34:38 547,260 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-05-18 12:34:38 113,994 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-05-15 17:05:23 -------- d-----w C:\Program Files\Miranda IM 2007-05-06 13:48:00 22,584 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2007-05-06 13:47:56 99,904 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-04-18 16:14:32 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-02 10:00:25 -------- d-----w C:\DOCUME~1\Ania\DANEAP~1\ICAClient 2007-04-02 09:59:15 -------- d-----w C:\Program Files\Citrix 2007-03-23 15:22:15 -------- d-----w C:\DOCUME~1\Ania\DANEAP~1\Help 2007-03-22 16:53:38 63,040 ----a-w C:\WINDOWS\system32\PnkBstrA.exe 2007-03-22 16:18:12 -------- d-----w C:\Program Files\OpenOffice.org 2.1 2007-03-22 16:05:58 -------- d-----w C:\Program Files\Common Files\InstallShield 2007-03-22 14:49:59 -------- d-----w C:\DOCUME~1\Ania\DANEAP~1\Azureus 2007-03-18 21:31:22 -------- d-----w C:\Program Files\GuildFTPd 2007-03-17 13:45:36 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll 2007-03-12 18:49:12 -------- d-----w C:\DOCUME~1\Ania\DANEAP~1\Opera 2007-03-11 16:26:50 -------- d-----w C:\Program Files\Microsoft Device Emulator 2007-03-11 16:26:42 -------- d-----w C:\Program Files\Microsoft SQL Server 2005 Mobile Edition 2007-03-11 15:13:35 -------- d-----w C:\Program Files\MSBuild 2007-03-11 15:09:10 -------- d-----w C:\Program Files\HTML Help Workshop 2007-03-11 14:58:14 -------- d-----w C:\Program Files\Common Files\Merge Modules 2007-03-11 14:55:35 -------- d-----w C:\Program Files\Common Files\Business Objects 2007-03-11 14:54:52 -------- d-----w C:\Program Files\Microsoft.NET 2007-03-11 14:54:52 -------- d-----w C:\Program Files\CE Remote Tools 2007-03-10 15:58:28 -------- d-----w C:\Program Files\Microsoft Visual Studio 8 2007-03-10 15:21:56 -------- d-----w C:\Program Files\DAEMON Tools 2007-03-10 15:20:13 646,392 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2007-03-08 15:38:47 579,072 ----a-w C:\WINDOWS\system32\user32.dll 2007-03-08 15:38:47 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll 2007-03-08 15:38:47 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll 2007-03-08 15:37:33 1,843,840 ----a-w C:\WINDOWS\system32\win32k.sys 2007-02-22 16:19:03 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll 2007-02-22 16:19:03 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll 2007-02-22 16:19:03 1,060,864 ----a-w C:\WINDOWS\system32\MFC71.dll 2007-02-05 20:19:48 185,856 ----a-w C:\WINDOWS\system32\upnphost.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {00000000-6C30-11D8-9363-000AE6309654}=D:\Programs\lavasoft\SABBHO.dll [2007-02-20 15:02] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll [2006-12-15 04:23] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “IntelZeroConfig”=“C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe” [2006-04-14 11:51] “IntelWireless”=“C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe” [2006-04-14 11:52] “EOUApp”=“C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe” [2006-04-14 11:56] “HControl”=“C:\WINDOWS\ATK0100\HControl.exe” [2006-02-23 05:40] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-04-30 16:42] “NvCplDaemon”=“C:\WINDOWS\system32\NvCpl.dll” [2005-11-21 16:51] “Skrót do strony właściwości High Definition Audio”=“HDAShCut.exe” [2005-01-07 17:07 C:\WINDOWS\system32\HdAShCut.exe] “SMSERIAL”=“sm56hlpr.exe” [] “RTHDCPL”=“RTHDCPL.EXE” [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Skype”=“C:\Program Files\Skype\Phone\Skype.exe” [2007-02-05 18:35] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2006-11-14 10:12] “SuperAdBlocker”=“D:\Programs\lavasoft\SAdBlock.exe” [2007-02-27 11:24] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] “{5AE067D3-9AFB-48E0-853A-EBB7F4A000D7}”=“D:\Programs\lavasoft\SABSEHB.DLL” [2006-11-07 11:58] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify!SABWinLogon] D:\Programs\lavasoft\SABWINLO.DLL [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Synchronizer.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Synchronizer.lnk backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Ania^Menu Start^Programy^Autostart^Adobe Gamma.lnk] path=C:\Documents and Settings\Ania\Menu Start\Programy\Autostart\Adobe Gamma.lnk backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bike wait dumb ball] C:\Documents and Settings\All Users\Dane aplikacji\browse math bike wait\Soapglue.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033 -noicon [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] “C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] “PnkBstrB”=3 (0x3) “PnkBstrA”=2 (0x2) ~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ backup-20070525-195223-169 O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE Contents of the ‘Scheduled Tasks’ folder 2007-06-16 13:31:31 C:\WINDOWS\tasks\AppleSoftwareUpdate.job ******************************************************************** catchme 0.3.681 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-05-25 20:00:33 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ******************************************************************** [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run] “Skrót do strony wlasciwosci High Definition Audio”=“HDAShCut.exe” [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Gupta SQLBase ANNASB] “ImagePath”="“C:\Program Files\Gupta\SQLBase901\dbntsrv.exe” “SERVICE=Gupta SQLBase ANNASB” “INI=C:\Program Files\Gupta\SQLBase901\sql.ini”" Completion time: 2007-05-25 20:01:37 - machine was rebooted C:\ComboFix-quarantined-files.txt … 2007-05-25 20:01 — E O F —

Może dodatkowo nadmienię, że te wyskakujące okienka są cały czas z tego samego adresu: http : //url.cpvfeed.com /cpv.jsp?p

Joan · 25 Maj 2007 21:11

usun folder z dysku w trybie awaryjnym

wiesz, co to jest?

Skan AVG AntySpyware 7.5 po update, wklej raport oraz loga z SilentRunners i nowego combifixa

abate · 25 Maj 2007 22:57

hmm… powiem tak.

Nie mam już tych folderów, po ostatnim uruchomieniu combofix’a zniknęły problemy z pop up’ami. Soapglue się pozbyłam zaraz na początku za pomocą Ad Aware’a.

Ale mimo to przeskanuje jeszcze raz. Zobaczymy, może wygrzebie jeszcze coś.

Ale to już jutro wrzucę raport.

BTW gdyby nie wasze forum, to już wczoraj o 2 rano wyrwałabym wszystkie włosy z głowy. Wielkie dzięki.

Gutek · 26 Maj 2007 09:14

Daj nowy log z Combo

abate · 26 Maj 2007 10:21

Log z avg

--------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 11:17:39 2007-05-26 + Scan result: C:\Program Files\WinZix\WinZixManager.dll -> Adware.WinZix : Cleaned. C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\core.sys.vir -> Rootkit.Agent.eq : Cleaned with backup (quarantined). :mozilla.110:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.111:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.112:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.113:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.114:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.115:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.116:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.117:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.118:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.119:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.120:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.121:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.122:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.123:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.124:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.125:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.258:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.439:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.658:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.765:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.811:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.866:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.198:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.199:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.308:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adengage : Cleaned. :mozilla.143:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.144:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.288:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.289:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.362:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.363:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.437:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.438:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.463:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.464:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.257:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.816:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.817:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.243:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.244:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.245:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.246:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.247:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.67:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.349:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.350:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.351:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.352:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.353:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.798:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Connextra : Cleaned. :mozilla.799:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Connextra : Cleaned. :mozilla.800:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Connextra : Cleaned. :mozilla.918:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned. C:\Documents and Settings\Ania\Cookies\ania@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned. :mozilla.56:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.897:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Etracker : Cleaned. :mozilla.718:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.719:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.720:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.721:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.723:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.724:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.256:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.21:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Gemius : Cleaned. :mozilla.22:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Gemius : Cleaned. :mozilla.25:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Gemius : Cleaned. :mozilla.202:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.203:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.204:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.205:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.218:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.219:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.220:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.221:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.643:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.644:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.250:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned. :mozilla.253:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned. :mozilla.310:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Information : Cleaned. :mozilla.225:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned. :mozilla.226:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned. :mozilla.820:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Live : Cleaned. :mozilla.821:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Live : Cleaned. :mozilla.822:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Live : Cleaned. :mozilla.248:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. C:\Documents and Settings\Ania\Cookies\ania@ie.search.msn[1].txt -> TrackingCookie.Msn : Cleaned. :mozilla.29:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Netflame : Cleaned. :mozilla.685:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.686:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.618:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.91:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Paypal : Cleaned. :mozilla.181:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.182:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.183:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.184:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.185:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.186:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.215:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.216:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.217:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.559:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Real : Cleaned. :mozilla.560:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Real : Cleaned. :mozilla.561:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Real : Cleaned. :mozilla.325:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.348:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Revenue : Cleaned. :mozilla.334:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.335:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.338:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.341:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.467:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned. :mozilla.468:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned. :mozilla.491:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.492:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.493:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.494:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.495:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.496:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.421:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.71:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Skype : Cleaned. :mozilla.72:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Skype : Cleaned. :mozilla.73:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Skype : Cleaned. C:\Documents and Settings\Ania\Cookies\ania@skype[2].txt -> TrackingCookie.Skype : Cleaned. :mozilla.227:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.228:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.229:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.230:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.231:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.232:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.233:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.234:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.235:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.236:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.333:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.336:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.337:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.339:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.340:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.145:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.146:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.147:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.148:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.149:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.631:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.632:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.633:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.634:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.635:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.636:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.637:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.490:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.138:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned. :mozilla.210:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned. :mozilla.313:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.314:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.315:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.211:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.212:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.213:C:\Documents and Settings\Ania\Dane aplikacji\Mozilla\Firefox\Profiles\1fhd539i.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. ::Report end

combo za chwilkę

Złączono Posta : 26.05.2007 (Sob) 12:27

Combo:

“Ania” - 2007-05-26 11:24:25 Dodatek Service Pack 2 ComboFix 07-05.25.3V - Running from: “D:\Przydatniki\HJT” ((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-26 )))))))))))))))))))))))))))))))))) 2007-05-26 00:04 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-05-25 20:01 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-05-25 01:50 2007-05-25 00:49 0 --a------ C:\WINDOWS\system32\drivers\SETUP.EXE 2007-05-25 00:49 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE 2007-05-25 00:41 2007-05-25 00:41 2007-05-25 00:15 2007-05-25 00:13 2007-05-24 16:59 2007-05-09 18:07 2007-05-09 18:07 2007-05-09 14:02 (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-16 13:32:24 -------- d-----w C:\DOCUME~1\Ania\DANEAP~1\Apple Computer 2007-06-16 13:32:20 -------- d-----w C:\Program Files\iTunes 2007-06-16 13:32:15 -------- d-----w C:\Program Files\iPod 2007-06-16 13:32:03 -------- d-----w C:\Program Files\QuickTime 2007-06-16 13:31:30 -------- d-----w C:\Program Files\Apple Software Update 2007-05-26 09:47:42 -------- d-----w C:\DOCUME~1\Ania\DANEAP~1\Skype 2007-05-25 13:08:50 -------- d-----w C:\Program Files\Messenger 2007-05-21 16:36:36 -------- d-----w C:\DOCUME~1\Ania\DANEAP~1\OpenOffice.org2 2007-05-18 12:34:38 547,260 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-05-18 12:34:38 113,994 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-05-15 17:05:23 -------- d-----w C:\Program Files\Miranda IM 2007-05-06 13:48:00 22,584 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2007-05-06 13:47:56 99,904 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-04-18 16:14:32 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-02 10:00:25 -------- d-----w C:\DOCUME~1\Ania\DANEAP~1\ICAClient 2007-04-02 09:59:15 -------- d-----w C:\Program Files\Citrix 2007-03-23 15:22:15 -------- d-----w C:\DOCUME~1\Ania\DANEAP~1\Help 2007-03-22 16:53:38 63,040 ----a-w C:\WINDOWS\system32\PnkBstrA.exe 2007-03-22 16:18:12 -------- d-----w C:\Program Files\OpenOffice.org 2.1 2007-03-22 16:05:58 -------- d-----w C:\Program Files\Common Files\InstallShield 2007-03-22 14:49:59 -------- d-----w C:\DOCUME~1\Ania\DANEAP~1\Azureus 2007-03-18 21:31:22 -------- d-----w C:\Program Files\GuildFTPd 2007-03-17 13:45:36 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll 2007-03-12 18:49:12 -------- d-----w C:\DOCUME~1\Ania\DANEAP~1\Opera 2007-03-11 16:26:50 -------- d-----w C:\Program Files\Microsoft Device Emulator 2007-03-11 16:26:42 -------- d-----w C:\Program Files\Microsoft SQL Server 2005 Mobile Edition 2007-03-11 15:13:35 -------- d-----w C:\Program Files\MSBuild 2007-03-11 15:09:10 -------- d-----w C:\Program Files\HTML Help Workshop 2007-03-11 14:58:14 -------- d-----w C:\Program Files\Common Files\Merge Modules 2007-03-11 14:55:35 -------- d-----w C:\Program Files\Common Files\Business Objects 2007-03-11 14:54:52 -------- d-----w C:\Program Files\Microsoft.NET 2007-03-11 14:54:52 -------- d-----w C:\Program Files\CE Remote Tools 2007-03-10 15:58:28 -------- d-----w C:\Program Files\Microsoft Visual Studio 8 2007-03-10 15:21:56 -------- d-----w C:\Program Files\DAEMON Tools 2007-03-10 15:20:13 646,392 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2007-03-08 15:38:47 579,072 ----a-w C:\WINDOWS\system32\user32.dll 2007-03-08 15:38:47 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll 2007-03-08 15:38:47 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll 2007-03-08 15:37:33 1,843,840 ----a-w C:\WINDOWS\system32\win32k.sys 2007-02-22 16:19:03 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll 2007-02-22 16:19:03 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll 2007-02-22 16:19:03 1,060,864 ----a-w C:\WINDOWS\system32\MFC71.dll 2007-02-05 20:19:48 185,856 ----a-w C:\WINDOWS\system32\upnphost.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {00000000-6C30-11D8-9363-000AE6309654}=D:\Programs\lavasoft\SABBHO.dll [2007-02-20 15:02] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll [2006-12-15 04:23] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “IntelZeroConfig”=“C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe” [2006-04-14 11:51] “IntelWireless”=“C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe” [2006-04-14 11:52] “EOUApp”=“C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe” [2006-04-14 11:56] “HControl”=“C:\WINDOWS\ATK0100\HControl.exe” [2006-02-23 05:40] “avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-04-30 16:42] “NvCplDaemon”=“C:\WINDOWS\system32\NvCpl.dll” [2005-11-21 16:51] “Skrót do strony właściwości High Definition Audio”=“HDAShCut.exe” [2005-01-07 17:07 C:\WINDOWS\system32\HdAShCut.exe] “SMSERIAL”=“sm56hlpr.exe” [] “RTHDCPL”=“RTHDCPL.EXE” [] “!AVG Anti-Spyware”=“D:\Programs\AVG Anti-Spyware 7.5\avgas.exe” [2006-10-07 13:20] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Skype”=“C:\Program Files\Skype\Phone\Skype.exe” [2007-02-05 18:35] “Gadu-Gadu”=“C:\Program Files\Gadu-Gadu\gg.exe” [2006-11-14 10:12] “SuperAdBlocker”=“D:\Programs\lavasoft\SAdBlock.exe” [2007-02-27 11:24] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] “{5AE067D3-9AFB-48E0-853A-EBB7F4A000D7}”=“D:\Programs\lavasoft\SABSEHB.DLL” [2006-11-07 11:58] “{57B86673-276A-48B2-BAE7-C6DBB3020EB8}”=“D:\Programs\AVG Anti-Spyware 7.5\shellexecutehook.dll” [2006-09-28 15:13] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify!SABWinLogon] D:\Programs\lavasoft\SABWINLO.DLL [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Synchronizer.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Synchronizer.lnk backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Ania^Menu Start^Programy^Autostart^Adobe Gamma.lnk] path=C:\Documents and Settings\Ania\Menu Start\Programy\Autostart\Adobe Gamma.lnk backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bike wait dumb ball] C:\Documents and Settings\All Users\Dane aplikacji\browse math bike wait\Soapglue.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033 -noicon [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] “C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] “PnkBstrB”=3 (0x3) “PnkBstrA”=2 (0x2) *Newly Created Service* -AVGASCLN Contents of the ‘Scheduled Tasks’ folder 2007-06-16 13:31:31 C:\WINDOWS\tasks\AppleSoftwareUpdate.job ******************************************************************** catchme 0.3.681 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-05-26 11:25:36 Windows 5.1.2600 Dodatek Service Pack 2 NTFS scanning hidden processes … cmd.exe [2868] scanning hidden autostart entries … scanning hidden files … scan completed successfully hidden files: 0 ******************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Gupta SQLBase ANNASB] “ImagePath”="“C:\Program Files\Gupta\SQLBase901\dbntsrv.exe” “SERVICE=Gupta SQLBase ANNASB” “INI=C:\Program Files\Gupta\SQLBase901\sql.ini”" Completion time: 2007-05-26 11:26:06 C:\ComboFix-quarantined-files.txt … 2007-05-26 11:26 C:\ComboFix2.txt … 2007-05-25 20:01 — E O F —

Gutek · 26 Maj 2007 13:07

usuń i powinno być Ok

abate · 26 Maj 2007 17:57

dzięki Gutek2222

Chyba rada w podpisie jest słuszna. Ja na format sobie nie mogłam pozwolić. Za dużo cennych rzeczy.

Ponadto taka wygrana walka jest mocno satysfakcjonująca 8)

odp do ostatniego:

Już wcześniej było ok, ale to chyba tak dla kosmetyki

Wnioski:

Niestety dla innych czytających może… nie potrafię powiedzieć co tak naprawdę pomogło. Wydaje mi się, że AVG na ten konkretny problem pomógł najwięcej.

A jeśli chodzi o ogólną czystkę to NoLop.

Jak dla mnie problem rozwiązany.

Pozdrawiam serdecznie i jeszcze raz dziękuję.