Komputer wolno chodzi antywirus wykrył wirusa INVADER


(Anollka) #1

Witam, bardzo prosze o pomoc. Mam antywirusa :Kaspersky Anti-Virus 7.0 i on wykrył invadera, oprócz tego komputer wolno chodzi.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:15:14, on 2007-08-06

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe

C:\Acer\Empowering Technology\admServ.exe

C:\WINDOWS\Explorer.EXE

c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

D:\StudioLine\NMSAccess.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\system32\svchost.exe

C:\Acer\Empowering Technology\eRecovery\Monitor.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Acer\Empowering Technology\admtray.exe

C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

C:\PROGRA~1\LAUNCH~1\LManager.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Acer\OrbiCam\CameraAssistant.exe

C:\WINDOWS\system32\ElkCtrl.exe

D:\winamp\winampa.exe

D:\hp\HP Software Update\HPWuSchd2.exe

C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

D:\pc suite\Nokia PC Suite 6\LaunchApplication.exe

D:\picasa\Picasa2\PicasaMediaDetector.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

D:\gadu-gadu\gg.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

D:\hp\Digital Imaging\bin\hpqtra08.exe

C:\DOCUME~1\Ania\LOCALS~1\Temp\RtkBtMnt.exe

D:\hp\Digital Imaging\bin\hpqimzone.exe

D:\hp\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Skype\Plugin Manager\SkypePM.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Program Files\Opera\Opera.exe

C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe

D:\HijackThis\HijackThis.exe

D:\win rar\WinRAR.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - Default URLSearchHook is missing

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: XBTP01621 - {F6104497-54FD-4688-9162-5115CC8AB0FB} - C:\PROGRA~1\BEARSH~1\BEARSH~2\MediaBar.dll (file missing)

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll

O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)

O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM..\Run: [LaunchApp] Alaunch

O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM..\Run: [skyTel] SkyTel.EXE

O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe

O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

O4 - HKLM..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"

O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

O4 - HKLM..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM..\Run: [nwiz] nwiz.exe /install

O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

O4 - HKLM..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot

O4 - HKLM..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe

O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe

O4 - HKLM..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect

O4 - HKLM..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation

O4 - HKLM..\Run: [WinampAgent] D:\winamp\winampa.exe

O4 - HKLM..\Run: [HP Software Update] D:\hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"

O4 - HKLM..\Run: [PCSuiteTrayApplication] D:\pc suite\Nokia PC Suite 6\LaunchApplication.exe -startup

O4 - HKLM..\Run: [Picasa Media Detector] D:\picasa\Picasa2\PicasaMediaDetector.exe

O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - HKCU..\Run: [bitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized

O4 - HKCU..\Run: [Gadu-Gadu] "D:\gadu-gadu\gg.exe" /tray

O4 - HKUS\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\hp\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: HP Image Zone - szybkie uruchamianie.lnk = D:\hp\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe

O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: NMSAccess - Unknown owner - D:\StudioLine\NMSAccess.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--

End of file - 11764 bytes


(adam9870) #2

Usuń powyżej przedstawione wpisy korzystając z HijackThis.

Gdzie wspomniany szkodnik został wykryty? Podaj dokładną lokalizację do znajdowanego zainfekowanego pliku.

Przeskanuj system skanerem on-line dostępnym na stronie http://www.ewido.net/de/onlinescan/ lub http://www.kaspersky.pl/virusscanner.html i wklej tu raport ze skanowania.

Nic dziwnego. Popatrz chociażby na wielkość przedstawionych wpisów w części Running processes , w której zostały przedstawione wszystkie aktualnie uruchomione programy. Trzeba zmniejszyć ilość procesów poprzez wykonanie podstawowych czynności mających na celu przyśpieszenie działania systemu. Poniżej prezentuję kilka tego typu rad:

Start => uruchom => msconfig => zakładka Uruchamianie => możesz odznaczyć w/w.

Jeśli nie używasz sterowania dźwiękiem poprzez klawiature, to ten wpis również możesz wyłączyć.

Jeśli nie używasz Menedżera klawiatury, ten wpis również wyłącz.

Wpisy od oprogramowania umożliwiającego konfigurację kamery, jeśli nie używasz go - te wpisy również odznacz poprzez msconfig.

Panel sterowania => Java Plug-in => Update => odznacz opcję Check for updates automatically.

Jeśli QuickTime nie jest Ci bardzo potrzebny to zastąp go QuickTime Alternative.

Jeśli nie korzystasz z zaawansowanych usług tekstowych to je wyłącz: Panel sterowania => Opcje regionalne => Języki => Szczegóły => Zaawansowane => zaznacz wyłącz zaawansowane usługi tekstowe.

W opcjach komunikatorów możesz wyłączyć uruchamianie przy starcie systemu jeśli nie są Ci potrzebne.

Start => programy => autostart => kasacja z prawokliku.

Jeśli nie używasz Messenger'a to go usuń: start => uruchom => wpisz polecenie:

RunDll32 advpack.dll,LaunchINFSection %windir%\INF\msmsgs.inf,BLC.Remove

Dodatkowo wykonaj podstawowe czynności przyśpieszające system jak: czyszczenie rejestru, defragmentacja dysku, defragmentacja rejestru oraz usunięcie zbędnych plików.

Ponadto przejrzyj XP - Optymalizacja, odchudzanie dla trochę bardziej zaawansowanych. Lub Optymalizacja i odchudzanie Windowsa XP dla trochę mniej zaawansowanych.


(Anollka) #3

lokalizacja zainfekowanego pliku to: c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

oto raport ze skanowania:

__________________________________________________

ewido anti-spyware online scanner

__________________________________________________

Name: TrackingCookie.Tradedoubler

Path: C:\Documents and Settings\Ania\Cookies\ania@tradedoubler[1].txt

Risk: Medium

Name: TrackingCookie.Itrack

Path: C:\Documents and Settings\Ania\Cookies\ania@ilead.itrack[2].txt

Risk: Medium

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\Ania\Cookies\ania@2o7[1].txt

Risk: Medium

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\Ania\Cookies\ania@microsoftwga.112.2o7[1].txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: C:\Documents and Settings\Ania\Cookies\ania@tradedoubler[3].txt

Risk: Medium

Name: TrackingCookie.Doubleclick

Path: C:\Documents and Settings\Ania\Cookies\ania@doubleclick[1].txt

Risk: Medium

Name: TrackingCookie.Hitbox

Path: C:\Documents and Settings\Ania\Cookies\ania@hitbox[1].txt

Risk: Medium

Name: TrackingCookie.Hitbox

Path: C:\Documents and Settings\Ania\Cookies\ania@ehg-youtube.hitbox[1].txt

Risk: Medium

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\Ania\Cookies\ania@2o7[3].txt

Risk: Medium

Name: TrackingCookie.Yieldmanager

Path: C:\Documents and Settings\Ania\Cookies\ania@ad.yieldmanager[2].txt

Risk: Medium

Name: TrackingCookie.Webtrends

Path: C:\Documents and Settings\Ania\Cookies\ania@m.webtrends[2].txt

Risk: Medium

Name: TrackingCookie.Skype

Path: C:\Documents and Settings\Ania\Cookies\ania@skype[1].txt

Risk: Medium

Name: TrackingCookie.Skype

Path: C:\Documents and Settings\Ania\Cookies\ania@site.skype[1].txt

Risk: Medium

Name: TrackingCookie.Advertising

Path: C:\Documents and Settings\Ania\Cookies\ania@advertising[2].txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: :mozilla.14:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: :mozilla.15:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: :mozilla.16:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: :mozilla.17:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: :mozilla.18:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Yieldmanager

Path: :mozilla.61:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Yieldmanager

Path: :mozilla.62:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Doubleclick

Path: :mozilla.78:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.2o7

Path: :mozilla.79:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.2o7

Path: :mozilla.80:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.2o7

Path: :mozilla.81:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Ru4

Path: :mozilla.90:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Ru4

Path: :mozilla.94:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Atdmt

Path: :mozilla.100:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Paypal

Path: :mozilla.106:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Hitbox

Path: :mozilla.111:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Hitbox

Path: :mozilla.113:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Specificclick

Path: :mozilla.116:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Specificclick

Path: :mozilla.117:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Specificclick

Path: :mozilla.118:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Specificclick

Path: :mozilla.119:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Webtrends

Path: :mozilla.138:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Hitbox

Path: :mozilla.140:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Advertising

Path: :mozilla.144:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Advertising

Path: :mozilla.146:C:\Documents and Settings\Ania\Application Data\Mozilla\Firefox\Profiles\crz9v735.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Skype

Path: C:\Documents and Settings\Adam\Cookies\adam@site.skype[1].txt

Risk: Medium

Name: TrackingCookie.Skype

Path: C:\Documents and Settings\Adam\Cookies\adam@skype[2].txt

Risk: Medium

Name: TrackingCookie.Skype

Path: C:\Documents and Settings\Adam\Cookies\adam@secure.skype[1].txt

Risk: Medium

Name: TrackingCookie.Msn

Path: C:\Documents and Settings\Adam\Cookies\adam@search.msn[2].txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: C:\Documents and Settings\Adam\Cookies\adam@tradedoubler[1].txt

Risk: Medium

Name: TrackingCookie.Msn

Path: C:\Documents and Settings\Adam\Cookies\adam@auto.search.msn[1].txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: C:\Documents and Settings\Adam\Cookies\adam@tradedoubler[3].txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: :mozilla.20:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Ru4

Path: :mozilla.24:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Ru4

Path: :mozilla.25:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Ru4

Path: :mozilla.26:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Skype

Path: :mozilla.38:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Skype

Path: :mozilla.39:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Yieldmanager

Path: :mozilla.48:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Fastclick

Path: :mozilla.49:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.2o7

Path: :mozilla.63:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.2o7

Path: :mozilla.65:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Advertising

Path: :mozilla.87:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Advertising

Path: :mozilla.88:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Skype

Path: :mozilla.89:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Msn

Path: :mozilla.94:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Msn

Path: :mozilla.95:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Msn

Path: :mozilla.96:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Msn

Path: :mozilla.97:C:\Documents and Settings\Adam\Application Data\Mozilla\Firefox\Profiles\xkai8ngk.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Adtech

Path: C:\Documents and Settings\Sławek\Cookies\sławek@adtech[2].txt

Risk: Medium

Name: TrackingCookie.Bluestreak

Path: C:\Documents and Settings\Sławek\Cookies\sławek@bluestreak[1].txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: C:\Documents and Settings\Sławek\Cookies\sławek@tradedoubler[1].txt

Risk: Medium

Name: TrackingCookie.Ivwbox

Path: C:\Documents and Settings\Sławek\Cookies\sławek@ivwbox[1].txt

Risk: Medium

Name: TrackingCookie.Msn

Path: C:\Documents and Settings\Sławek\Cookies\sławek@search.msn[2].txt

Risk: Medium

Name: TrackingCookie.Doubleclick

Path: C:\Documents and Settings\Sławek\Cookies\sławek@doubleclick[1].txt

Risk: Medium

Name: TrackingCookie.Statistik-gallup

Path: C:\Documents and Settings\Sławek\Cookies\sławek@statistik-gallup[1].txt

Risk: Medium

Name: TrackingCookie.Atdmt

Path: C:\Documents and Settings\Sławek\Cookies\sławek@atdmt[2].txt

Risk: Medium

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\Sławek\Cookies\sławek@122.2o7[2].txt

Risk: Medium

Name: TrackingCookie.Skype

Path: C:\Documents and Settings\Sławek\Cookies\sławek@site.skype[1].txt

Risk: Medium

Name: TrackingCookie.Webtrends

Path: C:\Documents and Settings\Sławek\Cookies\sławek@m.webtrends[2].txt

Risk: Medium

Name: TrackingCookie.Itrack

Path: C:\Documents and Settings\Sławek\Cookies\sławek@ilead.itrack[1].txt

Risk: Medium

Name: TrackingCookie.Falkag

Path: C:\Documents and Settings\Sławek\Cookies\sławek@as-eu.falkag[1].txt

Risk: Medium

Name: TrackingCookie.Falkag

Path: C:\Documents and Settings\Sławek\Cookies\sławek@as1.falkag[2].txt

Risk: Medium

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\Sławek\Cookies\sławek@2o7[2].txt

Risk: Medium

Name: TrackingCookie.Advertising

Path: C:\Documents and Settings\Sławek\Cookies\sławek@advertising[2].txt

Risk: Medium

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\Sławek\Cookies\sławek@2o7[3].txt

Risk: Medium

Name: TrackingCookie.Onestat

Path: C:\Documents and Settings\Sławek\Cookies\sławek@stat.onestat[2].txt

Risk: Medium

Name: TrackingCookie.Webtrendslive

Path: C:\Documents and Settings\Sławek\Cookies\sławek@statse.webtrendslive[2].txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: C:\Documents and Settings\Sławek\Cookies\sławek@tradedoubler[3].txt

Risk: Medium

Name: TrackingCookie.Statcounter

Path: C:\Documents and Settings\Sławek\Cookies\sławek@statcounter[1].txt

Risk: Medium

Name: TrackingCookie.Skype

Path: :mozilla.7:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.2o7

Path: :mozilla.18:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Imrworldwide

Path: :mozilla.61:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Imrworldwide

Path: :mozilla.62:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Atdmt

Path: :mozilla.66:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Statistik-gallup

Path: :mozilla.71:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Doubleclick

Path: :mozilla.74:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Msn

Path: :mozilla.95:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Msn

Path: :mozilla.96:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Msn

Path: :mozilla.97:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Msn

Path: :mozilla.98:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Msn

Path: :mozilla.99:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Msn

Path: :mozilla.100:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: :mozilla.102:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: :mozilla.103:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: :mozilla.104:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: :mozilla.105:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Bluestreak

Path: :mozilla.107:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Ivwbox

Path: :mozilla.134:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Googleadservices

Path: :mozilla.139:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Googleadservices

Path: :mozilla.140:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Googleadservices

Path: :mozilla.141:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Adtech

Path: :mozilla.160:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Adtech

Path: :mozilla.161:C:\Documents and Settings\Sławek\Application Data\Mozilla\Firefox\Profiles\zur4lf42.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Skype

Path: C:\Documents and Settings\Asia\Cookies\asia@site.skype[1].txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: C:\Documents and Settings\Asia\Cookies\asia@tradedoubler[1].txt

Risk: Medium

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\Asia\Cookies\asia@2o7[1].txt

Risk: Medium

Name: TrackingCookie.Doubleclick

Path: C:\Documents and Settings\Asia\Cookies\asia@doubleclick[1].txt

Risk: Medium

Name: TrackingCookie.Doubleclick

Path: :mozilla.13:C:\Documents and Settings\Asia\Application Data\Mozilla\Firefox\Profiles\hbx39t9h.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: :mozilla.23:C:\Documents and Settings\Asia\Application Data\Mozilla\Firefox\Profiles\hbx39t9h.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Hitslink

Path: :mozilla.37:C:\Documents and Settings\Asia\Application Data\Mozilla\Firefox\Profiles\hbx39t9h.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: :mozilla.13:C:\Documents and Settings\Asia\Application Data\Mozilla\Firefox\Profiles\mqjtpxg2.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: :mozilla.14:C:\Documents and Settings\Asia\Application Data\Mozilla\Firefox\Profiles\mqjtpxg2.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: :mozilla.15:C:\Documents and Settings\Asia\Application Data\Mozilla\Firefox\Profiles\mqjtpxg2.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Tradedoubler

Path: :mozilla.16:C:\Documents and Settings\Asia\Application Data\Mozilla\Firefox\Profiles\mqjtpxg2.default\cookies.txt

Risk: Medium

Name: TrackingCookie.2o7

Path: :mozilla.30:C:\Documents and Settings\Asia\Application Data\Mozilla\Firefox\Profiles\mqjtpxg2.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Sitestat

Path: :mozilla.31:C:\Documents and Settings\Asia\Application Data\Mozilla\Firefox\Profiles\mqjtpxg2.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Skype

Path: :mozilla.57:C:\Documents and Settings\Asia\Application Data\Mozilla\Firefox\Profiles\mqjtpxg2.default\cookies.txt

Risk: Medium

Name: TrackingCookie.Skype

Path: :mozilla.58:C:\Documents and Settings\Asia\Application Data\Mozilla\Firefox\Profiles\mqjtpxg2.default\cookies.txt

Risk: Medium

Mam jeszcze kilka pytań. (nie znam sie bardzo dobrze na komputerach) Kiedyś komputer nie chciał mi sie uruchomić, bo podobno pokopane były rejestry i czy czyszczenie rejestru lub jego defragmentacja nie wpłynie negatywnie na działanie komputera i czy nie spowoduje to problemów z jego uruchamianiem? Bardzo dziękuje za pomoc :slight_smile:


(system) #4

W logu pozostałości po Nortonie:

Proponuję użyć Norton Removal Tool w celu kompletnego usunięcia Nortona z systemu.


(Anollka) #5

zrobiłam to co mi poradziliscie, ale mimo wszystko ten wirus -invader nadal jest na moim komputerze. Co mam zrobic zeby sie go pozbyc?? faktycznie komputer zaczyna chodzic szybciej, j\ale momo wszystko jest to minimalna zmiana, jak moge go przyspieszyc??


(Lost World) #6

Nie , absolutnie.


(system) #7

To nie jest żaden wirus.

Kaspersky >>> Ustawienia >>> Ochrona proaktywna >>> Ustawienia analizy aktywności aplikacjii -> masz zaznaczone zdarzenie -> Wtargnięcie do innego procesu (invaders), więc Kaspersky informuje Cię o tym fakcie, ale w tym przypadku takie zachowanie jest całkowci naturalne, ponieważ

Dodaj lvprcsrv.exe do "Strefy zafanej"

"ZBĘDNIKI " w autostarcie w dziale Diagnostyka