PROBLEM gdy gram wyskakuje reklama

lolek25 · 1 Lipiec 2007 13:01

Witam.

Jestem nowym użytkownikiem i nie wiem co sie dzieje ;p

Gdy gram w Tibie i nacisnę ctrl i kliknę byle gdzie wyskakuje reklama w IE strony http://ad.yieldmanager.com

Czy wiecie co sie dzieje ??

Z góry dziękuje za odpowiedz

Fighter · 1 Lipiec 2007 13:12

Dal log z HijackThis

Bo to podstawa

lolek25 · 1 Lipiec 2007 16:11

Logi :

Logfile of HijackThis v1.99.1 Scan saved at 16:59:06, on 07-07-01 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\xerox\wdfmgr-56955.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\VM303_STI.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe F:\DoNaut\DoNaut.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe C:\Program Files\Panda Software\Panda Antivirus 2007\AVENGINE.EXE C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE c:\program files\panda software\panda antivirus 2007\WebProxy.exe C:\Program Files\Panda Software\Panda Antivirus 2007\PsCtrls.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Panda Software\Panda Antivirus 2007\psimreal.exe C:\Program Files\Tibia\Tibia\tibia.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Patryk\Pulpit\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/pl R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O4 - HKLM…\Run: [skyTel] SkyTel.EXE O4 - HKLM…\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM…\Run: [bigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe” O4 - HKLM…\Run: [TkBellExe] “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot O4 - HKLM…\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM…\Run: [APVXDWIN] “C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE” /s O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [DoNaut] “F:\DoNaut\DoNaut.exe” /minimized O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background O4 - HKCU…\Run: [skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\PsCtrls.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe

lolek25 · 1 Lipiec 2007 21:04

log z silent runners :

“Silent Runners.vbs”, revision R50, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by “{++}” Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “CTFMON.EXE” = “C:\WINDOWS\system32\ctfmon.exe” [MS] “DoNaut” = ““F:\DoNaut\DoNaut.exe” /minimized” [“Xponaut”] “MSMSGS” = ““C:\Program Files\Messenger\msmsgs.exe” /background” [MS] “Skype” = ““C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized” [“Skype Technologies S.A.”] “Gadu-Gadu” = ““C:\Program Files\Gadu-Gadu\gg.exe” /tray” [“Gadu-Gadu S.A.”] HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ {++} “SysCore32-ID56955” = “C:\Program Files\xerox\wdfmgr-56955.exe” [null data] HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++} “SkyTel” = “SkyTel.EXE” [“Realtek Semiconductor Corp.”] “HP Software Update” = “C:\Program Files\HP\HP Software Update\HPWuSchd2.exe” [“Hewlett-Packard Co.”] “BigDog303” = “C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)” [“Vimicro”] “RTHDCPL” = “RTHDCPL.EXE” [“Realtek Semiconductor Corp.”] “SunJavaUpdateSched” = ““C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe”” [“Sun Microsystems, Inc.”] “TkBellExe” = ““C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot” [“RealNetworks, Inc.”] “LClock” = “C:\Program Files\LClock\LClock.exe” [file not found] “APVXDWIN” = ““C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE” /s” [“Panda Software International”] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided) -> {HKLM…CLSID} = “AcroIEHlprObj Class” \InProcServer32(Default) = “C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll” [“Adobe Systems Incorporated”] {22BF413B-C6D2-4d91-82A9-A0F997BA588C}(Default) = “Skype add-on (mastermind)” -> {HKLM…CLSID} = “Skype add-on (mastermind)” \InProcServer32(Default) = “C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll” [“Skype Technologies S.A.”] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided) -> {HKLM…CLSID} = “SSVHelper Class” \InProcServer32(Default) = “C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll” [“Sun Microsystems, Inc.”] HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ “{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Rozszerzenie CPL kadrowania wyświetlania” -> {HKLM…CLSID} = “Rozszerzenie CPL kadrowania wyświetlania” \InProcServer32(Default) = “deskpan.dll” [file not found] “{88895560-9AA2-1069-930E-00AA0030EBC8}” = “Rozszerzenie ikony HyperTerminalu” -> {HKLM…CLSID} = “HyperTerminal Icon Ext” \InProcServer32(Default) = “C:\WINDOWS\system32\hticons.dll” [“Hilgraeve, Inc.”] “{3028902F-6374-48b2-8DC6-9725E775B926}” = “IE Microsoft AutoComplete” -> {HKLM…CLSID} = “IE Microsoft AutoComplete” \InProcServer32(Default) = “C:\WINDOWS\system32\browseui.dll” [MS] “{EFA24E62-B078-11d0-89E4-00C04FC9E26E}” = “History Band” -> {HKLM…CLSID} = “History Band” \InProcServer32(Default) = “C:\WINDOWS\system32\shdocvw.dll” [MS] “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” = “WinRAR shell extension” -> {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] “{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}” = “Shell Extensions for RealOne Player” -> {HKLM…CLSID} = “RealOne Player Context Menu Class” \InProcServer32(Default) = “C:\Program Files\Real\RealPlayer\rpshell.dll” [“RealNetworks, Inc.”] “{19741013-C829-11D1-8233-0020AF3E97A9}” = “CMCUTIL Menu Extension” -> {HKLM…CLSID} = “Cool MP3 Converter ContextMenu” \InProcServer32(Default) = “C:\PROGRA~1\COOLMP~1\CMCUtil.dll” [null data] “{65756541-C65C-11CD-0000-4B656E696100}” = “Panda Antivirus” -> {HKLM…CLSID} = “Panda Antivirus” \InProcServer32(Default) = “C:\Program Files\Panda Software\Panda Antivirus 2007\ShellTit.dll” [“Panda Software International”] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ <> AtiExtEvent\DLLName = “Ati2evxx.dll” [“ATI Technologies Inc.”] <> avldr\DLLName = “avldr.dll” [“Panda Software International”] HKLM\Software\Classes*\shellex\ContextMenuHandlers\ CMCUTIL(Default) = “{19741013-C829-11D1-8233-0020AF3E97A9}” -> {HKLM…CLSID} = “Cool MP3 Converter ContextMenu” \InProcServer32(Default) = “C:\PROGRA~1\COOLMP~1\CMCUtil.dll” [null data] Panda Antivirus(Default) = “{65756541-C65C-11CD-0000-4B656E696100}” -> {HKLM…CLSID} = “Panda Antivirus” \InProcServer32(Default) = “C:\Program Files\Panda Software\Panda Antivirus 2007\ShellTit.dll” [“Panda Software International”] WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” -> {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” -> {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ Panda Antivirus(Default) = “{65756541-C65C-11CD-0000-4B656E696100}” -> {HKLM…CLSID} = “Panda Antivirus” \InProcServer32(Default) = “C:\Program Files\Panda Software\Panda Antivirus 2007\ShellTit.dll” [“Panda Software International”] WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” -> {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ “shutdownwithoutlogon” = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Shutdown: Allow system to be shut down without having to log on} “undockwithoutlogon” = (REG_DWORD) hex:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| Devices: Allow undock without having to log on} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ “Wallpaper” = “C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp” Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ “Wallpaper” = “C:\Documents and Settings\Patryk\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp” Startup items in “Patryk” & “All Users” startup folders: -------------------------------------------------------- C:\Documents and Settings\All Users.WINDOWS\Menu Start\Programy\Autostart “HP Digital Imaging Monitor” -> shortcut to: “C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe” [“Hewlett-Packard Co.”] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] 000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS] 000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: c:\program files\panda software\panda antivirus 2007\pavlsp.dll [“Panda Software International”], 01 - 03, 17 %SystemRoot%\system32\mswsock.dll [MS], 04 - 06, 09 - 16 %SystemRoot%\system32\rsvpsp.dll [MS], 07 - 08 Toolbars, Explorer Bars, Extensions: ------------------------------------ Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ “MenuText” = “Sun Java Console” “CLSIDExtension” = “{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}” -> {HKCU…CLSID} = “Java Plug-in 1.6.0_01” \InProcServer32(Default) = “C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll” [“Sun Microsystems, Inc.”] -> {HKLM…CLSID} = “Java Plug-in 1.6.0_01” \InProcServer32(Default) = “C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll” [“Sun Microsystems, Inc.”] {77BF5300-1474-4EC7-9980-D32B190E9B07}\ “ButtonText” = “Skype” “CLSIDExtension” = “{77BF5300-1474-4EC7-9980-D32B190E9B07}” -> {HKLM…CLSID} = “Skype add-on (button)” \InProcServer32(Default) = “C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll” [“Skype Technologies S.A.”] {FB5F1910-F110-11D2-BB9E-00C04F795683}\ “ButtonText” = “Messenger” “MenuText” = “Windows Messenger” “Exec” = “C:\Program Files\Messenger\msmsgs.exe” [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Ati HotKey Poller, Ati HotKey Poller, “C:\WINDOWS\system32\Ati2evxx.exe” [“ATI Technologies Inc.”] Panda anti-virus service, PAVSRV, ““C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe”” [“Panda Software International”] Panda IManager Service, PSIMSVC, ““C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe”” [“Panda Software International”] Panda Software Controller, Panda Software Controller, ““C:\Program Files\Panda Software\Panda Antivirus 2007\PsCtrls.exe”” [“Panda Software International”] Print Monitors: --------------- HKLM\System\CurrentControlSet\Control\Print\Monitors\ HP Standard TCP/IP Port\Driver = “HpTcpMon.dll” [“Hewlett Packard”] hpzlnt12\Driver = “hpzlnt12.dll” [“HP”] ---------- <>: Suspicious data at a malware launch point. + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + To search all directories of local fixed drives for DESKTOP.INI DLL launch points, use the -supp parameter or answer “No” at the first message box and “Yes” at the second message box. ---------- (total run time: 22 seconds, including 5 seconds for message boxes)

a ComboFix niewiem z kad wziasc

Joan · 2 Lipiec 2007 22:31

Panowie jeszcze raz zobaczę takie sprawdzanie logów a będzie niedobrze, posty KOSZ.

wpis od realteka ma zostać skasowany, wyszukiwarka bearshare mogła zostać.

F:\DoNaut\DoNaut.exe > to Twoje?

Skan AVG AntiSpyware 7.5 po update, wklej raport.

lolek25 · 3 Lipiec 2007 10:20

AVG Anti-Spyware - Scan Report

Created at: 12:19:21 07-07-03
Scan result:

C:\RECYCLER\S-1-5-21-861567501-1417001333-682003330-500\Dc6.exe -> Backdoor.Reload.m : No action taken.

C:\System Volume Information_restore{3259E732-6847-4E10-82C7-62FB4903A80E}\RP2\A0000183.scr -> Backdoor.Reload.m : No action taken.

C:\System Volume Information_restore{3259E732-6847-4E10-82C7-62FB4903A80E}\RP2\A0000185.exe -> Backdoor.Reload.m : No action taken.

C:\System Volume Information_restore{3259E732-6847-4E10-82C7-62FB4903A80E}\RP2\A0001514.scr -> Backdoor.Reload.m : No action taken.

C:\System Volume Information_restore{3259E732-6847-4E10-82C7-62FB4903A80E}\RP2\A0001768.exe -> Backdoor.Reload.m : No action taken.

C:\WINDOWS\system32\gg.exe -> Backdoor.Reload.m : No action taken.

C:\System Volume Information_restore{3259E732-6847-4E10-82C7-62FB4903A80E}\RP28\A0034182.exe -> Downloader.VB : No action taken.

C:\Documents and Settings\Patryk\Ustawienia lokalne\Temp\gakdcmf_exe.vir -> Logger.Delf.jq : No action taken.

:mozilla.153:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.169:C:\Documents and Settings\Administrator.GIENEJA-7B0E42B\Dane aplikacji\Mozilla\Firefox\Profiles\v4woqke6.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.215:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.108:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.119:C:\Documents and Settings\Administrator.GIENEJA-7B0E42B\Dane aplikacji\Mozilla\Firefox\Profiles\v4woqke6.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.120:C:\Documents and Settings\Administrator.GIENEJA-7B0E42B\Dane aplikacji\Mozilla\Firefox\Profiles\v4woqke6.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.47:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.48:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.49:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.50:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.51:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.183:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.

:mozilla.192:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.

:mozilla.353:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.

:mozilla.261:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.282:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.

:mozilla.283:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.

:mozilla.287:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.Komtrack : No action taken.

:mozilla.288:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.Komtrack : No action taken.

C:\Documents and Settings\Patryk\Cookies\patryk@search.live[1].txt -> TrackingCookie.Live : No action taken.

C:\Documents and Settings\Patryk\Cookies\patryk@auto.search.msn[1].txt -> TrackingCookie.Msn : No action taken.

:mozilla.24:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.Netflame : No action taken.

C:\Documents and Settings\Patryk\Cookies\patryk@real[1].txt -> TrackingCookie.Real : No action taken.

C:\Documents and Settings\Patryk\Cookies\patryk@realguide.real[1].txt -> TrackingCookie.Real : No action taken.

:mozilla.80:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.

:mozilla.82:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.

:mozilla.153:C:\Documents and Settings\Administrator.GIENEJA-7B0E42B\Dane aplikacji\Mozilla\Firefox\Profiles\v4woqke6.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.

:mozilla.154:C:\Documents and Settings\Administrator.GIENEJA-7B0E42B\Dane aplikacji\Mozilla\Firefox\Profiles\v4woqke6.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.

:mozilla.104:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.141:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.75:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.76:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.84:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.85:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.86:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.87:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.Skype : No action taken.

C:\Documents and Settings\Administrator.GIENEJA-7B0E42B\Cookies\administrator@skype[1].txt -> TrackingCookie.Skype : No action taken.

C:\Documents and Settings\Administrator\Cookies\administrator@skype[1].txt -> TrackingCookie.Skype : No action taken.

C:\Documents and Settings\Patryk\Cookies\patryk@site.skype[1].txt -> TrackingCookie.Skype : No action taken.

C:\Documents and Settings\Patryk\Cookies\patryk@skype[1].txt -> TrackingCookie.Skype : No action taken.

:mozilla.167:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.

:mozilla.168:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.

:mozilla.169:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.

:mozilla.170:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.

:mozilla.181:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.

:mozilla.182:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.

:mozilla.183:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.

:mozilla.184:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.

:mozilla.293:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Trafic : No action taken.

C:\Documents and Settings\Administrator\Cookies\administrator@trafic[1].txt -> TrackingCookie.Trafic : No action taken.

:mozilla.131:C:\Documents and Settings\Administrator.GIENEJA-7B0E42B\Dane aplikacji\Mozilla\Firefox\Profiles\v4woqke6.default\cookies.txt -> TrackingCookie.Webtrends : No action taken.

:mozilla.178:C:\Documents and Settings\Patryk\Dane aplikacji\Mozilla\Firefox\Profiles\jnwrvv3h.default\cookies.txt -> TrackingCookie.Webtrends : No action taken.

:mozilla.200:C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d8df05cf.default\cookies.txt -> TrackingCookie.Webtrends : No action taken.

C:\Documents and Settings\Administrator.GIENEJA-7B0E42B\Cookies\administrator@m.webtrends[2].txt -> TrackingCookie.Webtrends : No action taken.

C:\System Volume Information_restore{2D71334E-6310-430A-BEA8-65910181FAFC}\RP8\A0003972.exe -> Trojan.Small : No action taken.

::Report end

MaYsTeR · 3 Lipiec 2007 10:33

Panel sterowania --> System --> Przywracanie systemu

Tam zaznacz opcję Turn off System Restore lub Turn off System Restore on all drives (Wyłącz przywracanie na wszystkich dyskach). Zatwierdzasz wszystkie zmiany.

Użyj programu:

ATF Cleaner w trybie awaryjnym.