Problem z W32.Myzor.FK@yf, Trojan-Spy.win32@mx i 3 podobnymi

Dla specjalistów Bezpieczeństwo
#1

Cze. Mam problem z W32.Myzor.FK@yf, Trojan-Spy.win32@mx, Spyware.CyberLog-X., PSW.x-Vir spyware, TrojanSPM/LX .

Mam ogólnie zwolnione procesy komputera i internetu i około co minutowe ostrzezenia z Live Safety Center i Online Security Guide.

W większości widziałem na forum, że da się je usunąć jednak nigdy z tym nie robiłem i do niedawna nie wiedziałem co to logo oraz nie wiem w jakiej kolejności je usuwać. Proszę o pomoc.

Oto loga z HijackThis i ComboFix

ComboFix 07-11-19.4C - Owner 2007-11-29 16:39:43.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.407 [GMT -6:00]

Running from: C:\Documents and Settings\Owner.Dom\Desktop\ComboFix.exe

 * Created a new restore point

.


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.


C:\Documents and Settings\All Users\Start Menu\Live Safety Center.lnk

C:\Documents and Settings\All Users\Start Menu\Online Security Guide.lnk

C:\Documents and Settings\Owner.Dom\Application Data\user32.exe

C:\Documents and Settings\Owner.Dom\Application Data\WinTouch\wintouch.cfg

C:\Documents and Settings\Owner.Dom\Application Data\WinTouch\WinTouch.exe

C:\Documents and Settings\Owner.Dom\Application Data\WinTouch\WTUninstaller.exe

C:\Documents and Settings\Owner.Dom\Desktop\Live Safety Center.lnk

C:\Documents and Settings\Owner.Dom\Desktop\Online Security Guide.lnk

C:\Documents and Settings\Owner.Dom\Favorites\Online Security Guide.lnk

C:\Program Files\Common Files\Yazzle1560OinAdmin.exe

C:\Program Files\Common Files\Yazzle1560OinUninstaller.exe

C:\Program Files\inetget2

C:\Program Files\Insider

C:\Program Files\Insider\Insider.exe

C:\Program Files\Insider\UnInstall.exe

C:\Program Files\Temporary

C:\Program Files\Temporary\wininstall.exe

C:\Program Files\WinAble

C:\Program Files\WinAble\winable.exe

C:\WINDOWS\b104.exe

C:\WINDOWS\b111.exe

C:\WINDOWS\b122.exe

C:\WINDOWS\b128.exe

C:\WINDOWS\b138.exe

C:\WINDOWS\b147.exe

C:\WINDOWS\system32\nqstv.ini

C:\WINDOWS\system32\nqstv.ini2

C:\WINDOWS\system32\urkpsrdw.dllbox

C:\WINDOWS\system32\vtsqn.dll

D:\Autorun.inf


.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


.

-------\LEGACY_DOMAINSERVICE

-------\DomainService



((((((((((((((((((((((((( Files Created from 2007-10-28 to 2007-11-29 )))))))))))))))))))))))))))))))

.


2007-11-29 16:15

[code]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:51:54, on 2007-11-29 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\IntelDH\CCU\AlertService.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe C:\WINDOWS\arservice.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Digital Media Reader\readericon45G.exe C:\WINDOWS\zHotkey.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe C:\Program Files\McAfee.com\VSO\oasclnt.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe C:\WINDOWS\ARPWRMSG.EXE C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Windows Media Player\samyca77798.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\DAEMON Tools Pro\DTProAgent.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe C:\WINDOWS\system32\dllhost.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\WINDOWS\system32\rsvp.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5238E R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5238E O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\urkpsrdw.dll O4 - HKLM…\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM…\Run: [Google Desktop Search] “C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” /startup O4 - HKLM…\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe O4 - HKLM…\Run: [CHotkey] zHotkey.exe O4 - HKLM…\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe O4 - HKLM…\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE O4 - HKLM…\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM…\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe O4 - HKLM…\Run: [VSOCheckTask] “C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe” /checktask O4 - HKLM…\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM…\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM…\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM…\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe O4 - HKLM…\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup O4 - HKLM…\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE O4 - HKLM…\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe O4 - HKLM…\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM…\Run: [SsAAD.exe] C:\DOCUME~1\Owner.Dom\Desktop\Dori\SsAAD.exe O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM…\Run: [NBKeyScan] “C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe” O4 - HKLM…\Run: [SigmatelSysTrayApp] sttray.exe O4 - HKLM…\Run: [IntelAudioStudio] “C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe” BOOT O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime O4 - HKLM…\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM…\Run: [28ddcc99] rundll32.exe “C:\WINDOWS\system32\tclarrft.dll”,b O4 - HKLM…\Run: [samyca] C:\Program Files\Windows Media Player\samyca77798.exe O4 - HKCU…\Run: [Power2GoExpress] NA O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033 O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background O4 - HKCU…\Run: [DAEMON Tools Pro Agent] “C:\Program Files\DAEMON Tools Pro\DTProAgent.exe” O4 - HKCU…\Run: [AlcoholAutomount] “C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe” /automount O4 - HKCU…\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe” O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’) O4 - HKUS\S-1-5-18…\Run: [WinAble] C:\Program Files\WinAble\winable.exe (User ‘SYSTEM’) O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’) O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Oprogramowanie Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra ‘Tools’ menuitem: McAfee Anti-Phishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Intel® Alert Service (AlertService) - Intel Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Documents and Settings\Owner.Dom\Desktop\Iza\Ares\chatServer.exe O23 - Service: Intel® Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: Intel® Software Services Manager (ISSM) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: Intel® Viiv™ Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe – End of file - 12395 bytes

#2

Wklej do Notatnika:

>>Plik>>Zapisz jako… >>> CFScript (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe )

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe (czyli ikonkę CFScript.txt na ikonkę ComboFix.exe )

– podobnie jak na tym obrazku –>88953CFScript-createdbyMiekiemoes.gif

(jeśli pojawi się pytanie " 1 or 2" - to wpisz 1 i naciśnij ENTER) Ma się rozpocząć usuwanie. (i powstanie log)

Po restarcie usuń ręcznie folder C: ** Qoobox**.

Po tym nowy log z Combo, ale wcześniej:

Wklej do Notatnika:

Windows Registry Editor Version 5.00


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"Authentication Packages"=-

"Authentication Packages"=hex(7):6d,00,73,00,76,00,31,00,5f,00,30,00,00,00,00,\

  00

Z menu Notatnika Plik Zapisz jako Ustaw rozszerzenie na “Wszystkie pliki” Zapisz jako FIX.REG uruchom ten plik (dwuklik).

#3

Sorki za opóźnienia. Oto nowy log

ComboFix 07-11-19.4C - Owner 2007-11-29 18:29:06.4 - NTFSx86
#4

Wklej do Notatnika:

>>Plik>>Zapisz jako… >>> CFScript (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe )

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe (czyli ikonkę CFScript.txt na ikonkę ComboFix.exe )

– podobnie jak na tym obrazku –>88953CFScript-createdbyMiekiemoes.gif

(jeśli pojawi się pytanie " 1 or 2" - to wpisz 1 i naciśnij ENTER) Ma się rozpocząć usuwanie. (i powstanie log)

Po restarcie usuń ręcznie folder C: ** Qoobox**.

Po tym nowy log z Combo

#5

Zrobione. Coś dalej??

ComboFix 07-11-19.4C - Owner 2007-11-30 17:40:23.6 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.464 [GMT -6:00]

Running from: C:\Documents and Settings\Owner.Dom\Desktop\ComboFix.exe

.


((((((((((((((((((((((((( Files Created from 2007-10-28 to 2007-11-30 )))))))))))))))))))))))))))))))

.


2007-11-29 16:15	
 



[color=darkblue][size=75][i][b]Złączono Posta[/b]: 01.12.2007 (Sob) 0:56[/i][/size][/color]

Mam problem jeszcze z jakimś virusem samyca 77798. nie wiesz co to moze być?? Siedzi mi to w windows media player ale nie moge tego usunąć czy delejtnąć. 



[color=darkblue][size=75][i][b]Złączono Posta[/b]: 01.12.2007 (Sob) 0:58[/i][/size][/color]

W nortonie mam coś takiego

[code]Process: c:\program files\windows media player\samyca77798.exe Infection: c:\program files\windows media player\samyca77798.exe Browser Cache Registry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run->samyca
Złączono Posta _: 01.12.2007 (Sob) 1:11_I jeszcze mi wykryło W32.Virut.W

Infection:

  c:\documents and settings\owner.dom\application data\dr.exe

Browser Cache

, Trojan Horse

Infection:

  c:\documents and settings\owner.dom\application data\microsoft\windows\qrvhwxq.exe

Browser Cache

i 2 downloadery jakieś

File:

  C:\Documents and Settings\Owner.Dom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-2afc8601-502fd4ef.zip

File:

  C:\Documents and Settings\Owner.Dom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6b13a7e7-120bd120.zip

Doradziłbyś mi jak się tego dziadostwa pozbyć??Prosze.

#6

Skan AVG Anti-Spyware 7.5 po update + raport :wink:

Wklej do Notatnika:

>>Plik>>Zapisz jako… >>> CFScript (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe )

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe (czyli ikonkę CFScript.txt na ikonkę ComboFix.exe )

– podobnie jak na tym obrazku –>88953CFScript-createdbyMiekiemoes.gif

(jeśli pojawi się pytanie " 1 or 2" - to wpisz 1 i naciśnij ENTER) Ma się rozpocząć usuwanie. (i powstanie log)

Po restarcie usuń ręcznie folder C: ** Qoobox**.

Po tym nowy log z Combo

#7

Oto raport AVG

---------------------------------------------------------

AVG Anti-Spyware - Scan Report

---------------------------------------------------------


 + Created at:	00:34:58 2007-12-02


 + Scan result:	




C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP72\A0015633.exe -> Downloader.Adload.ni : No action taken.

C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP72\A0015635.exe -> Downloader.Agent.buo : No action taken.

C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP72\A0015628.exe -> Downloader.Agent.cbx : No action taken.

C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP72\A0015626.exe -> Downloader.Agent.erf : No action taken.

C:\Documents and Settings\Owner.Dom\Application Data\Microsoft\Windows\qrvhwxq.exe -> Downloader.Agent.fcp : No action taken.

C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP72\A0015629.exe -> Downloader.Agent.fjn : No action taken.

C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP72\A0015624.exe -> Downloader.Small.buy : No action taken.

C:\Program Files\Windows Media Player\samyca77798.exe -> Not-A-Virus.Adware.TTC : No action taken.

[1388] C:\Program Files\Windows Media Player\samyca77798.exe -> Not-A-Virus.Adware.TTC : No action taken.

C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP69\A0015462.exe -> Not-A-Virus.Downloader.Win32.WinFixer.au : No action taken.

C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP69\A0015463.exe -> Not-A-Virus.Downloader.Win32.WinFixer.au : No action taken.

:mozilla.504:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.505:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.506:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.507:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.508:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.509:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.510:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.511:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.512:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.513:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.514:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.515:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.516:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.517:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.518:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.519:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.520:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.521:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.522:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.2o7 : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@2o7[2].txt -> TrackingCookie.2o7 : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@msnaccountservices.112.2o7[2].txt -> TrackingCookie.2o7 : No action taken.

:mozilla.123:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.124:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.125:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.126:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.127:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.128:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.526:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.528:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.529:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.388:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.

:mozilla.389:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.

:mozilla.390:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.

:mozilla.391:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.

:mozilla.392:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.

:mozilla.393:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.

:mozilla.394:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.

:mozilla.395:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken.

:mozilla.430:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Adtech : No action taken.

:mozilla.50:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Advertising : No action taken.

:mozilla.51:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Advertising : No action taken.

:mozilla.52:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Advertising : No action taken.

:mozilla.53:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Advertising : No action taken.

:mozilla.54:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Advertising : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@advertising[1].txt -> TrackingCookie.Advertising : No action taken.

:mozilla.64:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.

:mozilla.727:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Burstbeacon : No action taken.

:mozilla.725:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.

:mozilla.726:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.

:mozilla.713:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.714:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.715:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.716:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.717:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.718:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.719:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.720:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.722:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.723:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@casalemedia[2].txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.832:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Connextra : No action taken.

:mozilla.833:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Connextra : No action taken.

:mozilla.838:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Connextra : No action taken.

:mozilla.756:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Coremetrics : No action taken.

:mozilla.42:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@enhance[2].txt -> TrackingCookie.Enhance : No action taken.

:mozilla.753:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Esomniture : No action taken.

:mozilla.834:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Falkag : No action taken.

:mozilla.835:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Falkag : No action taken.

:mozilla.836:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Falkag : No action taken.

:mozilla.837:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Falkag : No action taken.

:mozilla.65:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.

:mozilla.66:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.

:mozilla.67:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.

:mozilla.68:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.

:mozilla.69:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.

:mozilla.70:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.

:mozilla.71:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.

:mozilla.72:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.

:mozilla.910:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Findwhat : No action taken.

:mozilla.630:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.

:mozilla.853:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.

:mozilla.948:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.

:mozilla.494:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.495:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.496:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.497:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.498:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.704:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.

:mozilla.705:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Imrworldwide : No action taken.

:mozilla.907:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Information : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@searchportal.information[1].txt -> TrackingCookie.Information : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@sales.liveperson[2].txt -> TrackingCookie.Liveperson : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : No action taken.

:mozilla.478:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.

:mozilla.479:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.

:mozilla.7:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Netflame : No action taken.

:mozilla.798:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Onestat : No action taken.

:mozilla.799:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Onestat : No action taken.

:mozilla.800:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Onestat : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@overture[2].txt -> TrackingCookie.Overture : No action taken.

:mozilla.276:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Planetactive : No action taken.

:mozilla.692:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.

:mozilla.693:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.

:mozilla.694:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.

:mozilla.695:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.

:mozilla.696:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.

:mozilla.697:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.

:mozilla.698:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Pointroll : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@pro-market[2].txt -> TrackingCookie.Pro-market : No action taken.

:mozilla.672:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.

:mozilla.673:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.

:mozilla.875:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.

:mozilla.885:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.

:mozilla.905:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Revenue : No action taken.

:mozilla.906:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Revenue : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@revenue[2].txt -> TrackingCookie.Revenue : No action taken.

:mozilla.662:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Revsci : No action taken.

:mozilla.663:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Revsci : No action taken.

:mozilla.664:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Revsci : No action taken.

:mozilla.665:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Revsci : No action taken.

:mozilla.666:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Revsci : No action taken.

:mozilla.667:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Revsci : No action taken.

:mozilla.668:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Revsci : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@revsci[2].txt -> TrackingCookie.Revsci : No action taken.

:mozilla.501:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.

:mozilla.502:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Ru4 : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@edge.ru4[1].txt -> TrackingCookie.Ru4 : No action taken.

:mozilla.198:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.

:mozilla.199:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.

:mozilla.200:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.

:mozilla.201:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.

:mozilla.202:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.

:mozilla.203:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.

:mozilla.204:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.

:mozilla.546:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.547:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.548:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.549:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.550:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.757:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Skype : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@skype[1].txt -> TrackingCookie.Skype : No action taken.

:mozilla.239:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.240:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.242:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.243:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.244:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.245:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.246:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.248:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.249:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.250:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.251:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.252:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.659:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.

:mozilla.660:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.

:mozilla.661:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.

:mozilla.924:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Tracking101 : No action taken.

:mozilla.34:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.

:mozilla.35:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.

:mozilla.36:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.

:mozilla.37:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.

:mozilla.38:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.

:mozilla.375:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.

:mozilla.376:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.

:mozilla.377:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.

:mozilla.378:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.

:mozilla.379:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.

:mozilla.380:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.

:mozilla.381:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.

:mozilla.382:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.

:mozilla.383:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.

:mozilla.452:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Trafic : No action taken.

:mozilla.75:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.

:mozilla.76:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.

:mozilla.77:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.

:mozilla.78:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.

:mozilla.254:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Valuead : No action taken.

:mozilla.255:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Valuead : No action taken.

:mozilla.258:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Valuead : No action taken.

:mozilla.259:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Valuead : No action taken.

:mozilla.260:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Valuead : No action taken.

:mozilla.261:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Valuead : No action taken.

:mozilla.748:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Webtrends : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@m.webtrends[2].txt -> TrackingCookie.Webtrends : No action taken.

:mozilla.373:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.

:mozilla.253:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Yadro : No action taken.

:mozilla.112:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.

:mozilla.114:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.

:mozilla.115:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.

:mozilla.116:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.

:mozilla.117:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.

:mozilla.118:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.

C:\Documents and Settings\Owner.Dom\Cookies\owner@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.

:mozilla.573:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Zedo : No action taken.

:mozilla.574:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Zedo : No action taken.

:mozilla.575:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Zedo : No action taken.

:mozilla.576:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Zedo : No action taken.

:mozilla.577:C:\Documents and Settings\Owner.Dom\Application Data\Mozilla\Firefox\Profiles\3lowpbpk.default\cookies.txt -> TrackingCookie.Zedo : No action taken.

C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP72\A0015630.exe -> Trojan.Agent.crf : No action taken.



::Report end

Złączono Posta : 02.12.2007 (Nie) 7:42

Strasznie dużo ciastek jest.

Złączono Posta : 02.12.2007 (Nie) 7:52

Oto log z ComboFix nie wiem czemu ale nie zrestartowało mi kompa tym razem czy to ma jakiś wpływ??

ComboFix 07-11-19.4C - Owner 2007-12-02 0:49:27.8 - NTFSx86
#8

Prawoklik na Mój Komputer>>Przywracanie systemu>> wyłącz przywracanie systemu na wszystkich dyskach.

#9

NO zaznaczyłem tą opcje. Co mam zrobić dalej??

#10

Już powinno być Ok

#11

A powiedz mi co zrobić z tymi 2 downloaderami co zamieściłem je kilka odpowiedzi wyżej. Norton dalej mi je wykrywa że są i pokazuje mi je jako virusy. I powiedz mi co dało to że wyłączyłem przywracanie systemu na wszystkich dyskach? I dzięki wielkie za zajęcie się moim problemem myślałem że bez formatu sie nie obejdzie.

#12

nadal są więc:

Pobierz The Avenger. Wypakuj => uruchom => zaznacz opcję Input script manually => kliknij w taką lupkę => w okienku, które się otworzy wklej:

kliknij klawisz Done => teraz kliknij na zielone światełko => powinna pojawić się pewna informacja i kliknij OK (teraz restart).

#13

Jeszcze raz dzięki za wszystko już jest wszystko spoko. Myślałem że bez formatu sie nie obejdzie a tu jednak jest sposób. Fajna sprawa z tymi logami szkoda że do końca nie umiem sam sobie z tym poradzić i samemu wywalać syf. Jeszcze raz wielkie dzięki. Trzymaj tak dalej.