[Rozwiazany]trojan AdCliker i co dalej ?

[faxa]

złapałem syfa bi co mam z nim dalej zrobić

08:36:26 Kwarantanna Cookie Tracking Cookie

08:36:26 Kwarantanna Trojan AdClicker

08:36:26 Kwarantanna Adware GameSpy

08:33:03 Wykryto obiekt Cookie Tracking Cookie

08:33:03 Wykryto obiekt Trojan AdClicker

08:33:03 Wykryto obiekt Adware GameSpy

potrzebuje pomocy może ktoś pomoże !!!

antyvir nod32 i firewall outpost od wczoraj wcześniej avast

komp strasznie zwolnił avast, adware, nod tez nic dopiero outpost

[CatchMe]

Na początek stosujemy:

1. Ściągnij: WWDC

- Zmień wszystkie opcje z disable na enable i uruchom ponownie komputer.

- Prawidłowy układ portów przedstawia zdjęcie:

http://www.firewallleaktester.com/images_site/wwdc.jpg

* NetBIOS może być żółty.

- Następnie wklejamy logi:

* HijackThis

* Silent Runners

* ComboFix

[faxa]

Logfile of HijackThis v1.99.1

Scan saved at 09:28:57, on 2007-06-16

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:Program FilesIntelWirelessBinEvtEng.exe

C:Program FilesIntelWirelessBinS24EvMon.exe

C:WINDOWSsystem32spoolsv.exe

C:Program FilesThinkPadConnectUtilitiesAcPrfMgrSvc.exe

C:Program FilesLenovoBluetooth Softwarebinbtwdins.exe

C:Program FilesEsetnod32krn.exe

C:Program FilesAgnitumOutpost Firewalloutpost.exe

C:Program FilesLenovoPM DriverPMSveH.exe

C:Program FilesIntelWirelessBinRegSrvc.exe

C:WINDOWSsystem32svchost.exe

c:program fileslenovosystem updatesuservice.exe

C:Program FilesCommon FilesLenovotvt_reg_monitor_svc.exe

C:Program FilesLenovoRescue and Recoveryrrservice.exe

C:Program FilesCommon FilesLenovoSchedulertvtsched.exe

C:Program FilesThinkPadConnectUtilitiesAcSvc.exe

C:Program FilesCommon FilesLenovoLoggerlogmon.exe

C:Program FilesThinkPadConnectUtilitiesSvcGuiHlpr.exe

C:WINDOWSExplorer.EXE

C:Program FilesSynapticsSynTPSynTPEnh.exe

C:Program FilesLenovoHOTKEYTPHKMGR.exe

C:Program FilesLenovoHOTKEYTpWAudAp.exe

C:PROGRA~1LenovoPMDRIV~1PMHandler.exe

C:WINDOWSAGRSMMSG.exe

C:WINDOWSvsnp2std.exe

C:Program FilesJavajre1.5.0_06binjusched.exe

C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe

C:PROGRA~1LenovoLENOVO~2LPMGR.exe

C:Program FilesCommon FilesLenovoSchedulerscheduler_proxy.exe

C:WINDOWSsystem32igfxtray.exe

C:WINDOWSsystem32hkcmd.exe

C:WINDOWSsystem32igfxpers.exe

C:Program FilesEsetnod32kui.exe

C:Program FilesMozilla Firefoxfirefox.exe

C:Documents and SettingsM A D Z I U L E KPulpitwwdc(3).exe

C:DOCUME~1MADZIU~1USTAWI~1TempRar$EX00.375HijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.lenovo.com/welcome/3000notebook

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnyt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06binssv.dll

O2 - BHO: CPwmIEBrowserHelper Object - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:Program FilesLenovoClient Security Solutiontvtpwm_ie_com.dll

O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} - C:PROGRA~1BEARSH~1BEARSH~2MediaBar.dll (file missing)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll

O3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)

O4 - HKLM..Run: [synTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe

O4 - HKLM..Run: [TPHOTKEY] C:Program FilesLenovoHOTKEYTPHKMGR.exe

O4 - HKLM..Run: [TPWAUDAP] C:Program FilesLenovoHOTKEYTpWAudAp.exe

O4 - HKLM..Run: [PMHandler] C:PROGRA~1LenovoPMDRIV~1PMHandler.exe

O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM..Run: [snp2std] C:WINDOWSvsnp2std.exe

O4 - HKLM..Run: [sunJavaUpdateSched] C:Program FilesJavajre1.5.0_06binjusched.exe

O4 - HKLM..Run: [iSUSPM Startup] C:PROGRA~1COMMON~1INSTAL~1UPDATE~1ISUSPM.exe -startup

O4 - HKLM..Run: [iSUSScheduler] "C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe" -start

O4 - HKLM..Run: [LPManager] C:PROGRA~1LenovoLENOVO~2LPMGR.exe

O4 - HKLM..Run: [TVT Scheduler Proxy] C:Program FilesCommon FilesLenovoSchedulerscheduler_proxy.exe

O4 - HKLM..Run: [igfxtray] C:WINDOWSsystem32igfxtray.exe

O4 - HKLM..Run: [igfxhkcmd] C:WINDOWSsystem32hkcmd.exe

O4 - HKLM..Run: [igfxpers] C:WINDOWSsystem32igfxpers.exe

O4 - HKLM..Run: [nod32kui] "C:Program FilesEsetnod32kui.exe" /WAITSERVICE

O4 - HKLM..Run: [Outpost Firewall] "C:Program FilesAgnitumOutpost Firewalloutpost.exe" /waitservice

O4 - HKLM..Run: [OutpostFeedBack] C:Program FilesAgnitumOutpost Firewallfeedback.exe /dump:os_startup

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000

O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:Program FilesLenovoBluetooth Softwarebtsendto_ie_ctx.htm

O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:Program FilesLenovoClient Security Solutiontvtpwm_ie_com.dll

O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:Program FilesLenovoClient Security Solutiontvtpwm_ie_com.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06binssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06binssv.dll

O9 - Extra button: Szybkie dostosowywanie programu Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:Program FilesAgnitumOutpost FirewallPluginsBrowserBarie_bar.dll

O9 - Extra button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:Program FilesLenovoSystem Updatesulauncher.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)

O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxdev.dll

O20 - Winlogon Notify: tphotkey - C:WINDOWSSYSTEM32tphklock.dll

O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll

O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:Program FilesThinkPadConnectUtilitiesAcPrfMgrSvc.exe

O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:Program FilesThinkPadConnectUtilitiesAcSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:Program FilesLenovoBluetooth Softwarebinbtwdins.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:Program FilesIntelWirelessBinEvtEng.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:Program FilesEsetnod32krn.exe

O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:Program FilesAgnitumOutpost Firewalloutpost.exe

O23 - Service: PMSveH - Lenovo - C:Program FilesLenovoPM DriverPMSveH.exe

O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:WINDOWSsystem32PsaSrv.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:Program FilesIntelWirelessBinRegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:Program FilesIntelWirelessBinS24EvMon.exe

O23 - Service: System Update (SUService) - - c:program fileslenovosystem updatesuservice.exe

O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:Program FilesCommon FilesLenovotvt_reg_monitor_svc.exe

O23 - Service: TVT Backup Service - Lenovo Group Limited - C:Program FilesLenovoRescue and Recoveryrrservice.exe

O23 - Service: TVT Scheduler - Lenovo Group Limited - C:Program FilesCommon FilesLenovoSchedulertvtsched.exe

[ Dodano: 2007-06-16, 12:13 ]

[ Dodano: 2007-06-16, 12:15 ]

nie wiem czy wszystko zostało enebled !!! :bomba: :bomba:

[CatchMe]

W HijackThis kasujesz:

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb

O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} - C:PROGRA~1BEARSH~1BEARSH~2MediaBar.dll (file missing)

O3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)

- Gdzie są logi z Silent Runners i ComboFix?

[faxa]

ComboFix 07-06-13.3 - C:Documents and SettingsM A D Z I U L E KPulpitComboFix.exe

"M A D Z I U L E K" - 2007-06-16 15:22:55 - Dodatek Service Pack 2 NTFS

((((((((((((((((((((((((( Files Created from 2007-05-16 to 2007-06-16 )))))))))))))))))))))))))))))))

2007-06-16 15:05 49,152 --a------ C:WINDOWSnircmd.exe

2007-06-15 08:00 <DIR> d-------- C:Program FilesCommon FilesAgnitum Shared

2007-06-15 08:00 <DIR> d-------- C:Program FilesAgnitum

2007-06-14 19:52 512,096 --a------ C:WINDOWSsystem32driversamon.sys

2007-06-14 19:52 298,104 --a------ C:WINDOWSsystem32imon.dll

2007-06-14 19:52 15,424 --a------ C:WINDOWSsystem32driversnod32drv.sys

2007-06-11 23:15 <DIR> d-------- C:DOCUME~1MADZIU~1DANEAP~1Lavasoft

2007-06-11 23:14 <DIR> d-------- C:Program FilesLavasoft

2007-05-27 21:33 143,360 --a------ C:WINDOWSsystem32igfxres.dll

2007-05-26 22:00 262,144 --ah----- C:DOCUME~1ADMINI~1.MADNTUSER.DAT

2007-05-26 22:00 <DIR> dr-h----- C:DOCUME~1ADMINI~1.MADDane aplikacji

2007-05-26 22:00 <DIR> dr------- C:DOCUME~1ADMINI~1.MADUlubione

2007-05-26 22:00 <DIR> dr------- C:DOCUME~1ADMINI~1.MADMoje dokumenty

2007-05-26 22:00 <DIR> dr------- C:DOCUME~1ADMINI~1.MADMenu Start

2007-05-26 22:00 <DIR> d--h----- C:DOCUME~1ADMINI~1.MADUstawienia lokalne

2007-05-26 22:00 <DIR> d--h----- C:DOCUME~1ADMINI~1.MADSzablony

2007-05-26 22:00 <DIR> d-------- C:DOCUME~1ADMINI~1.MADPulpit

2007-05-26 22:00 <DIR> d-------- C:DOCUME~1ADMINI~1.MADDANEAP~1ThinkVantage

2007-05-26 22:00 <DIR> d-------- C:DOCUME~1ADMINI~1.MADDANEAP~1Symantec

2007-05-26 22:00 <DIR> d-------- C:DOCUME~1ADMINI~1.MADDANEAP~1Lenovo

2007-05-26 22:00 <DIR> d-------- C:DOCUME~1ADMINI~1.MADDANEAP~1Google

2007-05-26 22:00 <DIR> d-------- C:DOCUME~1ADMINI~1.MADBluetooth Software

2007-05-26 21:35 <DIR> d-------- C:WINDOWSPrefetch

2007-05-26 21:27 <DIR> d-------- C:Program FilesUsugi online

2007-05-26 21:14 24,661 --a------ C:WINDOWSsystem32spxcoins.dll

2007-05-26 21:14 13,312 --a------ C:WINDOWSsystem32irclass.dll

2007-05-26 20:56 991,744 --a------ C:WINDOWSsystem32syssetup.dll

2007-05-26 20:56 99,328 --a------ C:WINDOWSsystem32winscard.dll

2007-05-26 20:56 96,768 --a------ C:WINDOWSsystem32srvsvc.dll

2007-05-26 20:56 96,768 --a------ C:WINDOWSsystem32logagent.exe

2007-05-26 20:56 940,544 --a------ C:WINDOWSsystem32wmspdmoe.dll

2007-05-26 20:56 94,832 --a------ C:WINDOWStwain.dll

2007-05-26 20:56 937,984 --a------ C:WINDOWSsystem32winbrand.dll

2007-05-26 20:56 93,184 --a------ C:WINDOWSsystem32wlnotify.dll

2007-05-26 20:56 92,320 --a------ C:WINDOWSsystem32krnl386.exe

2007-05-26 20:56 91,648 --a------ C:WINDOWSsystem32xactsrv.dll

2007-05-26 20:56 90,624 --a------ C:WINDOWSsystem32trkwks.dll

2007-05-26 20:56 9,728 --a------ C:WINDOWSsystem32sprestrt.exe

2007-05-26 20:56 9,344 --a------ C:WINDOWSsystem32vga.dll

2007-05-26 20:56 9,216 --a------ C:WINDOWSsystem32wshatm.dll

2007-05-26 20:56 9,216 --a------ C:WINDOWSsystem32winfax.dll

2007-05-26 20:56 9,216 --a------ C:WINDOWSsystem32wifeman.dll

2007-05-26 20:56 9,216 --a------ C:WINDOWSsystem32subst.exe

2007-05-26 20:56 9,168 --a------ C:WINDOWSsystem32ver.dll

2007-05-26 20:56 9,168 --a------ C:WINDOWSsystemVER.DLL

2007-05-26 20:56 895,736 --a------ C:WINDOWSsystem32wmvdmod.dll

2007-05-26 20:56 87,040 --a------ C:WINDOWSsystem32drmstor.dll

2007-05-26 20:56 860,160 --a------ C:WINDOWSsystem32tapi3.dll

2007-05-26 20:56 86,016 --a------ C:WINDOWSsystem32wmpshell.dll

2007-05-26 20:56 85,504 --a------ C:WINDOWSsystem32tapiui.dll

2007-05-26 20:56 82,944 --a------ C:WINDOWSsystem32ws2_32.dll

2007-05-26 20:56 82,432 --a------ C:WINDOWSsystem32ufat.dll

2007-05-26 20:56 81,408 --a------ C:WINDOWSsystem32wscsvc.dll

2007-05-26 20:56 8,192 --a------ C:WINDOWSsystem32winhlp32.exe

2007-05-26 20:56 8,192 --a------ C:WINDOWSsystem32asferror.dll

2007-05-26 20:56 79,744 --a------ C:WINDOWSsystem32driversvideoprt.sys

2007-05-26 20:56 78,336 --a------ C:WINDOWSsystem32unimdmat.dll

2007-05-26 20:56 774,904 --a------ C:WINDOWSsystem32wmsdmod.dll

2007-05-26 20:56 755,200 --a------ C:WINDOWSsystem32ir50_32.dll

2007-05-26 20:56 75,776 --a------ C:WINDOWSsystem32wiascr.dll

2007-05-26 20:56 75,776 --a------ C:WINDOWSsystem32strmfilt.dll

2007-05-26 20:56 74,752 --a------ C:WINDOWSsystem32spoolss.dll

2007-05-26 20:56 73,802 --a------ C:WINDOWSsystem32msrclr40.dll

2007-05-26 20:56 729,088 --a------ C:WINDOWSsystem32userenv.dll

2007-05-26 20:56 716,288 --a------ C:WINDOWSsystem32wmadmoe.dll

2007-05-26 20:56 714,240 --a------ C:WINDOWSsystem32sxs.dll

2007-05-26 20:56 71,680 --a------ C:WINDOWSsystem32ssdpsrv.dll

2007-05-26 20:56 71,680 --a------ C:WINDOWSsystem32blastcln.exe

2007-05-26 20:56 708,608 --a------ C:WINDOWSsystem32ss3dfo.scr

2007-05-26 20:56 70,622 --a------ C:WINDOWSsystem32edit.com

2007-05-26 20:56 7,680 --a------ C:WINDOWSsystem32vcdex.dll

2007-05-26 20:56 7,168 --a------ C:WINDOWSsystem32wshnetbs.dll

2007-05-26 20:56 7,168 --a------ C:WINDOWSsystem32msr2cenu.dll

2007-05-26 20:56 695,296 --a------ C:WINDOWSsystem32drmv2clt.dll

2007-05-26 20:56 69,632 --a------ C:WINDOWSsystem32msr2c.dll

2007-05-26 20:56 69,120 --a------ C:WINDOWSsystem32MSCTFP.dll

2007-05-26 20:56 68,096 --a------ C:WINDOWSsystem32sti.dll

2007-05-26 20:56 679,936 --a------ C:WINDOWSsystem32sstext3d.scr

2007-05-26 20:56 67,584 --a------ C:WINDOWSsystem32webclnt.dll

2007-05-26 20:56 67,584 --a------ C:WINDOWSsystem32osuninst.dll

2007-05-26 20:56 66,176 --a------ C:WINDOWSsystem32driversudfs.sys

2007-05-26 20:56 66,048 --a------ C:WINDOWSsystem32wextract.exe

2007-05-26 20:56 65,536 --a------ C:WINDOWSsystem32wshext.dll

2007-05-26 20:56 610,304 --a------ C:WINDOWSsystem32sspipes.scr

2007-05-26 20:56 6,656 --a------ C:WINDOWSsystem32laprxy.dll

2007-05-26 20:56 6,656 --a------ C:WINDOWSsystem32kbdycl.dll

2007-05-26 20:56 6,656 --a------ C:WINDOWSsystem32kbdsl1.dll

2007-05-26 20:56 6,656 --a------ C:WINDOWSsystem32kbdsl.dll

2007-05-26 20:56 6,656 --a------ C:WINDOWSsystem32kbdinmal.dll

2007-05-26 20:56 6,656 --a------ C:WINDOWSsystem32kbdinben.dll

2007-05-26 20:56 6,144 --a------ C:WINDOWSsystem32svcpack.dll

2007-05-26 20:56 6,144 --a------ C:WINDOWSsystem32kbdtuq.dll

2007-05-26 20:56 6,144 --a------ C:WINDOWSsystem32kbdtuf.dll

2007-05-26 20:56 6,144 --a------ C:WINDOWSsystem32kbdinbe1.dll

2007-05-26 20:56 592,384 --a------ C:WINDOWSsystem32wiashext.dll

2007-05-26 20:56 590,336 --a------ C:WINDOWSsystem32d3dramp.dll

2007-05-26 20:56 58,368 --a------ C:WINDOWSsystem32wmerrPLK.dll

2007-05-26 20:56 578,560 --a------ C:WINDOWSsystem32user32.dll

2007-05-26 20:56 57,856 --a------ C:WINDOWSsystem32synceng.dll

2007-05-26 20:56 57,856 --a------ C:WINDOWSsystem32spoolsv.exe

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-14 17:16:34 80,472 ----a-w C:WINDOWSsystem32perfc015.dat

2007-06-14 17:16:34 459,746 ----a-w C:WINDOWSsystem32perfh015.dat

2007-06-10 06:41:24 5,427 ----a-w C:WINDOWSsystem32EGATHDRV.SYS

2007-06-01 06:22:30 18,048 ----a-w C:DOCUME~1MADZIU~1DANEAP~1GDIPFONTCACHEV1.DAT

2007-05-26 19:27:19 -------- d-----w C:Program FilesUsługi online

2007-05-26 19:26:46 23,740 ----a-w C:WINDOWSsystem32emptyregdb.dat

2007-05-26 17:39:33 -------- d-----w C:Program FilesGoogle

2007-05-26 17:25:03 -------- d-----w C:Program FilesWinamp

2007-05-26 17:12:46 -------- d-----w C:Program FilesPCDR5

2007-05-26 17:10:50 -------- d-----w C:Program FilesMaluch sim

2007-05-26 15:38:01 -------- d--h--w C:Program FilesInstallShield Installation Information

2007-05-25 20:53:21 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1Skype

2007-05-23 11:51:50 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1TransRender

2007-05-20 17:36:37 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1Tlen.pl

2007-05-14 10:17:41 -------- d-----w C:Program FilesJetAudio

2007-05-11 21:46:03 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1Temporary

2007-05-11 21:04:16 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1ConvertTemp

2007-05-11 21:04:13 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1Samsung

2007-05-08 19:27:57 -------- d-----w C:Program FilesWolfenstein - Enemy Territory

2007-05-01 21:03:44 664 ----a-w C:WINDOWSsystem32d3d9caps.dat

2007-05-01 19:09:39 -------- d-----w C:Program FilesCommon FilesCOWON

2007-05-01 10:08:58 -------- d-----w C:Program FileseMule

2007-04-28 15:50:39 -------- d-----w C:Program FilesPicasa2

2007-04-17 20:29:38 -------- d-----w C:Program FilesSplinter Cell PL

2007-04-17 14:40:48 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1Apple Computer

2007-04-17 14:36:08 -------- d-----w C:Program FilesiTunes

2007-04-17 14:35:59 -------- d-----w C:Program FilesiPod

2007-04-17 14:35:24 -------- d-----w C:Program FilesQuickTime

2007-04-17 14:34:19 -------- d-----w C:Program FilesApple Software Update

2007-04-16 22:19:55 -------- d-----w C:Program FilesNokia

2007-04-16 21:33:26 -------- d-----w C:DOCUME~1MADZIU~1DANEAP~1InterTrust

2007-04-16 20:38:20 -------- d-----w C:Program FilesCommon FilesSWF Studio

2007-03-22 22:28:44 1,364 ----a-w C:WINDOWSmozver.dat

2007-03-22 16:24:33 0 ----a-w C:WINDOWSnsreg.dat

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects]

{02478D38-C3F9-4EFB-9B51-7695ECA05670}=C:Program FilesYahoo!CompanionInstallscpnyt.dll [2006-10-26 11:28]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx [2001-04-16 18:39]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:Program FilesJavajre1.5.0_06binssv.dll [2005-11-10 14:22]

{F040E541-A427-4CF7-85D8-75E3E0F476C5}=C:Program FilesLenovoClient Security Solutiontvtpwm_ie_com.dll [2006-07-14 19:20]

{F97DA966-F09D-4cab-BF29-75A0026986EA}=C:PROGRA~1BEARSH~1BEARSH~2MediaBar.dll []

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"SynTPEnh"="C:Program FilesSynapticsSynTPSynTPEnh.exe" [2006-05-19 07:51]

"TPHOTKEY"="C:Program FilesLenovoHOTKEYTPHKMGR.exe" [2006-05-08 03:34]

"TPWAUDAP"="C:Program FilesLenovoHOTKEYTpWAudAp.exe" [2006-04-20 00:29]

"PMHandler"="C:PROGRA~1LenovoPMDRIV~1PMHandler.exe" [2006-08-22 00:54]

"AGRSMMSG"="AGRSMMSG.exe" [2006-08-30 09:40 C:WINDOWSAGRSMMSG.exe]

"SunJavaUpdateSched"="C:Program FilesJavajre1.5.0_06binjusched.exe" [2005-11-10 14:03]

"ISUSPM Startup"="C:PROGRA~1COMMON~1INSTAL~1UPDATE~1ISUSPM.exe" [2004-07-27 17:50]

"ISUSScheduler"="C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe" [2004-07-27 17:50]

"LPManager"="C:PROGRA~1LenovoLENOVO~2LPMGR.exe" [2006-07-03 18:11]

"TVT Scheduler Proxy"="C:Program FilesCommon FilesLenovoSchedulerscheduler_proxy.exe" [2006-07-14 19:05]

"nod32kui"="C:Program FilesEsetnod32kui.exe" [2007-06-14 19:51]

"Outpost Firewall"="C:Program FilesAgnitumOutpost Firewalloutpost.exe" [2007-01-19 14:46]

"OutpostFeedBack"="C:Program FilesAgnitumOutpost Firewallfeedback.exe" [2007-01-23 13:54]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyACNotify]

ACNotify.dll

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifytphotkey]

tphklock.dll

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa]

Notification Packages scecli ACGina

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Reader Speed Launch.lnk]

path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartAdobe Reader Speed Launch.lnk

backup=C:WINDOWSpssAdobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BTTray.lnk]

path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartBTTray.lnk

backup=C:WINDOWSpssBTTray.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk]

path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartMicrosoft Office.lnk

backup=C:WINDOWSpssMicrosoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^WinZip Quick Pick.lnk]

path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartWinZip Quick Pick.lnk

backup=C:WINDOWSpssWinZip Quick Pick.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupfolderC:^Documents and Settings^All Users^Menu Start^Programy^Autostart^zarzadca.lnk]

path=C:Documents and SettingsAll UsersMenu StartProgramyAutostartzarzadca.lnk

backup=C:WINDOWSpsszarzadca.lnkCommon Startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregcssauth]

"C:Program FilesLenovoClient Security Solutioncssauth.exe" silent

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregCTFMON.EXE]

C:WINDOWSsystem32ctfmon.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregDiskeeperSystray]

"C:Program FilesDiskeeper CorporationDiskeeperDkIcon.exe"

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregGoogle Desktop Search]

"C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe" /startup

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregiTunesHelper]

"C:Program FilesiTunesiTunesHelper.exe"

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregKomunikator]

C:Program FilesTlen.pltlen.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregNeroFilterCheck]

C:WINDOWSsystem32NeroCheck.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregPicasa Media Detector]

C:Program FilesPicasa2PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task]

"C:Program FilesQuickTimeqttask.exe" -atboottime

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSkype]

"C:Program FilesSkypePhoneSkype.exe" /nosplash /minimized

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregswg]

C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregWinampAgent]

C:Program FilesWinampwinampa.exe

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices]

"omniserv"=2 (0x2)

Contents of the 'Scheduled Tasks' folder

2007-06-07 11:55:07 C:WINDOWStasksAppleSoftwareUpdate.job

**************************************************************************

catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net

Rootkit scan 2007-06-16 15:25:37

Windows 5.1.2600 Dodatek Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

Completion time: 2007-06-16 15:26:18

C:ComboFix2.txt ... 2007-06-16 15:21

--- E O F ---

[ Dodano: 2007-06-16, 15:39 ]

mam nadzieje ze o to chodziło natomiast silent runner nie chula coś tam z archiwum jest nie tak nie ma dostępu czy cos co sie nazywa moja nie poradnoscia bede stosowałsie do twoich polecen dzieki

[CatchMe]

Logi zupełnie czyste. Przeskanuj system tym skanerem: www.ewido.net i daj z niego raport na forum.

[faxa]

po instalacji silent runners adpala sie potem pojawia sie pierwsze okno klikam na tak

pojawia sie komunikat WYKONANE a w nim NIEKTóRE PLIKI WYKAKOWANE Z SILENT RUNNER.ZIP ZOSTAłY ZMODYFIKOWANE LUB ZOSTAłY UTWOżONE NOWE PLIKI CZY CHCESZ JE UMIEśCIć W ARHIWUM

TAK LUB NIE klikan na tak i wyskakuje

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/

Operating System: Windows XP SP2

Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:

---------------------------------

HKLMSoftwareMicrosoftWindowsCurrentVersionRun {++}

"SynTPEnh" = "C:Program FilesSynapticsSynTPSynTPEnh.exe" ["Synaptics, Inc."]

"TPHOTKEY" = "C:Program FilesLenovoHOTKEYTPHKMGR.exe" [null data]

"TPWAUDAP" = "C:Program FilesLenovoHOTKEYTpWAudAp.exe" [null data]

"PMHandler" = "C:PROGRA~1LenovoPMDRIV~1PMHandler.exe" ["Lenovo"]

"AGRSMMSG" = "AGRSMMSG.exe" ["Agere Systems"]

"SunJavaUpdateSched" = "C:Program FilesJavajre1.5.0_06binjusched.exe" ["Sun Microsystems, Inc."]

"ISUSPM Startup" = "C:PROGRA~1COMMON~1INSTAL~1UPDATE~1ISUSPM.exe -startup" ["InstallShield Software Corporation"]

"ISUSScheduler" = ""C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe" -start" ["InstallShield Software Corporation"]

"LPManager" = "C:PROGRA~1LenovoLENOVO~2LPMGR.exe" ["Lenovo Group Limited"]

"TVT Scheduler Proxy" = "C:Program FilesCommon FilesLenovoSchedulerscheduler_proxy.exe" ["Lenovo Group Limited"]

"nod32kui" = ""C:Program FilesEsetnod32kui.exe" /WAITSERVICE" ["Eset "]

"Outpost Firewall" = ""C:Program FilesAgnitumOutpost Firewalloutpost.exe" /waitservice" ["Agnitum Ltd."]

"OutpostFeedBack" = "C:Program FilesAgnitumOutpost Firewallfeedback.exe /dump:os_startup" ["Agnitum Ltd."]

HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects

{02478D38-C3F9-4EFB-9B51-7695ECA05670}(Default) = (no title provided)

-> {HKLM...CLSID} = "Yahoo! Toolbar Helper"

InProcServer32(Default) = "C:Program FilesYahoo!CompanionInstallscpnyt.dll" ["Yahoo! Inc."]

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided)

-> {HKLM...CLSID} = "AcroIEHlprObj Class"

InProcServer32(Default) = "C:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx" [empty string]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided)

-> {HKLM...CLSID} = "SSVHelper Class"

InProcServer32(Default) = "C:Program FilesJavajre1.5.0_06binssv.dll" ["Sun Microsystems, Inc."]

{F040E541-A427-4CF7-85D8-75E3E0F476C5}(Default) = (no title provided)

-> {HKLM...CLSID} = "CPwmIEBrowserHelper Object"

InProcServer32(Default) = "C:Program FilesLenovoClient Security Solutiontvtpwm_ie_com.dll" ["Lenovo Group Limited"]

HKLMSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved

"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"

-> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"

InProcServer32(Default) = "deskpan.dll" [file not found]

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"

-> {HKLM...CLSID} = "HyperTerminal Icon Ext"

InProcServer32(Default) = "C:WINDOWSsystem32hticons.dll" ["Hilgraeve, Inc."]

"{3028902F-6374-48b2-8DC6-9725E775B926}" = "IE Microsoft AutoComplete"

-> {HKLM...CLSID} = "IE Microsoft AutoComplete"

InProcServer32(Default) = "C:WINDOWSsystem32browseui.dll" [MS]

"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band"

-> {HKLM...CLSID} = "History Band"

InProcServer32(Default) = "C:WINDOWSsystem32shdocvw.dll" [MS]

"{2F603045-309F-11CF-9774-0020AFD0CFF6}" = "Synaptics Control Panel"

-> {HKLM...CLSID} = (no title provided)

InProcServer32(Default) = "C:Program FilesSynapticsSynTPSynTPCpl.dll" ["Synaptics, Inc."]

"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"

-> {HKLM...CLSID} = "Portable Media Devices Menu"

InProcServer32(Default) = "C:WINDOWSsystem32Audiodev.dll" [MS]

"{6af09ec9-b429-11d4-a1fb-0090960218cb}" = "My Bluetooth Places"

-> {HKLM...CLSID} = "Moje miejsca interfejsu Bluetooth"

InProcServer32(Default) = "C:WINDOWSsystem32btneighborhood.dll" ["Broadcom Corporation."]

"{E0D79304-84BE-11CE-9641-444553540000}" = "WinZip"

-> {HKLM...CLSID} = "WinZip"

InProcServer32(Default) = "C:PROGRA~1WINZIPWZSHLSTB.DLL" ["WinZip Computing LP"]

"{E0D79305-84BE-11CE-9641-444553540000}" = "WinZip"

-> {HKLM...CLSID} = "WinZip"

InProcServer32(Default) = "C:PROGRA~1WINZIPWZSHLSTB.DLL" ["WinZip Computing LP"]

"{E0D79306-84BE-11CE-9641-444553540000}" = "WinZip"

-> {HKLM...CLSID} = "WinZip"

InProcServer32(Default) = "C:PROGRA~1WINZIPWZSHLSTB.DLL" ["WinZip Computing LP"]

"{E0D79307-84BE-11CE-9641-444553540000}" = "WinZip"

-> {HKLM...CLSID} = "WinZip"

InProcServer32(Default) = "C:PROGRA~1WINZIPWZSHLSTB.DLL" ["WinZip Computing LP"]

"{8FF88D21-7BD0-11D1-BFB7-00AA00262A11}" = "WinAce Archiver 2.65 Context Menu Shell Extension"

-> {HKLM...CLSID} = "WinAceContext Menu Extension"

InProcServer32(Default) = "C:Program FilesWinAcearcext.dll" ["e-merge GmbH"]

"{8FF88D25-7BD0-11D1-BFB7-00AA00262A11}" = "WinAce Archiver 2.65 DragDrop Shell Extension"

-> {HKLM...CLSID} = "WinAceDrag-Drop Extension"

InProcServer32(Default) = "C:Program FilesWinAcearcext.dll" ["e-merge GmbH"]

"{8FF88D27-7BD0-11D1-BFB7-00AA00262A11}" = "WinAce Archiver 2.65 Context Menu Shell Extension"

-> {HKLM...CLSID} = "WinAceContext Menu (Add) Extension"

InProcServer32(Default) = "C:Program FilesWinAcearcext.dll" ["e-merge GmbH"]

"{8FF88D23-7BD0-11D1-BFB7-00AA00262A11}" = "WinAce Archiver 2.65 Property Sheet Shell Extension"

-> {HKLM...CLSID} = "WinAceProperty Sheet Extension"

InProcServer32(Default) = "C:Program FilesWinAcearcext.dll" ["e-merge GmbH"]

"{B327765E-D724-4347-8B16-78AE18552FC3}" = "NeroDigitalIconHandler"

-> {HKLM...CLSID} = "NeroDigitalIconHandler Class"

InProcServer32(Default) = "C:Program FilesCommon FilesAheadLibNeroDigitalExt.dll" ["Nero AG"]

"{7F1CF152-04F8-453A-B34C-E609530A9DC8}" = "NeroDigitalPropSheetHandler"

-> {HKLM...CLSID} = "NeroDigitalPropSheetHandler Class"

InProcServer32(Default) = "C:Program FilesCommon FilesAheadLibNeroDigitalExt.dll" ["Nero AG"]

"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"

-> {HKLM...CLSID} = "Outlook File Icon Extension"

InProcServer32(Default) = "C:Program FilesMicrosoft OfficeOffice10OLKFSTUB.DLL" [MS]

"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"

-> {HKLM...CLSID} = (no title provided)

InProcServer32(Default) = "C:Program FilesMicrosoft OfficeOFFICE11msohev.dll" [file not found]

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"

-> {HKLM...CLSID} = "WinRAR"

InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]

"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes"

-> {HKLM...CLSID} = "iTunes"

InProcServer32(Default) = "C:Program FilesiTunesiTunesMiniPlayer.dll" ["Apple Inc."]

"{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}" = "jetAudio"

-> {HKLM...CLSID} = "JetFlExt Class"

InProcServer32(Default) = "C:Program FilesJetAudioJetFlExt.dll" ["COWON America"]

"{e57ce731-33e8-4c51-8354-bb4de9d215d1}" = "Uniwersalne urządzenia Plug and Play"

-> {HKLM...CLSID} = "Uniwersalne urządzenia Plug and Play"

InProcServer32(Default) = "C:WINDOWSsystem32upnpui.dll" [MS]

"{B089FE88-FB52-11D3-BDF1-0050DA34150D}" = "NOD32 Context Menu Shell Extension"

-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"

InProcServer32(Default) = "C:Program FilesEsetnodshex.dll" [null data]

HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogonNotify

<<!>> igfxcuiDLLName = "igfxdev.dll" ["Intel Corporation"]

<<!>> tphotkeyDLLName = "tphklock.dll" [null data]

HKLMSoftwareClassesFoldershellexColumnHandlers

{7D4D6379-F301-4311-BEBA-E26EB0561882}(Default) = "NeroDigitalExt.NeroDigitalColumnHandler"

-> {HKLM...CLSID} = "NeroDigitalColumnHandler Class"

InProcServer32(Default) = "C:Program FilesCommon FilesAheadLibNeroDigitalExt.dll" ["Nero AG"]

{F9DB5320-233E-11D1-9F84-707F02C10627}(Default) = "PDF Column Info"

-> {HKLM...CLSID} = "PDF Shell Extension"

InProcServer32(Default) = "C:Program FilesAdobeAcrobat 7.0ActiveXPDFShell.dll" ["Adobe Systems, Inc."]

HKLMSoftwareClasses*shellexContextMenuHandlers

ASW(Default) = "{33C9E362-3EDA-4930-8AFE-5DA39A8BB77A}"

-> {HKLM...CLSID} = "Outpost.ASWShellExt Component"

InProcServer32(Default) = "C:Program FilesAgnitumOutpost Firewallop_shell.dll" ["Agnitum Ltd."]

NOD32 Context Menu Shell Extension(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"

-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"

InProcServer32(Default) = "C:Program FilesEsetnodshex.dll" [null data]

WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]

WinZip(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"

-> {HKLM...CLSID} = "WinZip"

InProcServer32(Default) = "C:PROGRA~1WINZIPWZSHLSTB.DLL" ["WinZip Computing LP"]

ZFAdd(Default) = "{8FF88D27-7BD0-11D1-BFB7-00AA00262A11}"

-> {HKLM...CLSID} = "WinAceContext Menu (Add) Extension"

InProcServer32(Default) = "C:Program FilesWinAcearcext.dll" ["e-merge GmbH"]

HKLMSoftwareClassesDirectoryshellexContextMenuHandlers

ASW(Default) = "{33C9E362-3EDA-4930-8AFE-5DA39A8BB77A}"

-> {HKLM...CLSID} = "Outpost.ASWShellExt Component"

InProcServer32(Default) = "C:Program FilesAgnitumOutpost Firewallop_shell.dll" ["Agnitum Ltd."]

jetAudio(Default) = "{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}"

-> {HKLM...CLSID} = "JetFlExt Class"

InProcServer32(Default) = "C:Program FilesJetAudioJetFlExt.dll" ["COWON America"]

WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]

WinZip(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"

-> {HKLM...CLSID} = "WinZip"

InProcServer32(Default) = "C:PROGRA~1WINZIPWZSHLSTB.DLL" ["WinZip Computing LP"]

ZFAdd(Default) = "{8FF88D27-7BD0-11D1-BFB7-00AA00262A11}"

-> {HKLM...CLSID} = "WinAceContext Menu (Add) Extension"

InProcServer32(Default) = "C:Program FilesWinAcearcext.dll" ["e-merge GmbH"]

HKLMSoftwareClassesFoldershellexContextMenuHandlers

ASW(Default) = "{33C9E362-3EDA-4930-8AFE-5DA39A8BB77A}"

-> {HKLM...CLSID} = "Outpost.ASWShellExt Component"

InProcServer32(Default) = "C:Program FilesAgnitumOutpost Firewallop_shell.dll" ["Agnitum Ltd."]

jetAudio(Default) = "{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8}"

-> {HKLM...CLSID} = "JetFlExt Class"

InProcServer32(Default) = "C:Program FilesJetAudioJetFlExt.dll" ["COWON America"]

NOD32 Context Menu Shell Extension(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"

-> {HKLM...CLSID} = "NOD32 Context Menu Shell Extension"

InProcServer32(Default) = "C:Program FilesEsetnodshex.dll" [null data]

WinRAR(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

InProcServer32(Default) = "C:Program FilesWinRARrarext.dll" [null data]

WinZip(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"

-> {HKLM...CLSID} = "WinZip"

InProcServer32(Default) = "C:PROGRA~1WINZIPWZSHLSTB.DLL" ["WinZip Computing LP"]

Group Policies {policy setting}:

--------------------------------

Note: detected settings may not have any effect.

HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem

"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001

{Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) hex:0x00000001

{Devices: Allow undock without having to log on}

Active Desktop and Wallpaper:

-----------------------------

Active Desktop may be disabled at this entry:

HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCUSoftwareMicrosoftInternet ExplorerDesktopGeneral

"Wallpaper" = "C:WINDOWSsystem32configsystemprofileUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCUControl PanelDesktop

"Wallpaper" = "C:Documents and SettingsM A D Z I U L E KUstawienia lokalneDane aplikacjiMicrosoftWallpaper1.bmp"

Enabled Scheduled Tasks:

------------------------

"AppleSoftwareUpdate" -> launches: "C:Program FilesApple Software UpdateSoftwareUpdate.exe -Task" ["Apple Computer, Inc."]

Winsock2 Service Provider DLLs:

-------------------------------

Namespace Service Providers

HKLMSystemCurrentControlSetServicesWinsock2ParametersNameSpace_Catalog5Catalog_E

tries {++}

000000000001LibraryPath = "%SystemRoot%System32mswsock.dll" [MS]

000000000002LibraryPath = "%SystemRoot%System32winrnr.dll" [MS]

000000000003LibraryPath = "%SystemRoot%System32mswsock.dll" [MS]

Transport Service Providers

HKLMSystemCurrentControlSetServicesWinsock2ParametersProtocol_Catalog9Catalog_En

ries {++}

0000000000##PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

C:WINDOWSsystem32imon.dll ["Eset "], 01 - 05, 25

%SystemRoot%system32mswsock.dll [MS], 06 - 08, 11 - 24

%SystemRoot%system32rsvpsp.dll [MS], 09 - 10

Toolbars, Explorer Bars, Extensions:

------------------------------------

Toolbars

HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"

-> {HKLM...CLSID} = "Yahoo! Toolbar"

InProcServer32(Default) = "C:Program FilesYahoo!CompanionInstallscpnyt.dll" ["Yahoo! Inc."]

HKLMSoftwareMicrosoftInternet ExplorerToolbar

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" = (no title provided)

-> {HKLM...CLSID} = "Yahoo! Toolbar"

InProcServer32(Default) = "C:Program FilesYahoo!CompanionInstallscpnyt.dll" ["Yahoo! Inc."]

Explorer Bars

HKLMSoftwareMicrosoftInternet ExplorerExplorer Bars

HKLMSoftwareClassesCLSID{A1A7E22D-1587-4230-8F16-081C68D21448}(Default) = "Szybkie dostosowywanie programu"

Implemented Categories{00021493-0000-0000-C000-000000000046} [vertical bar]

InProcServer32(Default) = "C:Program FilesAgnitumOutpost FirewallPluginsBrowserBarie_bar.dll" ["Agnitum Ltd."]

Extensions (Tools menu items, main toolbar menu buttons)

HKLMSoftwareMicrosoftInternet ExplorerExtensions

{0045D4BC-5189-4B67-969C-83BB1906C421}

"MenuText" = "ThinkVantage Password Manager..."

"CLSIDExtension" = "{0FE81B52-73FA-425F-8F06-3F32451AC73F}"

-> {HKLM...CLSID} = "CPwmIEToolsMenuItem Object"

InProcServer32(Default) = "C:Program FilesLenovoClient Security Solutiontvtpwm_ie_com.dll" ["Lenovo Group Limited"]

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}

"MenuText" = "Sun Java Console"

"CLSIDExtension" = "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}"

-> {HKCU...CLSID} = "Java Plug-in"

InProcServer32(Default) = "C:Program FilesJavajre1.5.0_06binssv.dll" ["Sun Microsystems, Inc."]

-> {HKLM...CLSID} = "Java Plug-in 1.5.0_06"

InProcServer32(Default) = "C:Program FilesJavajre1.5.0_06binnpjpi150_06.dll" ["Sun Microsystems, Inc."]

{44627E97-789B-40D4-B5C2-58BD171129A1}

"ButtonText" = "Szybkie dostosowywanie programu Outpost Firewall Pro"

{DA320635-F48C-4613-8325-D75A933C549E}

"ButtonText" = "System Update"

"Exec" = "C:Program FilesLenovoSystem Updatesulauncher.exe" [null data]

{FB5F1910-F110-11D2-BB9E-00C04F795683}

"ButtonText" = "Messenger"

"MenuText" = "Windows Messenger"

"Exec" = "C:Program FilesMessengermsmsgs.exe" [MS]

Miscellaneous IE Hijack Points

------------------------------

HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks

<<H>> "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" = "*o" (unwritable string)

-> {HKLM...CLSID} = "Yahoo! Toolbar"

InProcServer32(Default) = "C:Program FilesYahoo!CompanionInstallscpnyt.dll" ["Yahoo! Inc."]

Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------

Ac Profile Manager Service, AcPrfMgrSvc, "C:Program FilesThinkPadConnectUtilitiesAcPrfMgrSvc.exe" [null data]

Access Connections Main Service, AcSvc, "C:Program FilesThinkPadConnectUtilitiesAcSvc.exe" ["Lenovo"]

Bluetooth Service, btwdins, "C:Program FilesLenovoBluetooth Softwarebinbtwdins.exe" ["Broadcom Corporation."]

Intel® PROSet/Wireless Event Log, EvtEng, "C:Program FilesIntelWirelessBinEvtEng.exe" ["Intel Corporation"]

Intel® PROSet/Wireless Registry Service, RegSrvc, "C:Program FilesIntelWirelessBinRegSrvc.exe" ["Intel Corporation"]

Intel® PROSet/Wireless Service, S24EventMonitor, "C:Program FilesIntelWirelessBinS24EvMon.exe" ["Intel Corporation "]

NOD32 Kernel Service, NOD32krn, ""C:Program FilesEsetnod32krn.exe"" ["Eset "]

Outpost Firewall Service, OutpostFirewall, "C:Program FilesAgnitumOutpost Firewalloutpost.exe /service" ["Agnitum Ltd."]

PMSveH, PMSveH, "C:Program FilesLenovoPM DriverPMSveH.exe" ["Lenovo"]

System Update, SUService, "c:program fileslenovosystem updatesuservice.exe" [null data]

ThinkVantage Registry Monitor Service, ThinkVantage Registry Monitor Service, ""C:Program FilesCommon FilesLenovotvt_reg_monitor_svc.exe"" [null data]

TVT Backup Service, TVT Backup Service, ""C:Program FilesLenovoRescue and Recoveryrrservice.exe"" ["Lenovo Group Limited"]

TVT Scheduler, TVT Scheduler, ""C:Program FilesCommon FilesLenovoSchedulertvtsched.exe"" ["Lenovo Group Limited"]

Print Monitors:

---------------

HKLMSystemCurrentControlSetControlPrintMonitors

Canon BJ Language Monitor PIXMA iP1000Driver = "CNMLM6e.DLL" ["CANON INC."]

Monitor 2 języka BJDriver = "CNBJMON2.DLL" [MS]

Port drukarki interfejsu BluetoothDriver = "bthcrp.dll" ["Broadcom Corporation."]

----------

<<!>>: Suspicious data at a malware launch point.

<<H>>: Suspicious data at a browser hijack point.

+ This report excludes default entries except where indicated.

+ To see *everywhere* the script checks and *everything* it finds,

launch it from a command prompt or a shortcut with the -all parameter.

+ To search all directories of local fixed drives for DESKTOP.INI

DLL launch points, use the -supp parameter or answer "No" at the

first message box and "Yes" at the second message box.

---------- (total run time: 71 seconds, including 11 seconds for message boxes)

[CatchMe]

Czysto. Wykonaj poprzedni post.

[faxa]

W HijackThis kasujesz:

Cytat:

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb

O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} - C:PROGRA~1BEARSH~1BEARSH~2MediaBar.dll (file missing)

O3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing

te ścieżki miałem usunąć usunąłem wszystkie oprucz

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb

bo już jej nie było nie wiem dlaczego

wielkie dzięki jak się skończy skanowanie AVT wkleje co wykrył

[ Dodano: 2007-06-16, 16:54 ]

nie wiem jak moge skopiować ale wyktył 166 pliki TRACKINGCOOKIE RóżNE I

1 plik - BACKDOOR.HUPIGON.KG

[ Dodano: 2007-06-16, 16:58 ]

VG Anti-Spyware - Scan Report

---------------------------------------------------------

+ Created at: 16:58:20 2007-06-16

+ Scan result:

C:Program FilesRockstar GamesGTA San Andreashlm-intro.exe -> Backdoor.Hupigon.kg : No action taken.

:mozilla.258:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.259:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.260:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.261:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.262:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.263:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.264:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.458:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.644:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.817:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.847:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.2o7 : No action taken.

:mozilla.955:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.2o7 : No action taken.

C:Program FilesAgnitumOutpost FirewallPluginsAntiSpywarequarantine00000404.asw -> TrackingCookie.2o7 : No action taken.

:mozilla.101:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.248:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.530:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.70:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.71:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.72:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.73:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.74:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.75:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.76:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.773:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.806:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.807:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.808:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.809:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.810:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.811:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.812:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

:mozilla.813:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adbrite : No action taken.

C:Program FilesAgnitumOutpost FirewallPluginsAntiSpywarequarantine00000402.asw -> TrackingCookie.Adbrite : No action taken.

:mozilla.68:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adengage : No action taken.

:mozilla.136:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adocean : No action taken.

:mozilla.137:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adocean : No action taken.

:mozilla.225:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adocean : No action taken.

:mozilla.226:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adocean : No action taken.

:mozilla.31:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adocean : No action taken.

:mozilla.32:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adocean : No action taken.

:mozilla.47:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adocean : No action taken.

:mozilla.48:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Adocean : No action taken.

C:Documents and SettingsM A D Z I U L E KCookiesm a d z i u l e k@gde.adocean[2].txt -> TrackingCookie.Adocean : No action taken.

C:Documents and SettingsM A D Z I U L E KCookiesm a d z i u l e k@gg.adocean[1].txt -> TrackingCookie.Adocean : No action taken.

C:Documents and SettingsM A D Z I U L E KCookiesm a d z i u l e k@my.adocean[1].txt -> TrackingCookie.Adocean : No action taken.

:mozilla.750:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Advertising : No action taken.

:mozilla.751:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Advertising : No action taken.

:mozilla.758:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Advertising : No action taken.

:mozilla.126:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Atdmt : No action taken.

:mozilla.726:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Bbmedia : No action taken.

:mozilla.692:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.693:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.694:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.695:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Casalemedia : No action taken.

:mozilla.625:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Clickhype : No action taken.

:mozilla.961:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Clickzs : No action taken.

:mozilla.962:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Clickzs : No action taken.

:mozilla.624:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Cqcounter : No action taken.

:mozilla.282:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Doubleclick : No action taken.

:mozilla.842:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Esomniture : No action taken.

:mozilla.843:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Esomniture : No action taken.

:mozilla.844:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Esomniture : No action taken.

:mozilla.286:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Estat : No action taken.

:mozilla.570:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Fastclick : No action taken.

:mozilla.10:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Gemius : No action taken.

:mozilla.11:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Gemius : No action taken.

:mozilla.7:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Gemius : No action taken.

:mozilla.9:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Gemius : No action taken.

C:Program FilesAgnitumOutpost FirewallPluginsAntiSpywarequarantine00000405.asw -> TrackingCookie.Gemius : No action taken.

:mozilla.217:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Googleadservices : No action taken.

:mozilla.553:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Googleadservices : No action taken.

:mozilla.743:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Googleadservices : No action taken.

:mozilla.787:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Googleadservices : No action taken.

:mozilla.125:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.729:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.765:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Hitbox : No action taken.

:mozilla.559:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Imrworldwide : No action taken.

:mozilla.560:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Imrworldwide : No action taken.

:mozilla.941:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Information : No action taken.

:mozilla.574:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Intelli-direct : No action taken.

:mozilla.419:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Ivwbox : No action taken.

:mozilla.532:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Liveperson : No action taken.

:mozilla.533:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Liveperson : No action taken.

:mozilla.534:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Liveperson : No action taken.

:mozilla.69:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Masterstats : No action taken.

:mozilla.878:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Mediaplex : No action taken.

:mozilla.727:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Navrcholu : No action taken.

:mozilla.689:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Onestat : No action taken.

:mozilla.690:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Onestat : No action taken.

:mozilla.691:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Onestat : No action taken.

:mozilla.462:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Overture : No action taken.

:mozilla.609:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Paypal : No action taken.

:mozilla.766:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Pointroll : No action taken.

:mozilla.767:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Pointroll : No action taken.

:mozilla.768:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Pointroll : No action taken.

:mozilla.769:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Pointroll : No action taken.

:mozilla.456:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Questionmarket : No action taken.

:mozilla.457:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Questionmarket : No action taken.

:mozilla.940:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Revenue : No action taken.

:mozilla.571:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Revsci : No action taken.

:mozilla.572:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Revsci : No action taken.

:mozilla.573:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Revsci : No action taken.

:mozilla.386:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Ru4 : No action taken.

:mozilla.387:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Ru4 : No action taken.

:mozilla.272:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Serving-sys : No action taken.

:mozilla.273:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Serving-sys : No action taken.

:mozilla.274:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Serving-sys : No action taken.

:mozilla.275:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Serving-sys : No action taken.

:mozilla.276:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Serving-sys : No action taken.

:mozilla.277:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Serving-sys : No action taken.

:mozilla.379:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Sexcounter : No action taken.

:mozilla.380:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Sexcounter : No action taken.

:mozilla.381:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Sexcounter : No action taken.

:mozilla.382:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Sexcounter : No action taken.

:mozilla.383:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Sexcounter : No action taken.

:mozilla.384:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Sexcounter : No action taken.

:mozilla.502:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.503:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.504:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.505:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.879:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Skype : No action taken.

:mozilla.881:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Skype : No action taken.

C:Documents and SettingsM A D Z I U L E KCookiesm a d z i u l e k@site.skype[1].txt -> TrackingCookie.Skype : No action taken.

C:Documents and SettingsM A D Z I U L E KCookiesm a d z i u l e k@skype[3].txt -> TrackingCookie.Skype : No action taken.

:mozilla.285:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Smartadserver : No action taken.

:mozilla.452:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Specificclick : No action taken.

:mozilla.453:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Specificclick : No action taken.

:mozilla.454:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Specificclick : No action taken.

:mozilla.455:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Specificclick : No action taken.

:mozilla.308:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.309:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.310:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.311:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.312:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.313:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.314:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.315:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Statcounter : No action taken.

:mozilla.610:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Statistik-gallup : No action taken.

:mozilla.459:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Tacoda : No action taken.

:mozilla.460:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Tacoda : No action taken.

:mozilla.461:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Tacoda : No action taken.

:mozilla.814:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Toplist : No action taken.

:mozilla.296:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Tradedoubler : No action taken.

:mozilla.297:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Tradedoubler : No action taken.

:mozilla.298:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Tradedoubler : No action taken.

:mozilla.299:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Tradedoubler : No action taken.

:mozilla.300:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Tradedoubler : No action taken.

:mozilla.759:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Trafficmp : No action taken.

:mozilla.760:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Trafficmp : No action taken.

:mozilla.761:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Trafficmp : No action taken.

:mozilla.762:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Trafficmp : No action taken.

:mozilla.763:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Trafficmp : No action taken.

:mozilla.764:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Trafficmp : No action taken.

:mozilla.399:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Tribalfusion : No action taken.

:mozilla.145:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Webtrends : No action taken.

C:Documents and SettingsM A D Z I U L E KCookiesm a d z i u l e k@m.webtrends[1].txt -> TrackingCookie.Webtrends : No action taken.

:mozilla.939:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Webtrendslive : No action taken.

:mozilla.898:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Yadro : No action taken.

:mozilla.406:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Yieldmanager : No action taken.

:mozilla.407:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Yieldmanager : No action taken.

:mozilla.408:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Yieldmanager : No action taken.

C:Program FilesAgnitumOutpost FirewallPluginsAntiSpywarequarantine00000403.asw -> TrackingCookie.Yieldmanager : No action taken.

:mozilla.265:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Zedo : No action taken.

:mozilla.266:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Zedo : No action taken.

:mozilla.267:C:Documents and SettingsM A D Z I U L E KDane aplikacjiMozillaFirefoxProfiles1f1cmf2m.defaultcookies.txt -> TrackingCookie.Zedo : No action taken.

::Report end

[ Dodano: 2007-06-16, 17:01 ]

i co ty na to pozdrawiam

faxa

[CatchMe]

Te logi są ok. Komputer jest czysty.

[faxa]

CatchMe - fenkju wery much

[ Dodano: 2007-06-16, 23:14 ]

]CatchMe fenk ju wery nuch