PROSIM POMOC PC UZAMKNUTY policia

[nanka295]

Prosim o pomoc...dnes rano som zapla pc a nabehlo mi okno,ze pc je uzamknuty-slovenska policia, a musim zaplatit 100eur pokutu....je to virus? co s tym? vie mi niekto pomoct a poradit? vopred dakujem za pomoc

[JaRon]

je to virus
napis, aky mas OS + zobrazi sa polcha + da sa spustit nudzovy rezim

[nanka295]

Vista
ano da sa spustit nudzovy rezim

Co mam urobit?

dakujem

[JaRon]

pouzi navod kolegu z 23:13 http://forum.viry.cz/viewtopic.php?f=30 ... e#p1181231

[nanka295]

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/10/2013 12:40:41 PM in x64 mode.
Windows Version: Windows Vista (TM) Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Ivana & Peter\Desktop\rkill\rkill-01-10-2013-12-40-42.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Base Filtering Engine (BFE) is not Running.
Startup Type set to: Automatic

* DHCP Client (Dhcp) is not Running.
Startup Type set to: Automatic

* DNS Client (Dnscache) is not Running.
Startup Type set to: Automatic

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Automatic

* Network Connections (Netman) is not Running.
Startup Type set to: Manual

* Network Store Interface Service (nsi) is not Running.
Startup Type set to: Automatic

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (AFD) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Firewall Authorization Driver (mpsdrv) is not Running.
Startup Type set to: Manual

* NETBT (NetBT) is not Running.
Startup Type set to: System

* NSI proxy service (nsiproxy) is not Running.
Startup Type set to: System

* NetIO Legacy TDI Support Driver (tdx) is not Running.
Startup Type set to: System

* iphlpsvc [Missing Service]
* MpsSvc [Missing Service]

* SharedAccess [Missing ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

ÿþ1 2 7 . 0 . 0 . 1 l o c a l h o s t

: : 1 l o c a l h o s t



Program finished at: 01/10/2013 12:40:50 PM
Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s)




Co teraz?

[JaRon]

po rkill spust Combofix

[nanka295]

ComboFix 13-01-08.01 - Ivana & Peter 10/01/2013 13:20:54.2.4 - x64 MINIMAL
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.4094.3351 [GMT 1:00]
Running from: c:\users\Ivana & Peter\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 192 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\AE16AEA8838DE78A0000AE160098EDF5
c:\programdata\AE16AEA8838DE78A0000AE160098EDF5\AE16AEA8838DE78A0000AE160098EDF5
c:\programdata\AE16AEA8838DE78A0000AE160098EDF5\AE16AEA8838DE78A0000AE160098EDF5.exe
c:\programdata\AE16AEA8838DE78A0000AE160098EDF5\AE16AEA8838DE78A0000AE160098EDF5.ico
c:\programdata\dsgsdgdsgdsgw.pad
c:\users\Ivana & Peter\wgsdgsdgdsgsd.exe
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\jucheck.exe
c:\windows\SysWow64\jusched.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((((( Files Created from 2012-12-10 to 2013-01-10 )))))))))))))))))))))))))))))))
.
.
2013-01-10 12:27 . 2013-01-10 12:31 -------- d-----w- c:\users\Ivana & Peter\AppData\Local\temp
2013-01-10 12:27 . 2013-01-10 12:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-08 13:13 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{483991BF-4908-4A8C-9C1C-A5057247BADA}\mpengine.dll
2013-01-03 13:47 . 2013-01-03 13:48 -------- d-----w- c:\programdata\SweetIM
2013-01-03 13:47 . 2013-01-03 13:48 -------- d-----w- c:\program files (x86)\SweetIM
2013-01-03 13:47 . 2013-01-03 13:47 -------- d-----w- c:\program files (x86)\sweetpacks bundle uninstaller
2013-01-03 13:47 . 2013-01-03 13:47 -------- d-----w- c:\users\Ivana & Peter\AppData\Local\SwvUpdater
2012-12-31 11:33 . 2013-01-02 13:27 -------- d-----w- c:\users\Ivana & Peter\AppData\Roaming\DivX
2012-12-31 11:33 . 2012-12-31 11:33 -------- d-----w- c:\program files\DivX
2012-12-31 11:33 . 2012-12-31 11:33 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2012-12-31 11:32 . 2012-12-31 11:34 -------- d-----w- c:\program files (x86)\DivX
2012-12-31 11:31 . 2012-12-31 11:34 -------- d-----w- c:\programdata\DivX
2012-12-31 11:23 . 2012-12-31 11:23 -------- d-----w- C:\Download
2012-12-31 11:22 . 2012-12-31 11:22 -------- d-----w- c:\users\Ivana & Peter\AppData\Roaming\Samsung
2012-12-31 11:21 . 2012-12-31 11:21 -------- d-----w- C:\AllShare
2012-12-30 19:17 . 2012-12-30 19:17 -------- d-----w- C:\PCShareManagerUpload
2012-12-30 19:16 . 2012-12-31 11:20 -------- d-----w- c:\program files (x86)\Samsung
2012-12-24 10:32 . 2000-05-11 00:00 90112 ------w- c:\windows\Updreg.EXE
2012-12-24 10:25 . 2012-12-24 10:31 -------- d-----w- c:\program files (x86)\Creative Professional
2012-12-24 10:24 . 2003-11-10 17:14 729088 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2012-12-24 10:24 . 2003-11-10 17:13 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2012-12-24 10:24 . 2003-11-10 17:12 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2012-12-24 10:24 . 2003-11-10 17:12 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2012-12-24 10:24 . 2003-11-10 17:11 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2012-12-24 10:24 . 2012-12-24 10:24 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2012-12-24 10:24 . 2012-12-24 10:24 188548 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2012-12-23 21:21 . 2012-12-23 21:22 -------- d-----w- c:\users\Ivana & Peter\AppData\Local\Smartbar
2012-12-23 21:21 . 2012-12-23 21:21 -------- d-----w- c:\windows\SysWow64\Extensions
2012-12-23 21:21 . 2012-12-23 21:21 -------- d-----w- c:\windows\SysWow64\searchplugins
2012-12-23 21:21 . 2012-12-23 21:29 -------- d-----w- c:\users\Ivana & Peter\AppData\Roaming\vlc
2012-12-23 21:21 . 2012-12-23 21:21 -------- d-----w- c:\users\Ivana & Peter\AppData\Roaming\Claro
2012-12-23 21:21 . 2012-12-23 21:21 -------- d-----w- c:\programdata\BrowserProtect
2012-12-23 21:21 . 2012-12-23 21:21 -------- d-----w- c:\users\Ivana & Peter\AppData\Roaming\Babylon
2012-12-23 21:21 . 2012-12-23 21:21 -------- d-----w- c:\programdata\Babylon
2012-12-23 21:20 . 2012-12-23 21:20 -------- d-----w- c:\program files (x86)\VideoLAN
2012-12-23 21:20 . 2012-12-23 21:20 723230 ----a-w- c:\windows\unins000.exe
2012-12-23 19:57 . 2012-12-23 19:57 -------- d-----w- c:\windows\SysWow64\Data
2012-12-23 19:57 . 2012-12-23 19:57 -------- d-----w- c:\windows\system32\Data
2012-12-23 19:57 . 2007-11-26 14:10 11776 ----a-w- c:\windows\system32\INRES.DLL
2012-12-23 19:57 . 2007-11-26 14:07 11776 ----a-w- c:\windows\SysWow64\INRES.DLL
2012-12-23 14:38 . 2012-12-23 14:38 -------- d-----w- c:\program files (x86)\Common Files\Tmp
2012-12-23 14:30 . 2012-12-23 14:30 -------- d-----w- c:\programdata\Celemony Software GmbH
2012-12-23 14:30 . 2012-12-23 14:40 -------- d-----w- c:\users\Ivana & Peter\AppData\Roaming\Celemony Software GmbH
2012-12-23 14:26 . 2006-03-30 15:39 368640 ----a-w- c:\windows\SysWow64\ReWire.dll
2012-12-23 14:26 . 2012-12-23 14:26 -------- d-----w- c:\program files (x86)\u-he
2012-12-23 14:26 . 2012-12-23 14:26 -------- d-----w- c:\program files (x86)\Celemony
2012-12-23 14:25 . 2012-12-23 14:25 180356 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2012-12-23 14:25 . 2005-03-22 16:50 733184 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2012-12-23 14:25 . 2004-07-15 23:20 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2012-12-23 14:25 . 2004-07-15 23:19 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2012-12-23 14:25 . 2004-07-15 23:18 172032 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2012-12-23 14:25 . 2004-07-15 23:18 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2012-12-23 14:25 . 2012-12-23 14:25 303236 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2012-12-23 14:20 . 2012-12-23 14:20 -------- d-----w- c:\program files\Common Files\VST3
2012-12-23 14:20 . 2012-12-23 14:20 -------- d-----w- c:\program files\Steinberg
2012-12-23 14:20 . 2012-12-23 14:20 -------- d-----w- c:\program files (x86)\iZotope
2012-12-23 14:20 . 2012-12-23 14:20 -------- d-----w- c:\program files (x86)\Common Files\Digidesign
2012-12-14 06:58 . 2012-12-14 06:58 -------- d-----w- c:\windows\system32\MpEngineStore
2012-12-12 16:39 . 2012-12-12 16:39 -------- d-----w- C:\99ac2d28a8cd374705e7
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 20:28 . 2012-05-05 16:43 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 20:28 . 2012-05-05 16:43 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-14 06:56 . 2006-11-02 12:35 67413224 ----a-w- c:\windows\system32\mrt.exe
2012-11-13 20:29 . 2012-11-13 20:29 354216 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2012-11-13 20:21 . 2012-11-13 19:26 0 ----a-w- c:\windows\SysWow64\_r_a_p_.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
2009-11-08 08:55 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-12-06 14:35 1308504 ----a-r- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll" [2011-05-09 176936]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-12-06 1308504]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1555968]
"Browser Infrastructure Helper"="c:\users\Ivana & Peter\AppData\Local\Smartbar\Application\QuickShare.exe" [2012-12-10 13824]
"E-MU USB Audio Control Panel"="c:\program files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe" [2007-11-26 274432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2007-02-15 119296]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2012-08-24 336992]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"AllShareAgent"="c:\program files (x86)\Samsung\AllShare\AllShareAgent.exe" [2012-03-01 285072]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2012-11-13 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2012-11-30 1263512]
"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2012-10-04 115032]
"Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
.
c:\users\Ivana & Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Odmenovac.appref-ms [2012-10-29 282]
runctf.lnk - c:\windows\System32\rundll32.exe [2006-11-2 46592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~3\browse~1\251005~1.80\{c16c1~1\browse~1.dll c:\progra~3\browse~1\251005~1.80\{c16c1~1\browserprotect.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - COMHOST
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
ezSharedSvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 20:28]
.
2013-01-10 c:\windows\Tasks\AmiUpdXp.job
- c:\users\Ivana & Peter\AppData\Local\SwvUpdater\Updater.exe [2013-01-03 13:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-17 15844896]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-17 82464]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-11 178712]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
"MRT"="c:\windows\system32\MRT.exe" [2012-12-14 67413224]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={2E77B870-55AC-11E2-A2C8-002215589A5A}
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={2E77B870-55AC-11E2-A2C8-002215589A5A}
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=84&bd=Pavilion&pf=cndt
mLocal Page = %SystemRoot%\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
IE: E&xportovat do programu Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Ivana & Peter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Od&oslat do programu OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
AddRemove-System Progressive Protection - c:\programdata\AE16AEA8838DE78A0000AE160098EDF5\AE16AEA8838DE78A0000AE160098EDF5.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@DACL=(02 0011)
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
@DACL=(02 0011)
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@DACL=(02 0011)
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@DACL=(02 0011)
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
c:\programdata\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
c:\windows\SysWOW64\schtasks.exe
c:\hp\HPEZBTN\HPBtnSrv.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\windows\SysWOW64\nlssrv32.exe
c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\programdata\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
c:\windows\SysWOW64\conime.exe
c:\windows\SysWOW64\conime.exe
c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
c:\hp\kbd\kbd.exe
.
**************************************************************************
.
Completion time: 2013-01-10 13:35:23 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-10 12:35
.
Pre-Run: 777,808,818,176 bytes free
Post-Run: 776,399,085,568 bytes free
.
- - End Of File - - 389A600F4CDEED6B875472DE810EE045


A to je vsetko alebo treba este nieco robit?

[JaRon]

to najhorsie mas za sebou - ciste to este nie je
1. vycisti PC s ADWCleanerom - volba delete
2. prescanuj PC s MBAM - rychla kontrola - log vloz

[nanka295]

ako mam vycistit PC s ADWCleanerom? ked ho otvorim tak nabehne okno, ze treba restart a ked sa restartuje tak sa nic nedeje. Ked spustim adw zasa mi nabehne to okno...

[JaRon]

pokracuj bodom 2

[nanka295]

dokoncilo mi scan a neviem co s tym teraz, mam tam zaskrtnut nieco viac a vymazat alebo co dalej?...posielam print screen

[JaRon]

zaskrtni vsetky najdene a daj odstranit oznacene + restart a zopakuj kontrolu

[nanka295]

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2012.12.14.11

Windows Vista Service Pack 1 x64 NTFS
Internet Explorer 7.0.6001.18000
Ivana & Peter :: IAP-PC [administrátor]

10/01/2013 15:05:24
mbam-log-2013-01-10 (15-05-24).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 222414
Uplynulý čas: 2 minut, 21 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[JaRon]

skontroluj s ADWCleanerom - volba search - log vloz

[nanka295]

# AdwCleaner v2.105 - Logfile created 01/10/2013 at 15:22:13
# Updated 08/01/2013 by Xplode
# Operating system : Windows (TM) Vista Home Premium Service Pack 1 (64 bits)
# User : Ivana & Peter - IAP-PC
# Boot Mode : Normal
# Running from : C:\Users\Ivana & Peter\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : BrowserProtect

***** [Files / Folders] *****

File Found : C:\END
File Found : C:\user.js
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\DVDVideoSoftTB
Folder Found : C:\Program Files (x86)\Ironsource
Folder Found : C:\Program Files (x86)\SweetIM
Folder Found : C:\Program Files (x86)\yourfiledownloader
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\Users\Ivana & Peter\AppData\Local\Conduit
Folder Found : C:\Users\Ivana & Peter\AppData\Local\Smartbar
Folder Found : C:\Users\Ivana & Peter\AppData\Local\SwvUpdater
Folder Found : C:\Users\Ivana & Peter\AppData\LocalLow\Claro LTD
Folder Found : C:\Users\Ivana & Peter\AppData\LocalLow\Conduit
Folder Found : C:\Users\Ivana & Peter\AppData\LocalLow\DVDVideoSoftTB
Folder Found : C:\Users\Ivana & Peter\AppData\LocalLow\Ironsource
Folder Found : C:\Users\Ivana & Peter\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Ivana & Peter\AppData\LocalLow\Smartbar
Folder Found : C:\Users\Ivana & Peter\AppData\LocalLow\SweetIM
Folder Found : C:\Users\Ivana & Peter\AppData\Roaming\Babylon
Folder Found : C:\Users\Ivana & Peter\AppData\Roaming\Claro
Folder Found : C:\Users\Ivana & Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Folder Found : C:\Users\Ivana & Peter\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Ivana & Peter\AppData\Roaming\yourfiledownloader
Folder Found : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Folder Found : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}

***** [Registry] *****

Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\251005~1.80\{c16c1~1\browse~1.dll
Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\251005~1.80\{c16c1~1\browserprotect.dll
Key Found : HKCU\Software\APN DTX
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Default Tab
Key Found : HKCU\Software\Ironsource
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{069B290F-5398-4629-A009-85B4BCB4B1B9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\searchya
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Found : HKCU\Software\SmartbarBackup
Key Found : HKCU\Software\SmartbarLog
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\SweetIM
Key Found : HKCU\Software\YourFileDownloader
Key Found : HKCU\Software\a53de8ce13be410
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
Key Found : HKLM\SOFTWARE\Classes\esrv.searchyaESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.searchyaESrvc.1
Key Found : HKLM\SOFTWARE\Classes\I
Key Found : HKLM\SOFTWARE\Classes\ironsource.searchyaappCore
Key Found : HKLM\SOFTWARE\Classes\ironsource.searchyaappCore.1
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\sim-packages
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{69332529-EEC8-4D0D-9FD3-202C4AE8E589}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\Default Tab
Key Found : HKLM\Software\DVDVideoSoftTB
Key Found : HKLM\Software\Ironsource
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Found : HKLM\Software\SweetIM
Key Found : HKLM\SOFTWARE\Wow6432Node\a53de8ce13be410
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{471B163C-D832-47CF-87B9-70EC803DA402}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{54B24FA9-87E8-47FC-8589-F9D382D8B299}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5B45AC88-523C-431E-86D7-F339B2EE262E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6801410E-CC88-42D6-A93B-909E95645407}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8B0C188C-F6F3-484D-8225-E40262DDE633}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2E9A2DCB-F5DB-40D0-8E62-3B47DD476A77}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{59B23951-2232-4AFB-81D4-64A8A16D457A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E522F1-9E90-47DD-A2CE-39B0C00274A0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8E096DFB-6AB7-45C7-BF64-B313C7096529}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{996A9940-2F2C-4486-A479-439C4A15F278}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9B7D44BA-376C-456F-B289-5034270322FD}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BD8FF26-2C71-4D35-9FE2-AD8D25AECC36}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCE6E914-AEF0-4FEE-8FC8-06F9B42BF890}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BD8D5FFA-4F92-48AD-BFBE-7896916656F5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C92E6D80-EC54-45CC-AC4B-A7CF42F11B52}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D1CB564E-F38A-4F2A-8257-60E3F8BE9F34}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F293BBC0-DA7E-4CF1-9EEA-CE90CFE0DF86}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FEFBC559-C3C7-4287-B05B-49D489B80749}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dcillohgikpecbmgioknapdpcjofaafl
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{346E3BDE-62C8-4108-AD8D-68CEBDBE0C7D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{819DC4CA-4FFF-4C2E-800D-F346471D99BC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF16AB07-DDF4-4276-BDE6-8BA5EEB114DF}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{069B290F-5398-4629-A009-85B4BCB4B1B9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\searchya
Key Found : HKLM\Software\YourFileDownloader
Key Found : HKLM\SOFTWARE\Classes\CLSID\{54B24FA9-87E8-47FC-8589-F9D382D8B299}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5B45AC88-523C-431E-86D7-F339B2EE262E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6801410E-CC88-42D6-A93B-909E95645407}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8B0C188C-F6F3-484D-8225-E40262DDE633}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2E9A2DCB-F5DB-40D0-8E62-3B47DD476A77}
Key Found : HKLM\SOFTWARE\Classes\Interface\{59B23951-2232-4AFB-81D4-64A8A16D457A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E522F1-9E90-47DD-A2CE-39B0C00274A0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8E096DFB-6AB7-45C7-BF64-B313C7096529}
Key Found : HKLM\SOFTWARE\Classes\Interface\{996A9940-2F2C-4486-A479-439C4A15F278}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9B7D44BA-376C-456F-B289-5034270322FD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BD8FF26-2C71-4D35-9FE2-AD8D25AECC36}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCE6E914-AEF0-4FEE-8FC8-06F9B42BF890}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BD8D5FFA-4F92-48AD-BFBE-7896916656F5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C92E6D80-EC54-45CC-AC4B-A7CF42F11B52}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D1CB564E-F38A-4F2A-8257-60E3F8BE9F34}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F293BBC0-DA7E-4CF1-9EEA-CE90CFE0DF86}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FEFBC559-C3C7-4287-B05B-49D489B80749}
Key Found : HKU\S-1-5-21-442449184-3834425570-3577496242-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-442449184-3834425570-3577496242-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKU\S-1-5-21-442449184-3834425570-3577496242-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Value Found : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6001.18639

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={2E77B870-55AC-11E2-A2C8-002215589A5A}
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www.claro-search.com/?affID=117452&tt=5 ... 225f0eded2
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={2E77B870-55AC-11E2-A2C8-002215589A5A}

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Ivana & Peter\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.12.1707.0

File : C:\Users\Ivana & Peter\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [16555 octets] - [10/01/2013 15:22:13]

########## EOF - C:\AdwCleaner[R1].txt - [16616 octets] ##########