Kamaratkín PC

[AggreSSor777]

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Verzia databázy: 6912

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

21. 6. 2011 23:04:08
mbam-log-2011-06-21 (23-04-01).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Objektov kontrolovaných: 380078
Uplynutý čas: 59 min, 42 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 1
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 36

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Adware.DoubleD) -> No action taken.

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\offline\36f1a852\3e688669\mydll.dll (Adware.DoubleD.Gen) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\offline\4f73e13a\3e688669\stbapp.dll (Adware.DoubleD.Gen) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\offline\50ef6df6\3e688669\riched20smiley.dll (Adware.DoubleD) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\offline\6216a4bd\3e688669\stbyahoo8.dll (Adware.DoubleD.Gen) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\offline\628759c1\3e688669\stbolex.dll (Adware.DoubleD.Gen) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\offline\a26f7f7\3e688669\stbol.dll (Adware.DoubleD.Gen) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\offline\a53562f1\3e688669\aimactivexdll.dll (Adware.DoubleD.Gen) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\offline\b3ac8875\3e688669\stbmsn.dll (Adware.DoubleD.Gen) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\offline\bed3defb\3e688669\stbasst.exe (Adware.DoubleD) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\offline\c3c6c2cd\3e688669\stbie.dll (Adware.DoubleD.Gen) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\offline\c41b8701\3e688669\stbaol.dll (Adware.DoubleD.Gen) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\offline\c90eef64\3e688669\axgifanimator.dll (Adware.DoubleD) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\OFFLINE\CE8732D\3E688669\productinfo.dll (Adware.DoubleD) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\offline\d5797e3b\3e688669\stbyahoo9.dll (Adware.DoubleD.Gen) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\OFFLINE\mfilebagide.dll\bag\productinfo.dll (Adware.DoubleD) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\offline\mfilebagide.dll\bag\setup.exe (Adware.DoubleD) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\OFFLINE\mfilebagide.dll\bag\stbreaim.exe (Adware.DoubleD) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\OFFLINE\mfilebagide.dll\bag\stbrewlm.exe (Adware.DoubleD) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\OFFLINE\mfilebagide.dll\bag\stbrunwlm.exe (Adware.DoubleD) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\offline\mfilebagide.dll\bag\stbsh.dll (Adware.DoubleD) -> No action taken.
c:\documents and settings\all users.windows\application data\{bff03898-7f5c-48f9-b754-63c2ac64940c}\OFFLINE\mfilebagide.dll\bag\stbterm.exe (Adware.ColorSoft) -> No action taken.
c:\system volume information\_restore{562b986c-2c66-4dfe-afb9-48ef34e54668}\rp31\a0021799.dll (Adware.DoubleD.Gen) -> No action taken.
c:\system volume information\_restore{562b986c-2c66-4dfe-afb9-48ef34e54668}\rp31\a0021795.dll (Adware.DoubleD.Gen) -> No action taken.
c:\system volume information\_restore{562b986c-2c66-4dfe-afb9-48ef34e54668}\rp31\a0021797.dll (Adware.DoubleD.Gen) -> No action taken.
c:\system volume information\_restore{562b986c-2c66-4dfe-afb9-48ef34e54668}\rp31\a0021798.dll (Adware.DoubleD) -> No action taken.
c:\system volume information\_restore{562b986c-2c66-4dfe-afb9-48ef34e54668}\rp31\a0021800.dll (Adware.DoubleD.Gen) -> No action taken.
c:\system volume information\_restore{562b986c-2c66-4dfe-afb9-48ef34e54668}\rp31\a0021801.dll (Adware.DoubleD.Gen) -> No action taken.
c:\system volume information\_restore{562b986c-2c66-4dfe-afb9-48ef34e54668}\rp31\a0021802.dll (Adware.DoubleD.Gen) -> No action taken.
c:\system volume information\_restore{562b986c-2c66-4dfe-afb9-48ef34e54668}\rp31\a0021803.dll (Adware.DoubleD.Gen) -> No action taken.
c:\system volume information\_restore{562b986c-2c66-4dfe-afb9-48ef34e54668}\rp31\a0021804.exe (Adware.DoubleD) -> No action taken.
c:\system volume information\_restore{562b986c-2c66-4dfe-afb9-48ef34e54668}\rp31\a0021805.dll (Adware.DoubleD.Gen) -> No action taken.
c:\system volume information\_restore{562b986c-2c66-4dfe-afb9-48ef34e54668}\rp31\a0021806.dll (Adware.DoubleD.Gen) -> No action taken.
c:\system volume information\_restore{562b986c-2c66-4dfe-afb9-48ef34e54668}\rp31\a0021807.dll (Adware.DoubleD) -> No action taken.
c:\system volume information\_restore{562b986c-2c66-4dfe-afb9-48ef34e54668}\rp31\a0021809.dll (Adware.DoubleD.Gen) -> No action taken.
c:\system volume information\_restore{562b986c-2c66-4dfe-afb9-48ef34e54668}\rp31\a0021810.exe (Adware.DoubleD) -> No action taken.
c:\system volume information\_restore{562b986c-2c66-4dfe-afb9-48ef34e54668}\rp31\a0021812.dll (Adware.DoubleD) -> No action taken.

[vyosek]

Nalezy MBAMu smazte

Havet se usadila v bodech obnoveni - smazte je dle navodu kolegy riffa http://www.viry.cz/forum/viewtopic.php?f=11&t=47040

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix