VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

security tool

https://forum.viry.cz:443/viewtopic.php?t=104267

Stránka 1 z 2

security tool

Napsal: 01 zář 2010 12:45
od ria23
ahoj,
mam podobny problem ako monejska... viewtopic.php?f=13&t=92947 len ani po spusteni do nudzoveho rezimu sa mi neda spustit rsit, stale vypisuje info o tom ze nemam opravnenia na jeho spustenie a ani po kliknuti pravym tlacidlom /mam vistu/ neponukne moznost spustit ako spravca... viete mi poradit co s tym?
celkom ani neviem ako to tu presne funguje s moderatormi :( prosim teda nejakeho dobrovolnika surne o pomoc :)
diiik

Re: security tool

Napsal: 01 zář 2010 14:36
od Guty
skuz vypnout UAC

Re: security tool

Napsal: 01 zář 2010 14:56
od Diallix
Zdravim.

ria23, premenujte rsit.exe na a.exe a ulozte na lokalny disk (c:/)

Start --> " Start Search" - napiste CMD --> enter

Do cierneho okna napiste :

start c:\a.exe, popripade cmd.exe /k c:\a.exe a odentrujte.

Ak to nepojde, tak podla rady Guty, vypnite UAC. To urobite nasledovne :

Ovladacie panely --> Uzivatelske konta --> Turn User Account Control (UAC) on or off / Vypnut alebo zapnut UAC --> ODciarknite USE USER ACCOUNT CONTROL --> OK

- resetujte system a rsit, respektive a.exe spustite znova.

Re: security tool

Napsal: 01 zář 2010 19:36
od ria23
ahoj, nechce mi to ulozit, ani moznost na ulozenie neposkytne... :( resp vypise nieco ako ze ten link nie je aktivny... ak tomu ja laik rozumiem spravne

Re: security tool

Napsal: 01 zář 2010 19:45
od Rudy
Omlouvám se za vstup, píši na výslovnou žádost usera.

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Re: security tool

Napsal: 01 zář 2010 20:15
od ria23
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 4524

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

1. 9. 2010 21:12:45
mbam-log-2010-09-01 (21-12-45).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Objektov kontrolovaných: 219839
Uplynulý čas: 23 min, 20 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 271
Infikované registračné hodnoty: 13
Infikované položky registračných dát: 0
Infikované priečinky: 31
Infikované súbory: 97

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8e9cf769-3d3b-40eb-9e2d-76e7a205e4d2} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.asyncreporter (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{f1a1892c-2a6c-4817-98b4-ff81443cba20} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e25da6d6-c365-46cf-abaf-dc5893135d7a} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{09325003-167c-483d-a4ba-8b3122abb432} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6dd76b7b-6423-4df0-9a07-84a6cad973a0} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7f6cfb6a-9227-4bb8-b941-f2b067e76f51} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ab0ee208-df60-4fa7-a617-c4269760033e} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e12aeab6-7d12-4c07-8e36-5892efb4dafb} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e2f2c137-a782-4fb5-81af-086156f5eb0a} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f1d06c9f-51f0-4476-bede-5ddf91be304e} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f3a32df2-7413-4fb1-b575-1ac920a17b76} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.asyncreporter.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.cntntdic (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{02aed140-2b62-4b49-8b3b-179020cc39b9} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17bf1e05-c0e8-413c-bd1f-a481eea3b8e9} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{83b2fe06-ba20-4f7d-96c6-6fc3a4e877d3} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{b32966a2-f7c2-4362-a6cf-399ec8b44110} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cc7bd6f1-565c-47ce-a5bb-9c935e77b59d} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cfc16189-8a92-4a29-a940-60248385f426} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.cntntdic.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.cntntdisp (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.cntntdisp.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.dwnldr (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.dwnldr.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.hbax (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.hbax.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.hbguru (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.hbguru.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.hbinfoband (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.hbinfoband.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.iebutton (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.iebutton.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.iebuttona (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.iebuttona.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.kopff (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{573f4abb-a1a2-44ed-9ba9-a8dad40aac46} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{71e02280-5212-45c3-b174-4d5a35da254f} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{396cfc12-932d-496b-a0a8-5d7201e105e1} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{60da826c-b1c6-4358-bdec-4837ced45470} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{74c22317-5b90-471f-9ad2-fec049870a16} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c1089f63-7afc-4538-b0eb-bea0f4225a57} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.kopff.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.mozillanvgtntrpr (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.mozillanvgtntrpr.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.mozillapsexecuter (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{5fe0ceae-cb69-40af-a323-40f94257dacb} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{65a16874-2ed0-460e-a547-5fe2ec3a13a7} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2721a8e5-bfdb-4562-9912-9e0531ca616c} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.mozillapsexecuter.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.reportdata (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.reportdata.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.reporter (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.reporter.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.rprtctrl (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.rprtctrl.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.scopes (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.scopes.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.stock (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.stock.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiate (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiate.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiateorrandomts (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.triggerimmidiateorrandomts.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.triggeronceinday (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\shopperreports.triggeronceinday.1 (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{21ba420e-161c-413a-b21e-4e42ae1f4226} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{453db0c5-f41c-4d97-8dd6-cc72ecd5f699} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{4afc07d0-59bb-46b8-b097-1a46e88eef71} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6511ce4c-4722-40d0-ad3d-4afa2f50978a} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{9bec9b38-bf39-4899-806e-a1c5dfeb60a2} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{b86d82bf-d39f-439a-a07c-43eddc6f6ea6} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{da6305b9-0869-4235-8c1d-533a65e639e5} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e6961c59-cfce-4ccd-b794-bc78db98413a} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{f8b4ec8a-2407-4be0-aee2-0f430d65a90d} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{0d82acd6-a652-4496-a298-2bde705f4227} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{7025e484-d4b0-441a-9f0b-69063bd679ce} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{8258b35c-05b8-4c0e-9525-9bccc70f8f2d} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{a89256ad-ec17-4a83-bef5-4b8bc4f39306} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{dee758b4-c3fb-4a5b-9939-848b9c77a2fb} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{acc62306-9a63-4864-bd2f-c8825d2d7ea6} (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89f88394-3828-4d03-a0cf-8203604c3da6} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d4233f04-1789-483c-a137-731e8f113dd5} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{819ffe20-35c7-4925-8cda-4e0e2db94302} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{819ffe21-35c7-4925-8cda-4e0e2db94302} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{819ffe22-35c7-4925-8cda-4e0e2db94302} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{799391d3-eb86-4bac-9bd3-cbfea58a0e15} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d858dafc-9573-4811-b323-7011a3aa7e61} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\questdns (Adware.QuestDns) -> No action taken.
HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.multiplebutton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.multiplebutton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.urlalertbutton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.urlalertbutton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestDns (Adware.QuestDns) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MyWebSearchService (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QuestDns Service (Adware.QuestDns) -> No action taken.

Infikované registračné hodnoty:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\86115 (Rogue.SecurityTool) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar search scope monitor (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\Environment\evapp (Rogue.Antivir2010) -> No action taken.
HKEY_CURRENT_USER\Environment\evuninst (Rogue.Antivir2010) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3popularscreensavers (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\shopperreports 3.0.489.0 (Adware.HotBar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\srs_it_e879027ebc76585137a891 (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\funwebproducts (Adware.MyWebSearch) -> No action taken.

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
C:\ProgramData\QuestDns (Adware.QuestDns) -> No action taken.
C:\Users\Dominik_2\AppData\Roaming\ShopperReports3 (Adware.ShopperReports) -> No action taken.
C:\Program Files\Common Files\Uninstall\AV (Rogue.Antivir2010) -> No action taken.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Installr (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Installr\1.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Installr\setups (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\chrome (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Overlay (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
C:\Program Files\QuestDns (Adware.QuestDns) -> No action taken.
C:\Program Files\ShopperReports3 (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0 (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports (Adware.ShopperReports) -> No action taken.

Infikované súbory:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> No action taken.
C:\Users\Dominik_2\AppData\Local\86115.exe (Rogue.SecurityTool) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\Pltfrm.dll (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\CntntCntr.dll (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReports.dll (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\CmndFF.dll (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\mozillaps.dll (Adware.ShopperReports) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\BRNstIE.dll (Adware.ShopperReports) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL (PUP.FunWebProducts) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3REGHK.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3DLGHK.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSMLBTN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSUABTN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\QuestDns\questdns.dll (Adware.Agent.Gen) -> No action taken.
C:\Program Files\QuestDns\questdns.exe (Adware.QuestDns) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReportsUninstaller.exe (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> No action taken.
C:\ProgramData\QuestDns\questdns115.exe (Adware.QuestDns) -> No action taken.
C:\Windows\System32\f3PSSavr.scr (Adware.MyWebSearch) -> No action taken.
C:\Windows\Temp\QUE494E.tmp\upgrade.exe (Adware.Dropper.Gen) -> No action taken.
C:\Program Files\Common Files\Uninstall\AV\Uninstall.lnk (Rogue.Antivir2010) -> No action taken.
C:\Program Files\FunWebProducts\Installr\1.bin\F3PLUGIN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Installr\1.bin\NPFUNWEB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\CHROME.MANIFEST (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\INSTALL.RDF (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Overlay\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\QuestDns\uninstall.exe (Adware.QuestDns) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\link.ico (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar (Adware.ShopperReports) -> No action taken.
C:\Program Files\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\About Us.lnk (Adware.ShopperReports) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\Customer Support.lnk (Adware.ShopperReports) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\ShopperReports Uninstall Instructions.lnk (Adware.ShopperReports) -> No action taken.
C:\Users\Dominik_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> No action taken.

Re: security tool

Napsal: 01 zář 2010 20:23
od ria23
halo halo :) dufam ze som to urobila spravne ...

Re: security tool

Napsal: 01 zář 2010 20:36
od Rudy
Ano, správně. Všechny položky, které MBAM nalezl, smažte. Pak zkuste znovu log z RSIT.

Re: security tool

Napsal: 01 zář 2010 20:51
od ria23
Logfile of random's system information tool 1.08 (written by random/random)
Run by Dominik_2 at 2010-09-01 21:49:07
Microsoft Windows 7 Home Premium
System drive C: has 206 GB (80%) free of 259 GB
Total RAM: 3033 MB (67% free)


======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-571955361-2284274627-2277413330-1006Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-571955361-2284274627-2277413330-1006UA.job
C:\windows\tasks\Norton Security Scan for Dominik_2.job
C:\windows\tasks\RegPowerClean.job
C:\windows\tasks\RPCReminder.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
MediaBar - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-04-10 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-09-01 1619296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-06-30 2102600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-24 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-01 842296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e6570cd8-9978-4621-b1f9-6a62436f0466}]
Softonic VLC EN Toolbar - C:\Program Files\Softonic_VLC_EN\tbSof1.dll [2010-01-31 2166296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-24 263280]
{e6570cd8-9978-4621-b1f9-6a62436f0466} - Softonic VLC EN Toolbar - C:\Program Files\Softonic_VLC_EN\tbSof1.dll [2010-01-31 2166296]
{0974BA1E-64EC-11DE-B2A5-E43756D89593} - MediaBar - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll []
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-06-30 2102600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2008-03-26 163840]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-12-03 35184]
"VeriFaceManager"=C:\Program Files\Lenovo\VeriFace\PManage.exe []
"UpdateP2GShortCut"=C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-07-15 4081480]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-06-25 5064520]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-02-11 141848]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-02-11 175640]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-02-11 167448]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-04-10 202256]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-08-09 149280]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-09-01 2065760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-12-24 39408]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []
"Google Update"=C:\Users\Dominik_2\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-10 136176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-02-11 225792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
"DisableTaskMgr"=0
"DisableCMD"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"DisableCMD"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-01 21:43:40 ----D---- C:\Program Files\trend micro
2010-09-01 21:43:39 ----D---- C:\rsit
2010-09-01 21:39:44 ----A---- C:\AtmApInit.txt
2010-09-01 20:48:16 ----D---- C:\Users\Dominik_2\AppData\Roaming\Malwarebytes
2010-09-01 20:48:11 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys
2010-09-01 20:48:10 ----D---- C:\ProgramData\Malwarebytes
2010-09-01 20:48:10 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-09-01 20:48:10 ----A---- C:\windows\system32\drivers\mbam.sys
2010-09-01 13:02:29 ----D---- C:\windows\RegLooks
2010-09-01 12:24:01 ----A---- C:\windows\ntbtlog.txt
2010-09-01 00:45:30 ----HD---- C:\$AVG
2010-09-01 00:26:40 ----A---- C:\windows\system32\drivers\avgrkx86.sys
2010-09-01 00:26:40 ----A---- C:\windows\system32\avgrsstx.dll
2010-09-01 00:26:38 ----A---- C:\windows\system32\drivers\avgtdix.sys
2010-09-01 00:26:30 ----A---- C:\windows\system32\drivers\avgldx86.sys
2010-09-01 00:26:28 ----D---- C:\windows\system32\drivers\Avg
2010-09-01 00:26:28 ----A---- C:\windows\system32\drivers\avgmfx86.sys
2010-09-01 00:26:25 ----D---- C:\ProgramData\AVG Security Toolbar
2010-09-01 00:23:54 ----D---- C:\Program Files\AVG
2010-09-01 00:23:38 ----D---- C:\ProgramData\avg9
2010-08-24 20:19:12 ----A---- C:\windows\system32\drivers\tcpip.sys
2010-08-24 20:19:00 ----A---- C:\windows\system32\oleaut32.dll
2010-08-24 20:18:58 ----A---- C:\windows\system32\ir32_32.dll
2010-08-24 20:18:58 ----A---- C:\windows\system32\iccvid.dll
2010-08-24 20:18:56 ----A---- C:\windows\system32\rtutils.dll
2010-08-24 20:18:53 ----A---- C:\windows\system32\msxml3.dll
2010-08-24 20:18:41 ----A---- C:\windows\system32\drivers\srvnet.sys
2010-08-24 20:18:41 ----A---- C:\windows\system32\drivers\srv2.sys
2010-08-24 20:18:41 ----A---- C:\windows\system32\drivers\srv.sys
2010-08-24 20:18:40 ----A---- C:\windows\system32\ntoskrnl.exe
2010-08-24 20:18:40 ----A---- C:\windows\system32\ntkrnlpa.exe
2010-08-24 20:18:36 ----A---- C:\windows\system32\mshtml.dll
2010-08-24 20:18:35 ----A---- C:\windows\system32\ieframe.dll
2010-08-24 20:18:34 ----A---- C:\windows\system32\wininet.dll
2010-08-24 20:18:34 ----A---- C:\windows\system32\urlmon.dll
2010-08-24 20:18:34 ----A---- C:\windows\system32\mstime.dll
2010-08-24 20:18:34 ----A---- C:\windows\system32\msfeedsbs.dll
2010-08-24 20:18:34 ----A---- C:\windows\system32\jsproxy.dll
2010-08-24 20:18:34 ----A---- C:\windows\system32\ieui.dll
2010-08-24 20:18:34 ----A---- C:\windows\system32\iepeers.dll
2010-08-24 20:18:34 ----A---- C:\windows\system32\iedkcs32.dll
2010-08-24 20:18:33 ----A---- C:\windows\system32\msfeedssync.exe
2010-08-24 20:18:29 ----A---- C:\windows\system32\schannel.dll
2010-08-24 20:18:28 ----A---- C:\windows\system32\win32k.sys
2010-08-09 12:07:32 ----D---- C:\Users\Dominik_2\AppData\Roaming\LimeWire
2010-08-09 12:06:56 ----A---- C:\windows\system32\javaws.exe
2010-08-09 12:06:56 ----A---- C:\windows\system32\javaw.exe
2010-08-09 12:06:56 ----A---- C:\windows\system32\java.exe
2010-08-09 12:06:56 ----A---- C:\windows\system32\deploytk.dll
2010-08-09 12:06:46 ----D---- C:\Program Files\Java
2010-08-09 12:06:11 ----D---- C:\Program Files\LimeWire
2010-08-04 19:01:12 ----A---- C:\windows\system32\shell32.dll
2010-08-04 18:53:42 ----D---- C:\ProgramData\2A13D

======List of files/folders modified in the last 1 months======

2010-09-01 21:49:07 ----D---- C:\windows\Temp
2010-09-01 21:43:40 ----RD---- C:\Program Files
2010-09-01 21:38:55 ----D---- C:\windows\system32\config
2010-09-01 21:38:32 ----D---- C:\windows\system32\drivers
2010-09-01 21:38:32 ----D---- C:\windows\Panther
2010-09-01 21:37:53 ----HD---- C:\ProgramData
2010-09-01 21:37:53 ----D---- C:\Program Files\Common Files\Uninstall
2010-09-01 21:37:52 ----D---- C:\windows\System32
2010-09-01 20:15:07 ----SD---- C:\Users\Dominik_2\AppData\Roaming\Microsoft
2010-09-01 13:02:29 ----D---- C:\Windows
2010-09-01 12:07:17 ----SHD---- C:\System Volume Information
2010-09-01 00:33:23 ----D---- C:\windows\winsxs
2010-09-01 00:23:21 ----SHD---- C:\windows\Installer
2010-09-01 00:23:16 ----D---- C:\Program Files\Common Files\microsoft shared
2010-09-01 00:10:10 ----D---- C:\windows\Prefetch
2010-09-01 00:05:04 ----D---- C:\ProgramData\McAfee
2010-09-01 00:05:04 ----D---- C:\Program Files\Common Files
2010-09-01 00:03:57 ----D---- C:\windows\Tasks
2010-09-01 00:03:57 ----D---- C:\windows\system32\Tasks
2010-09-01 00:03:47 ----D---- C:\windows\system32\catroot
2010-08-28 16:07:48 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-08-26 14:05:02 ----D---- C:\windows\Microsoft.NET
2010-08-26 14:04:32 ----RSD---- C:\windows\assembly
2010-08-26 12:34:02 ----D---- C:\windows\AppPatch
2010-08-26 12:34:01 ----D---- C:\windows\system32\migration
2010-08-26 12:34:01 ----D---- C:\Program Files\Internet Explorer
2010-08-26 12:31:42 ----D---- C:\ProgramData\Microsoft Help
2010-08-24 20:18:24 ----D---- C:\windows\system32\catroot2
2010-08-24 19:37:31 ----D---- C:\windows\system32\NDF
2010-08-09 20:01:15 ----D---- C:\Users\Dominik_2\AppData\Roaming\vlc
2010-08-06 10:14:23 ----D---- C:\Program Files\BearShare Applications
2010-08-06 07:45:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-06 07:45:57 ----D---- C:\Program Files\Electronic Arts
2010-08-06 07:41:33 ----D---- C:\windows\system32\DriverStore
2010-08-06 07:41:33 ----D---- C:\windows\inf
2010-08-06 07:41:31 ----D---- C:\Program Files\Common Files\Apple
2010-08-03 20:09:31 ----A---- C:\windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AvgRkx86;avgrkx86.sys; C:\windows\System32\Drivers\avgrkx86.sys [2010-09-01 52872]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-04-01 691696]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\windows\System32\Drivers\avgldx86.sys [2010-09-01 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\windows\System32\Drivers\avgmfx86.sys [2010-09-01 29584]
R1 AvgTdiX;AVG Network Redirector; C:\windows\System32\Drivers\avgtdix.sys [2010-09-01 243024]
R1 funfrm;funfrm; C:\windows\system32\drivers\funfrm.sys [2009-10-26 54800]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\windows\system32\DRIVERS\Apfiltr.sys [2008-03-14 169008]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-05-31 260648]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-08-13 2506232]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
R3 Cam5607;Lenovo EasyCamera ; C:\windows\System32\Drivers\BisonC07.sys [2009-06-26 1168880]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT32.sys [2009-06-15 475648]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-02-11 6282752]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\windows\system32\drivers\IntcHdmi.sys [2009-05-25 122368]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S0 sfsync03;StarForce Protection Synchronization Driver (version 3.x); C:\windows\System32\drivers\sfsync03.sys [2005-12-06 35328]
S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\windows\System32\drivers\sfvfs02.sys [2005-11-03 63488]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 ay1hn7je;ay1hn7je; C:\windows\system32\drivers\ay1hn7je.sys []
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-14 229888]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-07-30 171520]
S3 RtsUIR;Realtek IR Driver; C:\windows\system32\DRIVERS\Rts516xIR.sys []
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\windows\system32\DRIVERS\RtsUCcid.sys []
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-09-01 308136]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-07-01 582944]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-10 136176]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-06-30 431432]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-24 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-07-10 1343400]

-----------------EOF-----------------

co teraz?:)

Re: security tool

Napsal: 01 zář 2010 21:51
od Rudy
Ještě poprosím o log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Re: security tool

Napsal: 01 zář 2010 22:16
od ria23
este stale sa to tvari ze nieco robi :)

Re: security tool

Napsal: 01 zář 2010 22:23
od ria23
ComboFix 10-09-01.02 - Dominik_2 . 09. 2010 23:07:44.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.421.1051.18.3033.1919 [GMT 2:00]
Running from: c:\users\Dominik_2\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Common Files\Uninstall
c:\users\Dominik_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\WDICT32.INI
c:\users\Dominik_2\AppData\Local\Microsoft\Windows\Temporary Internet Files\WTRAN32.INI
c:\windows\system\BisonC07.dll
c:\windows\system\BisonV07.dll

.
((((((((((((((((((((((((( Files Created from 2010-08-01 to 2010-09-01 )))))))))))))))))))))))))))))))
.

2010-09-01 21:12 . 2010-09-01 21:12 -------- d-----w- c:\users\Dominik_2\AppData\Local\temp
2010-09-01 21:12 . 2010-09-01 21:12 -------- d-----w- c:\users\Dominik\AppData\Local\temp
2010-09-01 21:12 . 2010-09-01 21:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-01 20:56 . 2010-09-01 20:57 -------- d-----w- C:\32788R22FWJFW
2010-09-01 19:43 . 2010-09-01 19:49 -------- d-----w- c:\program files\trend micro
2010-09-01 19:43 . 2010-09-01 19:49 -------- d-----w- C:\rsit
2010-09-01 18:48 . 2010-09-01 18:48 -------- d-----w- c:\users\Dominik_2\AppData\Roaming\Malwarebytes
2010-09-01 18:48 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-01 18:48 . 2010-09-01 18:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-01 18:48 . 2010-09-01 18:48 -------- d-----w- c:\programdata\Malwarebytes
2010-09-01 18:48 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-01 11:02 . 2010-09-01 11:02 -------- d-----w- c:\windows\RegLooks
2010-08-31 22:45 . 2010-08-31 22:45 -------- d-----w- C:\$AVG
2010-08-31 22:26 . 2010-08-31 22:26 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-08-31 22:26 . 2010-08-31 22:26 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-08-31 22:26 . 2010-08-31 22:26 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-08-31 22:26 . 2010-08-31 22:26 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-08-31 22:26 . 2010-09-01 19:42 -------- d-----w- c:\windows\system32\drivers\Avg
2010-08-31 22:26 . 2010-08-31 22:26 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-08-31 22:26 . 2010-08-31 22:29 -------- d-----w- c:\programdata\AVG Security Toolbar
2010-08-31 22:23 . 2010-08-31 22:23 -------- d-----w- c:\program files\AVG
2010-08-31 22:23 . 2010-08-31 22:23 -------- d-----w- c:\programdata\avg9
2010-08-31 22:15 . 2010-08-31 22:15 2146200 ----a-w- c:\users\Dominik\avg_avwt_stb_all_9_117.exe
2010-08-31 21:56 . 2010-08-31 21:56 2146472 ----a-w- c:\users\Dominik_2\avg_afwt_stb_all_9_117.exe
2010-08-24 18:19 . 2010-06-14 06:12 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-08-24 18:19 . 2010-04-07 07:10 571904 ----a-w- c:\windows\system32\oleaut32.dll
2010-08-09 10:07 . 2010-08-09 10:07 -------- d-----w- c:\users\Dominik_2\AppData\Roaming\LimeWire
2010-08-09 10:06 . 2010-08-09 10:06 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-08-09 10:06 . 2010-08-09 10:06 -------- d-----w- c:\program files\Java
2010-08-09 10:06 . 2010-08-09 10:07 -------- d-----w- c:\program files\LimeWire
2010-08-04 16:53 . 2010-08-04 16:53 -------- d-----w- c:\programdata\2A13D

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-01 19:56 . 2010-01-21 15:21 -------- d-----w- c:\program files\FlatOut2
2010-08-31 22:05 . 2009-09-23 01:29 -------- d-----w- c:\programdata\McAfee
2010-08-28 14:07 . 2010-03-16 18:36 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-08-26 10:31 . 2009-09-23 01:20 -------- d-----w- c:\programdata\Microsoft Help
2010-08-09 18:01 . 2010-04-01 18:08 -------- d-----w- c:\users\Dominik_2\AppData\Roaming\vlc
2010-08-06 08:14 . 2010-07-21 18:24 -------- d-----w- c:\program files\BearShare Applications
2010-08-06 05:45 . 2009-12-23 15:57 -------- d-----w- c:\program files\Electronic Arts
2010-08-06 05:45 . 2009-09-23 01:13 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-06 05:41 . 2010-01-19 16:40 -------- d-----w- c:\program files\Common Files\Apple
2010-07-29 06:30 . 2010-08-24 18:18 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-08-24 18:18 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-07-21 18:24 . 2010-07-21 18:24 -------- d-----w- c:\programdata\303CB
2010-07-21 18:14 . 2010-07-21 18:14 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-07-11 19:18 . 2010-07-11 19:18 -------- d-----w- c:\programdata\Winferno
2010-07-11 19:15 . 2010-07-11 19:14 -------- d-----w- c:\program files\BitZipper
2010-07-11 19:14 . 2010-07-11 19:14 -------- d-----w- c:\users\Dominik_2\AppData\Roaming\BitZipper
2010-07-11 19:13 . 2010-07-11 19:13 -------- d-----w- c:\program files\Winferno
2010-07-11 18:48 . 2010-01-19 16:43 -------- d-----w- c:\users\Dominik_2\AppData\Roaming\Apple Computer
2010-07-11 18:47 . 2010-07-11 18:47 -------- d-----w- c:\program files\Safari
2010-07-11 18:47 . 2010-01-19 16:41 -------- d-----w- c:\programdata\Apple Computer
2010-07-11 18:47 . 2010-07-11 18:47 -------- d-----w- c:\program files\Bonjour
2010-07-11 11:15 . 2010-07-11 11:15 -------- d-----w- c:\program files\RadioBar
2010-07-10 07:25 . 2009-12-24 13:10 -------- d-----w- c:\program files\Google
2010-06-30 06:25 . 2010-08-24 18:18 978432 ----a-w- c:\windows\system32\wininet.dll
2010-06-22 02:47 . 2010-08-24 18:18 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-22 02:47 . 2010-08-24 18:18 307200 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-06-22 02:47 . 2010-08-24 18:18 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-06-19 06:33 . 2010-08-24 18:18 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-06-19 06:33 . 2010-08-24 18:18 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-19 06:23 . 2010-08-24 18:18 37376 ----a-w- c:\windows\system32\rtutils.dll
2010-06-19 04:07 . 2010-08-24 18:18 2326016 ----a-w- c:\windows\system32\win32k.sys
2010-06-16 05:48 . 2010-08-24 18:18 224256 ----a-w- c:\windows\system32\schannel.dll
2010-06-08 06:02 . 2010-08-24 18:18 1233920 ----a-w- c:\windows\system32\msxml3.dll
2010-06-04 10:29 . 2010-06-04 10:29 71992 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-06-30 2102600]
"{e6570cd8-9978-4621-b1f9-6a62436f0466}"= "c:\program files\Softonic_VLC_EN\tbSof1.dll" [2010-01-31 2166296]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_CLASSES_ROOT\clsid\{e6570cd8-9978-4621-b1f9-6a62436f0466}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2010-06-30 12:23 2102600 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e6570cd8-9978-4621-b1f9-6a62436f0466}]
2010-01-31 09:25 2166296 ----a-w- c:\program files\Softonic_VLC_EN\tbSof1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e6570cd8-9978-4621-b1f9-6a62436f0466}"= "c:\program files\Softonic_VLC_EN\tbSof1.dll" [2010-01-31 2166296]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-06-30 2102600]

[HKEY_CLASSES_ROOT\clsid\{e6570cd8-9978-4621-b1f9-6a62436f0466}]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E6570CD8-9978-4621-B1F9-6A62436F0466}"= "c:\program files\Softonic_VLC_EN\tbSof1.dll" [2010-01-31 2166296]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-06-30 2102600]

[HKEY_CLASSES_ROOT\clsid\{e6570cd8-9978-4621-b1f9-6a62436f0466}]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-24 39408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Google Update"="c:\users\Dominik_2\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-07-10 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-12-03 35184]
"UpdateP2GShortCut"="c:\program files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-07-15 4081480]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-06-25 5064520]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-10 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-10 175640]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-10 167448]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-04-10 202256]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-08-09 149280]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-08-31 2065760]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-7-1 795936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\System32\drivers\sfsync03.sys [2005-12-06 35328]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-10 136176]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-06-30 431432]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2009-07-30 171520]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-10 1343400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-04-01 691696]
S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [2010-08-31 52872]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-08-31 216400]
S1 AvgTdiX;AVG Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-08-31 243024]
S1 funfrm;funfrm; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-08-31 308136]
S2 IGRS;IGRS;c:\program files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-25 122368]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
.
Contents of the 'Scheduled Tasks' folder

2010-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-10 07:24]

2010-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-10 07:24]

2010-08-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-571955361-2284274627-2277413330-1006Core.job
- c:\users\Dominik_2\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-11 07:24]

2010-09-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-571955361-2284274627-2277413330-1006UA.job
- c:\users\Dominik_2\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-11 07:24]

2010-08-30 c:\windows\Tasks\Norton Security Scan for Dominik_2.job
- c:\program files\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2010-01-31 22:51]

2010-09-01 c:\windows\Tasks\RegPowerClean.job
- c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe [2010-07-11 12:48]

2010-09-01 c:\windows\Tasks\RPCReminder.job
- c:\program files\Winferno\RegistryPowerCleaner\RPCReminder.exe [2010-07-11 12:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://lenovo.live.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
.
- - - - ORPHANS REMOVED - - - -

BHO-{0974BA1E-64EC-11DE-B2A5-E43756D89593} - c:\program files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll
Toolbar-Locked - (no file)
Toolbar-{0974BA1E-64EC-11DE-B2A5-E43756D89593} - c:\program files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll
WebBrowser-{5B291E6C-9A74-4034-971B-A4B007A0B315} - (no file)
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKCU-Run-RGSC - c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
HKCU-Run-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe
HKLM-Run-VeriFaceManager - c:\program files\Lenovo\VeriFace\PManage.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
AddRemove-Diff Doc_is1 - c:\program files\Softinterface


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-571955361-2284274627-2277413330-1006\Software\SecuROM\License information*]
"datasecu"=hex:ae,52,cd,a4,38,b4,ef,fe,13,bf,c1,f9,3f,84,46,dd,93,d7,78,a0,d3,
15,ec,f5,89,46,90,92,5e,32,83,e9,9d,0e,6f,74,7a,1b,4f,5d,1d,23,64,17,07,3c,\
"rkeysecu"=hex:c5,de,b6,b3,61,da,91,f5,63,be,69,20,06,a7,78,d8

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-09-01 23:21:17
ComboFix-quarantined-files.txt 2010-09-01 21:21

Pre-Run: 216 175 648 768 bytes free
Post-Run: 217 721 761 792 bytes free

- - End Of File - - 2982D2A48883D2E90DD45E9084719228

Re: security tool

Napsal: 02 zář 2010 16:47
od ria23
mam s tym este nieco robit?:)

Re: security tool

Napsal: 02 zář 2010 17:42
od Rudy
5 položek CF smazal, zbytek logu vypadá čistý.

Re: security tool

Napsal: 02 zář 2010 17:47
od ria23
cize uz nemusim robit nic? a tie vecicky co som postahovala na plochu mozem vymazat? :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz