Telepitsd le a geprol az c:\program files\Spybot - Search & Destroy>.ez mar csak a muzeumba valo.

Kinyitunk - Notepadot (Jegyzetfüzetet)igy: Start>futtatás>beírod: notepad
és bemásolod- a Kód: címszó alatt található zöld textet(Kód: szó nélkül), aztán a notepadba beillesztett textet elmentjük scriptnek az asztalra , úgy:- Fájl>Mentés Másként>Fájlnév>CFScript.txt>Fájl típusa>Minden fájl>Mentés.(Ásztálra),.Kész, az astalon lévő CFScript txt húzzunk rá a ComboFix ikonnyara. Es mostan megcsinalod eztett:

A combofix maga elindul es lehet hogy restartol es befejezi a scent.Amit majd ad ted ide.


Ma mar vegzek, majd holnap befejezuk

pComboFix 11-07-15.02 - asd 011.07.15. 20:13:12.1.1 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.2.1250.36.1038.18.1023.372 [GMT 2:00]
Running from: c:\documents and settings\asd\Asztal\ComboFix.exe
AV: Sunbelt VIPRE *Disabled/Outdated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Sunbelt VIPRE *Disabled* {FF1CD5B7-1553-4625-A258-1775385CED33}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\page
c:\documents and settings\All Users\Application Data\page\page.ico
c:\documents and settings\All Users\Application Data\page\page.URL
c:\documents and settings\asd\Application Data\PriceGong
c:\documents and settings\asd\Application Data\PriceGong\Data\1.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\a.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\b.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\c.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\d.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\e.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\f.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\g.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\h.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\i.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\J.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\k.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\l.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\m.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\n.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\o.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\p.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\q.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\r.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\s.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\t.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\u.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\v.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\w.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\x.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\y.xml
c:\documents and settings\asd\Application Data\PriceGong\Data\z.xml
c:\documents and settings\asd\WINDOWS
c:\windows\daemon.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-06-15 to 2011-07-15 )))))))))))))))))))))))))))))))
.
.
2038-01-18 21:14 . 2038-01-18 21:14 143360 ----a-w- c:\windows\system32\GBKVBLE.dll
2011-07-15 17:29 . 2011-07-15 17:29 -------- d-----w- c:\documents and settings\asd\Application Data\Malwarebytes
2011-07-15 17:29 . 2011-07-15 17:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-07-15 17:29 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-15 17:29 . 2011-07-15 17:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-15 17:29 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-15 17:17 . 2011-07-15 17:17 -------- d-----w- c:\documents and settings\Rendszergazda
2011-07-15 17:01 . 2011-07-15 17:01 -------- d-----w- c:\documents and settings\asd\Local Settings\Application Data\Threat Expert
2011-07-15 16:50 . 2011-07-15 16:50 549 ----a-w- C:\fix.bat
2011-07-15 14:22 . 2011-07-15 14:22 388096 ----a-r- c:\documents and settings\asd\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-15 14:22 . 2011-07-15 14:22 -------- d-----w- c:\program files\Trend Micro
2011-07-15 14:09 . 2011-07-15 16:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2011-07-15 14:09 . 2011-07-15 14:10 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-07-15 13:30 . 2011-07-15 13:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Sunbelt
2011-07-15 13:29 . 2011-07-15 13:29 -------- d-----w- c:\documents and settings\asd\Application Data\Sunbelt
2011-07-15 13:21 . 2011-04-05 15:35 94040 ----a-w- c:\windows\system32\drivers\sbhips.sys
2011-07-15 13:21 . 2011-04-05 15:35 212568 ----a-w- c:\windows\system32\drivers\sbtis.sys
2011-07-15 13:21 . 2011-04-05 15:35 332248 ----a-w- c:\windows\system32\drivers\SbFw.sys
2011-07-15 13:21 . 2011-02-08 07:14 69208 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2011-07-11 20:37 . 2011-07-11 20:37 -------- d-----w- c:\documents and settings\asd\Application Data\SUPERAntiSpyware.com
2011-07-11 20:37 . 2011-07-11 20:37 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-07-11 20:36 . 2011-07-11 20:37 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-07-11 20:24 . 2011-07-11 20:24 -------- d-----w- c:\documents and settings\asd\Application Data\Sunbelt Software
2011-07-11 20:24 . 2011-07-11 20:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Sunbelt Software
2011-07-11 20:22 . 2011-07-15 13:19 -------- d-----w- c:\program files\Sunbelt Software
2011-07-11 19:54 . 2011-07-11 20:06 -------- d-----w- c:\program files\Common Files\PC Tools
2011-07-11 19:46 . 2011-07-11 20:00 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2011-07-11 19:24 . 2011-07-11 19:24 -------- d-----w- c:\program files\CCleaner
2011-07-11 19:23 . 2011-04-27 13:36 767952 ----a-w- c:\windows\BDTSupport.dll
2011-07-11 19:23 . 2011-04-27 13:37 149456 ----a-w- c:\windows\SGDetectionTool.dll
2011-07-11 19:23 . 2011-04-27 13:37 2074576 ----a-w- c:\windows\PCTBDCore.dll
2011-07-11 19:23 . 2011-04-27 13:37 1533904 ----a-w- c:\windows\PCTBDRes.dll
2011-07-11 19:22 . 2011-07-11 20:06 -------- d-----w- c:\program files\PC Tools Security
2011-07-11 19:16 . 2011-07-15 16:59 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2011-07-11 12:39 . 2011-07-11 12:39 -------- d-----w- c:\program files\MSSOAP
2011-07-11 12:39 . 2011-07-11 12:39 -------- d-----w- c:\program files\Webroot
2011-07-11 12:25 . 2011-07-11 12:25 -------- d-----w- c:\documents and settings\asd\Application Data\Tific
2011-07-11 12:25 . 2011-07-11 12:25 -------- d-----w- c:\documents and settings\asd\Local Settings\Application Data\Symantec
2011-07-11 12:17 . 2011-07-11 12:17 -------- d-----w- c:\program files\Windows Sidebar
2011-07-11 12:17 . 2011-07-11 13:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2011-07-08 20:03 . 2004-08-17 14:48 28672 ----a-w- c:\windows\system32\vidcap.ax
2011-07-08 20:03 . 2004-08-17 14:48 91136 ----a-w- c:\windows\system32\kswdmcap.ax
2011-07-08 20:03 . 2004-08-17 14:48 61952 ----a-w- c:\windows\system32\kstvtune.ax
2011-07-08 20:03 . 2004-08-17 14:47 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2011-07-08 20:03 . 2004-08-17 14:47 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2011-07-08 20:03 . 2004-08-17 14:48 43008 ----a-w- c:\windows\system32\ksxbar.ax
2011-07-08 20:02 . 2011-07-08 20:02 -------- d-----w- c:\windows\Album
2011-07-08 20:02 . 2011-07-08 20:02 -------- d-----w- c:\program files\Look 312P
2011-07-08 20:02 . 2011-07-08 20:02 -------- d-----w- c:\program files\Common Files\Look312P
2011-07-08 20:02 . 2005-06-27 16:24 184392 ----a-w- c:\windows\system32\VM31bPrp.Ax
2011-07-08 20:02 . 2004-03-19 16:11 90968 ----a-w- c:\windows\system32\drivers\usbVM31b.sys
2011-07-08 20:02 . 2003-05-15 15:17 61440 ----a-w- c:\windows\system32\VM31bSTI.dll
2011-07-08 12:38 . 2011-07-08 12:38 -------- d-----w- c:\documents and settings\asd\Application Data\Publish Providers
2011-07-08 12:35 . 2011-07-08 12:35 -------- d-----w- c:\documents and settings\asd\Local Settings\Application Data\Sony
2011-07-08 12:29 . 2011-07-08 12:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony
2011-07-08 12:29 . 2011-07-08 12:29 -------- d-----w- c:\program files\Sony
2011-07-08 12:22 . 2004-08-18 12:00 25600 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-07-08 12:19 . 2011-07-08 12:19 -------- d-----w- c:\program files\Windows Media Connect 2
2011-07-08 12:16 . 2011-07-08 12:17 -------- d-----w- c:\windows\system32\drivers\UMDF
2011-07-08 12:16 . 2011-07-08 12:16 -------- d-----w- c:\windows\system32\LogFiles
2011-07-08 12:11 . 2011-07-08 12:11 -------- d-----w- c:\program files\MSBuild
2011-07-08 12:02 . 2011-07-08 12:02 -------- d-----w- c:\windows\system32\XPSViewer
2011-07-08 12:01 . 2011-07-08 12:01 -------- d-----w- c:\program files\Reference Assemblies
2011-07-08 12:01 . 2006-10-14 14:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-07-08 12:01 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2011-07-08 11:56 . 2011-07-08 11:56 -------- d-----w- c:\documents and settings\asd\Application Data\Sony Setup
2011-07-08 11:45 . 2011-07-08 12:38 -------- d-----w- c:\documents and settings\asd\Application Data\Sony
2011-07-04 22:33 . 2011-07-04 22:33 -------- d-----w- c:\documents and settings\asd\Application Data\Xilisoft
2011-07-04 22:33 . 2011-07-04 22:33 -------- d-----w- c:\program files\Xilisoft
2011-07-04 22:33 . 2011-07-04 22:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Xilisoft
2011-07-04 22:31 . 2004-03-08 19:30 212240 ----a-w- c:\windows\system32\richtx32.ocx
2011-07-04 22:31 . 2011-07-04 22:31 -------- d-----w- c:\program files\Video Cutter
2011-07-04 22:28 . 2011-07-04 22:28 -------- d-----w- c:\program files\Free Video Cutter
2011-06-29 14:37 . 2011-06-30 10:09 -------- d-----w- c:\program files\Counter-Strike Source
2011-06-17 10:47 . 2009-03-18 15:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
2011-06-17 10:47 . 2011-06-17 10:47 -------- d-----w- c:\program files\LogMeIn Hamachi
2011-06-16 07:04 . 2011-06-16 07:04 922312 ----a-w- c:\windows\Grand Theft Auto_ San Andreas hun Uninstaller.exe
2011-06-16 06:40 . 2004-10-22 00:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2011-06-16 06:40 . 2004-10-22 00:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2011-06-16 06:40 . 2004-10-22 00:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2011-06-16 06:40 . 2004-10-22 00:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2011-06-16 06:40 . 2004-10-22 00:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2011-06-16 06:40 . 2011-06-16 06:40 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2011-06-16 06:40 . 2011-06-16 06:40 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2011-06-16 06:35 . 2011-06-16 06:35 -------- d-----w- c:\program files\AGEIA Technologies
2011-06-16 06:35 . 2011-06-16 06:35 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2011-06-16 06:34 . 2011-06-16 06:35 -------- d-----w- c:\program files\NVIDIA Corporation
2011-06-16 06:34 . 2010-01-12 04:03 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-06-16 06:34 . 2010-01-12 04:03 10276768 -c--a-w- c:\windows\system32\dllcache\nv4_mini.sys
2011-06-16 06:34 . 2010-01-12 04:03 10276768 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-06-16 06:34 . 2010-01-12 04:03 4104192 ----a-w- c:\windows\system32\nvcuda.dll
2011-06-16 06:34 . 2010-01-12 04:03 4077672 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-06-16 06:34 . 2010-01-12 04:03 2259560 ----a-w- c:\windows\system32\nvcuvid.dll
2011-06-16 06:34 . 2010-01-12 04:03 182888 ----a-w- c:\windows\system32\nvcodins.dll
2011-06-16 06:34 . 2010-01-12 04:03 182888 ----a-w- c:\windows\system32\nvcod.dll
2011-06-16 06:34 . 2010-01-12 04:03 14458880 ----a-w- c:\windows\system32\nvoglnt.dll
2011-06-16 06:34 . 2010-01-12 04:03 11632640 ----a-w- c:\windows\system32\nvcompiler.dll
2011-06-16 06:34 . 2010-01-12 04:03 1081344 ----a-w- c:\windows\system32\nvapi.dll
2011-06-16 06:33 . 2010-01-12 04:03 6359168 -c--a-w- c:\windows\system32\dllcache\nv4_disp.dll
2011-06-16 06:33 . 2010-01-12 04:03 6359168 ----a-w- c:\windows\system32\nv4_disp.dll
2011-06-16 06:33 . 2010-01-12 04:03 2283526 ----a-w- c:\windows\system32\nvdata.bin
2011-06-16 06:33 . 2011-06-16 06:33 -------- d-----w- C:\NVIDIA
2011-06-16 06:23 . 2007-03-16 08:11 12256 ----a-w- c:\windows\system32\drivers\TBPanel.sys
2011-06-16 06:23 . 2011-06-16 06:39 -------- d-----w- c:\program files\EXPERTool
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-08 14:38 . 2011-02-07 10:29 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-05-26 17:15 . 2011-05-26 17:10 21840 ----atw- c:\windows\system32\SIntfNT.dll
2011-05-26 17:15 . 2011-05-26 17:10 17212 ----atw- c:\windows\system32\SIntf32.dll
2011-05-26 17:15 . 2011-05-26 17:10 12067 ----atw- c:\windows\system32\SIntf16.dll
2011-05-21 14:09 . 2011-05-21 14:09 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2011-05-18 19:51 . 2011-05-18 19:51 7680 ----a-r- c:\documents and settings\asd\Application Data\Microsoft\Installer\{50595869-139F-466F-B6C3-7B58988A0F3A}\Icon50595869.exe
2011-05-11 14:55 . 2011-05-11 14:55 42832 ----a-w- c:\windows\system32\sbbd.exe
2011-04-29 12:15 . 2011-04-29 12:15 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}"= "c:\program files\IsoBuster\prxtbIsoB.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
2011-01-17 14:54 175912 ----a-w- c:\program files\IsoBuster\prxtbIsoB.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}"= "c:\program files\IsoBuster\prxtbIsoB.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6}"= "c:\program files\IsoBuster\prxtbIsoB.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-01-07 39408]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-04-22 399736]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"ALLUpdate"="c:\program files\OpenSubtitlesPlayer\ALLUpdate.exe" [2010-03-24 1432064]
"ISUSPM"="c:\documents and settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2010-04-28 3727411]
"GAINWARD"="c:\program files\EXPERTool\TBPanel.exe" [2008-07-03 2177576]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-06-15 15141768]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-06-30 2424192]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-13 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-13 163840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-13 135168]
"RTHDCPL"="RTHDCPL.EXE" [2009-08-14 18702336]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-05-25 1951112]
"PCTools FGuard"="c:\program files\PC Tools Security\BDT\FGuard.exe" [2011-01-07 108496]
"SBAMTray"="c:\program files\Sunbelt Software\CounterSpy\SBAMTray.exe" [2011-05-11 1353040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Indˇt˘pult\
MSI US54SE 802.11b+g USB Stick Utility.lnk - c:\program files\MSI\US54SE_Utility\ZDWlan.exe [2011-4-18 483328]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Sierra\\Empire Earth - The Art of Conquest\\EE-AOC.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2011\\fm.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Counter-Strike 1.6 V40\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Counter-Strike Source\\hl2.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5023:TCP"= 5023:TCP:ybdgyns
.
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2011.01.31. 20:36 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2011.01.31. 20:36 5248]
R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [2011.02.02. 21:45 40560]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2011.01.31. 20:36 664064]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2011.07.15. 15:21 332248]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011.04.29. 14:15 101720]
R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [2011.07.15. 15:21 212568]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011.05.25. 17:29 1336712]
R2 SBAMSvc;VIPRE Antivirus Premium;c:\program files\Sunbelt Software\CounterSpy\SBAMSvc.exe [2011.05.11. 16:54 2804280]
R2 SBPIMSvc;SB Recovery Service;c:\program files\Sunbelt Software\CounterSpy\SBPIMSvc.exe [2011.05.11. 16:54 181584]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2011.07.15. 15:21 69208]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2010.02.17. 20:25 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010.05.10. 20:41 67656]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [2011.07.11. 21:23 337872]
S2 gupdate;Google frissítési szolgáltatás (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011.01.07. 21:25 136176]
S3 abtedxjb;abtedxjb;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2011.01.07. 1:11 1684736]
S3 bsvxq;bsvxq;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 chvahk;chvahk;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 cvygyik;cvygyik;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2011.05.21. 16:09 23456]
S3 eckcs;eckcs;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 efmocrxpa;efmocrxpa;\??\c:\windows\system32\04.tmp --> c:\windows\system32\04.tmp [?]
S3 fpdib;fpdib;\??\c:\windows\system32\04.tmp --> c:\windows\system32\04.tmp [?]
S3 geufcze;geufcze;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 gupdatem;Google frissítés Szolgáltatás (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011.01.07. 21:25 136176]
S3 hiivmdnmh;hiivmdnmh;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 ilpva;ilpva;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 iuxffsc;iuxffsc;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 jufbow;jufbow;\??\c:\windows\system32\04.tmp --> c:\windows\system32\04.tmp [?]
S3 lpzimwnf;lpzimwnf;\??\c:\windows\system32\04.tmp --> c:\windows\system32\04.tmp [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011.07.15. 19:29 38224]
S3 nmzgibh;nmzgibh;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 npaxfcfcm;npaxfcfcm;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 odqqf;odqqf;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 ozbjiug;ozbjiug;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 pmgfwxxt;pmgfwxxt;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [2011.07.15. 15:21 69208]
S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2011.07.15. 15:21 94040]
S3 sstllgbj;sstllgbj;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 ugesesdmd;ugesesdmd;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 uvgxzwidu;uvgxzwidu;\??\c:\windows\system32\05.tmp --> c:\windows\system32\05.tmp [?]
S3 wofmewuto;wofmewuto;\??\c:\windows\system32\04.tmp --> c:\windows\system32\04.tmp [?]
S3 wsnoli;wsnoli;\??\c:\windows\system32\037.tmp --> c:\windows\system32\037.tmp [?]
S3 ywuwadoxe;ywuwadoxe;\??\c:\windows\system32\04.tmp --> c:\windows\system32\04.tmp [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
boogpjq
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-07 19:25]
.
2011-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-07 19:25]
.
2011-07-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1417001333-839522115-1003Core.job
- c:\documents and settings\asd\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-08 09:40]
.
2011-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1417001333-839522115-1003UA.job
- c:\documents and settings\asd\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-08 09:40]
.
2011-07-15 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-05-17 11:29]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.bigseekpro.com/burn4free/{6E4ABB67-4173-4931-83F3-B948F529A920}
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Az összes letöltése Free Download Managerrel - file://c:\program files\Free Download Manager\dlall.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Kijelölés letöltése Free Download Managerrel - file://c:\program files\Free Download Manager\dlselected.htm
IE: Letöltés Free Download Managerrel - file://c:\program files\Free Download Manager\dllink.htm
IE: Video letöltése a Free Download Manager-rel - file://c:\program files\Free Download Manager\dlfvideo.htm
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\documents and settings\asd\Application Data\Mozilla\Firefox\Profiles\tv8iw28c.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT17003 ... hSource=13
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?clien ... YYYYYHU&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Foxit PDF Creator Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Burn4FreeDB Toolbar: {75656794-AB59-4712-BFBC-5D816D56F3BC} - %profile%\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: IsoBuster Community Toolbar: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - %profile%\extensions\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Browser Defender Toolbar: {cb84136f-9c44-433a-9048-c5cd9df1dc16} - c:\program files\PC Tools Security\BDT\Firefox
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\Ask.com\GenericAskToolbar.dll
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-fsm - (no file)
HKLM-Run-nwiz - nwiz.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-15 20:20
Windows 5.1.2600 Szervizcsomag 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\abtedxjb]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\bsvxq]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\chvahk]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\cvygyik]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\eckcs]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\efmocrxpa]
"ImagePath"="\??\c:\windows\system32\04.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\fpdib]
"ImagePath"="\??\c:\windows\system32\04.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\geufcze]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\hiivmdnmh]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ilpva]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\iuxffsc]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\jufbow]
"ImagePath"="\??\c:\windows\system32\04.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\lpzimwnf]
"ImagePath"="\??\c:\windows\system32\04.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\nmzgibh]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npaxfcfcm]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\odqqf]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ozbjiug]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\pmgfwxxt]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\sstllgbj]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ugesesdmd]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\uvgxzwidu]
"ImagePath"="\??\c:\windows\system32\05.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\wofmewuto]
"ImagePath"="\??\c:\windows\system32\04.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\wsnoli]
"ImagePath"="\??\c:\windows\system32\037.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ywuwadoxe]
"ImagePath"="\??\c:\windows\system32\04.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1409082233-1417001333-839522115-1003\Software\G*e*n*i*e*"!\FM Genie Scout 11]
"GameDir"="c:\\Documents and Settings\\asd\\Dokumentumok\\Sports Interactive\\Football Manager 2011\\games"
"ShortlistDir"=""
"FMPath"="c:\\Program Files\\Sports Interactive\\Football Manager 2011\\"
"ScreenshotsDir"="c:\\Documents and Settings\\asd\\Dokumentumok\\Sports Interactive\\Football Manager 2011"
"SaveDir"="c:\\Documents and Settings\\asd\\Dokumentumok\\Sports Interactive\\Football Manager 2011\\"
"HistoryDir"="c:\\FM Genie Scout 11\\History Points"
"LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2011\\data\\db\\1100\\lang_db.dat"
"LastSaveGame"="c:\\Documents and Settings\\asd\\Dokumentumok\\Sports Interactive\\Football Manager 2011\\games\\Névtelen játék (v02).fm"
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="FM 2011"
"LastUpdateCheck"=dword:00009e8a
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000080
"UniqueID"="D4-0C50-4A6F"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000003
"StaffSearchFeatureNum"=dword:00000001
"ClubSearchFeatureNum"=dword:00000000
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000000
"ExportFeatureNum"=dword:00000000
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000002
"HintsFeatureNum"=dword:00000000
"GenieReportFeatureNum"=dword:00000000
"TopFormationFeatureNum"=dword:00000000
"ScreenshotFeatureNum"=dword:00000000
"Currency"=dword:00000056
.
[HKEY_USERS\S-1-5-21-1409082233-1417001333-839522115-1003\Software\G*e*n*i*e*"!\FM Genie Scout 11g]
"PicturesNumber"=dword:00000000
.
[HKEY_USERS\S-1-5-21-1409082233-1417001333-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7A7AD7EE-49E4-160C-5335-14515801C9F6}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1409082233-1417001333-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EBE60B24-B82E-ECC6-547B-E53A3FA4E150}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"pacbddagpalkpppligmnboeldjpanbao"=hex:6a,61,67,6d,6d,65,6f,69,6a,67,6a,65,61,
68,6b,62,61,70,6d,69,00,69
"oamafgagingdljaoakhmephooemobp"=hex:6a,61,67,6d,6d,65,6f,69,6a,67,6a,65,61,68,
6b,62,61,70,6d,69,00,69
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(564)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
Completion time: 2011-07-15 20:24:28
ComboFix-quarantined-files.txt 2011-07-15 18:24
.
Pre-Run: 25 106 419 712 bájt szabad
Post-Run: 24 950 603 776 bájt szabad
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional - magyar" /noexecute=optin /fastdetect
.
- - End Of File - - BEB5FF4D42047C7D32996FCB9BFA6FA7

Ok, meg futtasd le a combofixet
http://www.virus-stell.com/2010/04/combofix.html
naplojat tedd ide.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Adatbázis verzió: 7149

Windows 5.1.2600 Szervizcsomag 2 (Safe Mode)
Internet Explorer 6.0.2900.2180

2011.07.15. 20:03:03
mbam-log-2011-07-15 (20-03-03).txt

Vizsgálat típusa: Teljes vizsgálat (C:\|D:\|)
Átvizsgált objektumok: 305840
Eltelt idő: 21 perc, 28 másodperc

Fertőzött memóriafolyamatok: 0
Fertőzött memória modulok: 0
Fertőzött Rendszerleíró kulcsok: 6
Fertőzött Rendszerleíró értékek: 4
Fertőzött Rendszerleíró adatelemek: 0
Fertőzött mappák: 0
Fertőzött fájlok: 11

Fertőzött memóriafolyamatok:
(Nem találhatók rosszindulatú elemek)

Fertőzött memória modulok:
(Nem találhatók rosszindulatú elemek)

Fertőzött Rendszerleíró kulcsok:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C749E08-6B62-11E0-B6DA-075F4824019B} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.

Fertőzött Rendszerleíró értékek:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Value: {DB38E21A-0133-419D-92AD-ECDFD5244D6D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Value: {EB620C54-E229-4942-87CE-E717109FC8C6} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Value: {EB620C54-E229-4942-87CE-E717109FC8C6} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{DB38E21A-0133-419d-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Value: {DB38E21A-0133-419d-92AD-ECDFD5244D6D} -> Quarantined and deleted successfully.

Fertőzött Rendszerleíró adatelemek:
(Nem találhatók rosszindulatú elemek)

Fertőzött mappák:
(Nem találhatók rosszindulatú elemek)

Fertőzött fájlok:
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\QVGZG5GR\beparda[1].bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
c:\program files\trend micro\hijackthis\backups\backup-20110715-163922-173.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\program files\trend micro\hijackthis\backups\backup-20110715-163922-296.dll (Spyware.GamePlayLabs) -> Quarantined and deleted successfully.
c:\system volume information\_restore{98cbc852-0bc6-48c7-bab4-5312d4b7cb9d}\RP105\A0015375.exe (Adware.ScanQuery) -> Quarantined and deleted successfully.
c:\system volume information\_restore{98cbc852-0bc6-48c7-bab4-5312d4b7cb9d}\RP114\A0017232.exe (Adware.ScanQuery) -> Quarantined and deleted successfully.
c:\system volume information\_restore{98cbc852-0bc6-48c7-bab4-5312d4b7cb9d}\RP141\A0024680.exe (Spyware.GamePlayLabs) -> Quarantined and deleted successfully.
c:\system volume information\_restore{98cbc852-0bc6-48c7-bab4-5312d4b7cb9d}\RP158\A0027690.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{98cbc852-0bc6-48c7-bab4-5312d4b7cb9d}\RP159\A0028319.exe (Adware.ScanQuery) -> Quarantined and deleted successfully.
c:\system volume information\_restore{98cbc852-0bc6-48c7-bab4-5312d4b7cb9d}\RP163\A0029695.dll (Spyware.GamePlayLabs) -> Quarantined and deleted successfully.
c:\system volume information\_restore{98cbc852-0bc6-48c7-bab4-5312d4b7cb9d}\RP163\A0029696.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{98cbc852-0bc6-48c7-bab4-5312d4b7cb9d}\RP163\A0029707.exe (Adware.ShoppingReports2) -> Quarantined and deleted successfully.

Teljes vizsgalat.

gyors-, vagy teljesvizsgálat?

ok,
Most tolds le es futtasd le csokkentet modban a Malwarebytes programot, Teljes vizsgalat, amit talal torolni, a naplojat tedd ide.
http://www.virus-stell.com/2010/04/malw ... lware.html

RogueKiller V5.2.7 [06/30/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows XP (5.1.2600 Szervizcsomag 2) 32 bits version
Started in : Safe mode with network support
User: asd [Admin rights]
Mode: Remove -- Date : 07/15/2011 19:21:50

Bad processes: 0

Registry Entries: 1
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

HOSTS File:
127.0.0.1 localhost


Finished : << RKreport[1].txt >>
RKreport[1].txt

igen, futtasd csokkentet modban
Nyomod a 2-es bilentyut>.enter>>ad majd naplot tedd ide es varjal.

csökkentet módban futtassam ezt a programot?

Ok, restart csokkentet modba a halozatal.
aztan tolds le a blogombol az RogueKiller>.seged programot
http://www.virus-stell.com/p/ingyenes-h ... ramok.html
az utasitas szerint futtatod>.es nyomod a 2-bilentyut, enter, a logjat tedd ide, es varjal, a csokkentet modban, ha it se tudnad a programot letolteni akkor irjal.
Tolds le az RogueKiller<,pendrivre, masik gepen es onan futtasd le,

megcsináltam, újraindítottam, még mindig nem hozza be, de a fix.bat az első két sorban hibát mutatott, nem találta a rendszerleíró azonosítót.

Igen
Csinalj egy fix.bat
fajlot
ha nem todod hogyan akkor ird es leirom.
Masold be ezt a textet es futtasd le, aztan restart



Aztan ird meg ha mar nyissa e az blogomat az RSIT,

windows xp pro sp2

ez volt a kérdés?

aha, akkor milyen a rendszer?/

Ezt az oldalt sem nyitja meg.

Üdv
Ezert mert meg van fertőzve a géped.
Segitek rajtad, de csinald azt amit irok, es bird ki itt, meg ki nem tisztitscuk a gepet, mert sokkan elrohanak amikor leirom hogy mit csinaljanak.
1:Tedd ide az RSIT logjat a windowsbol, ha valami nem menne akkor rogton irni,
http://www.virus-stell.com/2010/04/rsit.html

Sziasztok!

Egyik vírusírtó program honlapját sem nyitja meg a gépem. Gépemen két partíció van, az egyik ubuntu, a másik windows, az ubuntu természetesen tökéletesen működik, meg is nyitja az említett oldalakat, ám a windows nem. Mit tegyek?