Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Wersja bazy: 6524 Windows 5.1.2600 Dodatek Service Pack 2 Internet Explorer 6.0.2900.2180 2011-05-07 17:27:57 mbam-log-2011-05-07 (17-27-57).txt Typ skanowania: Pełne skanowanie (C:\|) Przeskanowano obiektów: 212348 Upłynęło: 54 minut(y), 3 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 45 Zainfekowanych wartości rejestru: 9 Zainfekowane informacje rejestru systemowego: 4 Zainfekowanych folderów: 19 Zainfekowanych plików: 37 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: HKEY_CLASSES_ROOT\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{37B85A2A-692B-4205-9CAD-2626E4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37B85A21-692B-4205-9CAD-2626E4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Global Search Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{064C57B4-B9EC-425F-B9B3-BCEFFEEA74D9} (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{CA295D63-514A-4ED0-9B5F-640890F2366B} (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{B0E8C398-DABE-4CE1-B4D9-ED43B64923F5} (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\SmartShopper.HbAx.1 (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\SmartShopper.HbAx (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{0755E4F0-3F92-4A67-AD14-E9F287F76FBC} (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\SmartShopper.IEButtonB.1 (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\SmartShopper.IEButtonB (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2260D608-C844-435D-90FD-DC16CFA577F2} (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\SmartShopper.IEButton.1 (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\SmartShopper.IEButton (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{37B85A29-692B-4205-9CAD-2626E4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MyGlobalSearchBar.SettingsPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MyGlobalSearchBar.SettingsPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{37B85A2B-692B-4205-9CAD-2626E4993404} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{BCEB373D-A35A-4200-BD43-8586CD9DFAE7} (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\SmartShopper.IEButtonA.1 (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\SmartShopper.IEButtonA (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{EF281620-A3A3-4f08-874F-D68CFC9B7945} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MyGlobalSearchBar.ToolbarPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\MyGlobalSearchBar.ToolbarPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{2615F050-9C18-4267-B711-8E3687DC0145} (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{CB0D9D8C-535E-4352-BA8F-65C3C8676612} (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{08AA0598-6A23-4364-9BF4-6D5F57F42993} (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2BA1C226-EC1B-4471-A65F-D0688AC6EE3A} (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF} (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0} (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\SmartShopper.HbInfoBand (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\SmartShopper.HbInfoBand.1 (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\SmartShopper.SmrtShprCtl (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\SmartShopper.SmrtShprCtl.1 (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\VCLSDCompression.class (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\videoaccessactivex.Chl (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\SmartShopper (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch (Adware.BookedSpace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\SmartShopper (Adware.SmartShopper) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SmartShopper (Adware.SmartShopper) -> Quarantined and deleted successfully. Zainfekowanych wartości rejestru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{37B85A29-692B-4205-9CAD-2626E4993404} (Adware.MyWebSearch) -> Value: {37B85A29-692B-4205-9CAD-2626E4993404} -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF} (Adware.SmartShopper) -> Value: {3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF} -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0} (Adware.SmartShopper) -> Value: {3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0} -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} (Adware.SmartShopper) -> Value: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} (Adware.SmartShopper) -> Value: {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{37B85A29-692B-4205-9CAD-2626E4993404} (Adware.MyWebSearch) -> Value: {37B85A29-692B-4205-9CAD-2626E4993404} -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{BB4C402F-882A-4526-8C08-51278EA437C1} (Spyware.OnlineGames) -> Value: {BB4C402F-882A-4526-8C08-51278EA437C1} -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{BB4C402F-882A-4526-8C08-51278EA437C1} (Spyware.OnlineGames) -> Value: {BB4C402F-882A-4526-8C08-51278EA437C1} -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\user32.dll (Trojan.Zlob) -> Value: user32.dll -> Quarantined and deleted successfully. Zainfekowane informacje rejestru systemowego: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Window Title (Hijacked.WindowTitle) -> Bad: (Hacked by Godzilla) Good: (Internet Explorer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (PUM.Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. Zainfekowanych folderów: c:\documents and settings\Roli\dane aplikacji\smartshopper (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\Roli\dane aplikacji\smartshopper\cs (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\Roli\dane aplikacji\smartshopper\cs\db (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\Roli\dane aplikacji\smartshopper\cs\dwld (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\Roli\dane aplikacji\smartshopper\cs\report (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\Roli\dane aplikacji\smartshopper\cs\res2 (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\Roli\dane aplikacji\smartshopper\Roli (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\program files\myglobalsearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\smartshopper (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\program files\smartshopper\Bin (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\program files\smartshopper\Bin\2.0.20 (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\program files\smartshopper\cs (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\program files\smartshopper\cs\antiphishing (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\all users\menu start\Programy\smartshopper (Adware.SmartShopper) -> Quarantined and deleted successfully. Zainfekowanych plików: c:\program files\myglobalsearch\bar\1.bin\MGSBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\1.bin\M9PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\1.bin\NPMYGLSH.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\mozilla firefox\plugins\NPMyGlSh.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\chxnxyx.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. c:\documents and settings\Roli\dane aplikacji\smartshopper\cs\Config.xml (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\Roli\dane aplikacji\smartshopper\cs\persist.dbs (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\Roli\dane aplikacji\smartshopper\cs\db\Aliases.dbs (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\Roli\dane aplikacji\smartshopper\cs\db\Sites.dbs (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\Roli\dane aplikacji\smartshopper\cs\dwld\phishinglist.xip (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\Roli\dane aplikacji\smartshopper\cs\dwld\whitelist.xip (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\Roli\dane aplikacji\smartshopper\cs\report\aggr_storage.xml (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\Roli\dane aplikacji\smartshopper\cs\report\send_storage.xml (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\Roli\dane aplikacji\smartshopper\cs\res2\whitelist.dbs (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\1.bin\m9ffxtbr.manifest (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\1.bin\m9ntstbr.manifest (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\Cache\0000FEE2 (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\Cache\0019C133.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\Cache\0019C375.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\Cache\0019C4DC.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\Cache\0048F464 (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\History\search (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\myglobalsearch\bar\Settings\prevcfg.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\program files\smartshopper\Uninst.exe (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\program files\smartshopper\cs\persist.dbs (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\program files\smartshopper\cs\antiphishing\antiphishing.html (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\program files\smartshopper\cs\antiphishing\phishalert.gif (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\program files\smartshopper\cs\antiphishing\vssver.scc (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\program files\smartshopper\cs\antiphishing\x.gif (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\program files\smartshopper\cs\antiphishing\xActive.gif (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\all users\menu start\Programy\smartshopper\smartshopper - comapre product prices.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\all users\menu start\Programy\smartshopper\smartshopper - compare travel rate.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\all users\menu start\Programy\smartshopper\smartshopper help.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully. c:\documents and settings\all users\menu start\Programy\smartshopper\uninstall smartshopper.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully.