Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Wersja bazy: 5523 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 2011-01-15 13:37:43 mbam-log-2011-01-15 (13-37-43).txt Typ skanowania: Szybkie skanowanie Przeskanowano obiektów: 128128 Upłynęło: 1 minut(y), 47 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 4 Zainfekowanych wartości rejestru: 4 Zainfekowane informacje rejestru systemowego: 1 Zainfekowanych folderów: 0 Zainfekowanych plików: 5 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: HKEY_CLASSES_ROOT\CLSID\{7V3OWP2H-850T-C47B-Q881-BO5LUJWSPK8W} (Backdoor.SpyNet.M) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7V3OWP2H-850T-C47B-Q881-BO5LUJWSPK8W} (Backdoor.SpyNet.M) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{7V3OWP2H-850T-C47B-Q881-BO5LUJWSPK8W} (Backdoor.SpyNet.M) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully. Zainfekowanych wartości rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Backdoor.SpyNet.M) -> Value: Policies -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HKLM (Backdoor.SpyNet.M) -> Value: HKLM -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Backdoor.SpyNet.M) -> Value: Policies -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HKCU (Backdoor.SpyNet.M) -> Value: HKCU -> Quarantined and deleted successfully. Zainfekowane informacje rejestru systemowego: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: c:\Users\Kacprut\AppData\Local\Temp\tr.exe (PWS.Dybalom) -> Quarantined and deleted successfully. c:\Users\Kacprut\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully. c:\Users\Kacprut\AppData\Local\Temp\UuU.uUu (Malware.Trace) -> Quarantined and deleted successfully. c:\Users\Kacprut\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully. c:\Windows\System32\Adobe\Update.exe (Backdoor.SpyNet.M) -> Quarantined and deleted successfully.