2014/11/15 03:40:35 +0100 mbam-log-2014-11-15 (03-40-26).xml yes

2.00.3.1025 v2014.11.15.01 v2014.11.12.01 free disabled disabled disabled Windows 7 Service Pack 1 x64 justyna i darek NTFS

custom completed 616816 8744 0 0 3 22 0 0 14 0

enabled enabled enabled enabled enabled enabled enabled enabled enabled HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DC3_FEXECMalware.Tracesuccesse306d565e29a9b9b0538120102027e82 HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\WindowsNameMalware.Tracesuccess05e487b3d6a6af8733de49a00df652ae HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\VB AND VBA PROGRAM SETTINGS\SrvIDMalware.Tracesuccess08e1f2489fddee48a12f8b5f9c67b848 HKU\S-1-5-21-2497160206-2615029055-3091190810-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{D4027C7F-154A-4066-A1AD-4243D8127440}PUP.Optional.FrostwireTB.Asuccesse702e75379032d095e75d71ce81ae51b HKU\S-1-5-21-2497160206-2615029055-3091190810-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER{D4027C7F-154A-4066-A1AD-4243D8127440}PUP.Optional.FrostwireTB.Asuccess|ÔJf@ˇ­BCŘt@e702e75379032d095e75d71ce81ae51b HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWSLoadPUM.UserWLoadsuccessC:\Users\JUSTYN~1\LOCALS~1\Temp\msamakrj.scr5693023884f8fd391b8c32464db69769 HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWSLoadTrojan.RansomsuccessC:\Users\JUSTYN~1\LOCALS~1\Temp\msamakrj.screbfeb5858fedb58175cf0b71b84b36ca HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNwinlogon.exeTrojan.Agentsuccess"C:\Users\justyna i darek\AppData\Roaming\winlogon.exe"f1f86dcde597e15585a17e0847bce41c HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNaPmdzmzRnZoTrojan.Agentsuccess"C:\Users\justyna i darek\AppData\Roaming\winlogon.exe"08e178c2a8d4003657cfd0b6ad56966a HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNWindefenderTrojan.Agent.Gensuccess"C:\Users\justyna i darek\AppData\Roaming\10bots.exe"3dacf842adcfe6504e68e833f60e817f HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNwinupdaterBackdoor.AgentsuccessC:\Windows\system32\Windupdt\winupdate.exeedfc2a10cfad46f097dad838ba4a01ff HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNwinlogonTrojan.AgentsuccessC:\Users\justyna i darek\AppData\Roaming\winlogon.exe4b9eed4d1f5d96a085a1ceb88083ef11 HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNserviceTrojan.AgentsuccessC:\Users\justyna i darek\AppData\Local\Temp\service.exef8f15ae02953b086b791ff28ae569070 HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN{0B05C753-AEEF-EF44-263B-A77612CFB302}Trojan.ZbotR.Gensuccess"C:\Users\justyna i darek\AppData\Roaming\Edwebi\hade.exe"925752e83448da5ce2e8a29ee71dcc34 HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNsvhost.exeBackdoor.Sdbotsuccess"C:\Users\justyna i darek\AppData\Roaming\svhost.exe"48a182b8b0cc05310ee2e7ff9e6502fe HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNegregregerfwdeBackdoor.Bot.WPMsuccess"C:\Users\justyna i darek\AppData\Roaming\svhost.exe"ab3eb78394e876c03eafca5bcd3704fc HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNHKCUBackdoor.HMCPol.GensuccessC:\Users\justyna i darek\AppData\Roaming\Filters\winwip.exec425fd3d334953e314ef4ecb05ff6b95 HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNMSWUpdateTrojan.AgentsuccessC:\Users\justyna i darek\AppData\Roaming\Microsoft\lsass.exe39b045f51468082eb294cbcb06fde11f HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNMicroUpdateBackdoor.Agent.DCEGensuccessC:\Users\justyna i darek\Documents\MSDCSC\msdcsc.exe3dacb585720a73c38de2442ded1656aa HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNAdobe Driver UpdateTrojan.Agent.ADBGensuccessC:\Users\JUSTYN~1\AppData\Local\Temp\adbreader.exe9752fb3f067652e4d4d1183aca39ff01 HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNWindows Internet SecurityTrojan.AgentsuccessC:\Users\justyna i darek\AppData\Roaming\Microsoft\svclss.exeae3bff3b403c979f64dda38042c2e61a HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNWindows ExplorerBackdoor.BotsuccessC:\Users\justyna i darek\AppData\Roaming\Icrypt.exe0adfeb4f8af2e94dd7235d8a0cf713ed HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNMicrosoft EssentialsTrojan.Agent.GensuccessC:\Users\justyna i darek\AppData\Local\Temp\MsMpEng.execb1ee555afcdea4c87810439d43005fb HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNMicrosoft UpdateBackdoor.BotsuccessC:\ProgramData\huyhvlkx.exe5495e555d5a748eecf68870f4bb81ee2 HKU\S-1-5-21-2497160206-2615029055-3091190810-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNJava UpdateTrojan.Agent.GensuccessC:\Users\justyna i darek\AppData\Roaming\Java Update.exe7b6ebe7c17657eb865219883ad57cd33 C:\Users\justyna i darek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3E9PK5E5\insomnia[1].exeTrojan.MSILsuccess9d4cf842d8a4350176dcf9bc7e82a060 C:\Users\justyna i darek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46SFP4DS\insomnia[1].exeTrojan.MSILsuccess6485d26881fbbb7beb678e27768abe42 C:\Users\justyna i darek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q9EEVE46\fuck[1].exeTrojan.MSILsuccessa049df5be09caa8ced95d09322dfe719 C:\Users\justyna i darek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGTQVXZF\fuck[1].exeTrojan.MSILsuccess58912f0badcf59dd235f6102ee13c53b C:\Users\justyna i darek\Desktop\YTDSetup.exePUP.Optional.MyEmoticons.Asuccess4f9af4465c20db5bf230f978fc05d52b C:\ProgramData\rundll32.exeTrojan.Agent.Gensuccess519899a16913eb4ba68badd925de6997 C:\Users\justyna i darek\AppData\Roaming\106101844525983.exeTrojan.Agentsuccess40a93cfe7309c175eb62a1f020e303fd C:\Users\justyna i darek\AppData\Roaming\111561857912567.exeTrojan.Agentsuccess57923cfea1db61d567e670217390a35d C:\Users\justyna i darek\AppData\Roaming\22127931012217.exeTrojan.Agentsuccesse8011624126a5ed8f05d9ff2ab58f20e C:\Users\justyna i darek\AppData\Roaming\270873140025909.exeTrojan.Agentsuccessf0f9d169f18bab8b6edf365bbe456d93 C:\Users\justyna i darek\AppData\Roaming\cglogs.datMalware.Tracesuccessf7f25edc017b2f0746420b952ed50df3 C:\Users\justyna i darek\AppData\Roaming\data.datStolen.Datasuccessf3f69d9d374568ce4557930d50b37e82 C:\Users\justyna i darek\AppData\Roaming\bot.exeBackdoor.Agent.Gensuccesscf1a1d1d99e313233ee548c722e2a45c C:\Users\justyna i darek\AppData\Roaming\logStolen.Datasuccesse306b288b4c8280e7a1fd355fd07e11f