Malwarebytes Anti-Malware
www.malwarebytes.org

Data skanu: 2014-11-14
Czas skanu: 23:49:54
Raport: mbam.txt
Administrator: Tak

Wersja: 2.00.2.1012
Baza danych malware: v2014.11.14.10
Baza danych rootkitów: v2014.11.12.01
Licencja: Darmowy
Ochrona przeciw malware: Wyłączony
Ochrona przeciw szkodliwymi stronami: Wyłączony
Self-protection: Wyłączony

System operacyjny: Windows XP Service Pack 2
Procesor: x86
System plików: NTFS
Użytkownik: amx

Typ skanu: Skanowanie w poszukiwaniu zagrożeń
Wynik: Zakończono
Objekty zeskanowane: 624609
Minęło: 39 min, 40 s

Pamięć: Włączony
Autostart: Włączony
System plików: Włączony
Archiwa: Włączony
Rootkity: Wyłączony
Heuristics: Włączony
PNP: Ostrzegaj
PNM: Włączony

Procesy: 1
PUP.Optional.MaintainerSvc.A, C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\01e58235-010d-43b1-8340-277d43a75321\maintainer.exe, 1828, Usunięcie-po-restarcie, [654da19a0f6d999d5691f7e81ee319e7]

Moduły: 0
(No malicious items detected)

Klucze rejestru: 16
PUP.Optional.MaintainerSvc.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MaintainerSvc6.89.573444, Dodano do kwarantanny, [654da19a0f6d999d5691f7e81ee319e7], 
PUP.Optional.PodoWeb.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PodoWeb, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, HKLM\SOFTWARE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{d04f5c84-12ff-4486-8e31-240e7ca6e6d3}Gt, Dodano do kwarantanny, [c6ec1f1cbcc0eb4b56944402bf44dd23], 
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\mystartsearchSoftware, Dodano do kwarantanny, [cce63dfe691376c0a33d280a0ef50000], 
PUP.Optional.PodoWeb.A, HKLM\SOFTWARE\PodoWeb, Dodano do kwarantanny, [743e102ba4d8ed49dd785de8689b05fb], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\supWindowsMangerProtect, Dodano do kwarantanny, [b002102b552775c1eba73c6a15efc838], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\supWPM, Dodano do kwarantanny, [b4fecc6ff58780b68069cd7327dc43bd], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPTAB, Dodano do kwarantanny, [238f0239c3b946f0c2269ba552b119e7], 
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, Dodano do kwarantanny, [456dd4671666c175747aca6b7a895da3], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Dodano do kwarantanny, [8d25c7744d2fab8bc52a0a2bcc3754ac], 
PUP.Optional.PodoWeb.A, HKU\S-1-5-21-1547161642-117609710-725345543-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PodoWeb, Dodano do kwarantanny, [882a45f658248caa4c0a92b337cce11f], 
PUP.Optional.WebSearches.A, HKU\S-1-5-21-1547161642-117609710-725345543-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, Dodano do kwarantanny, [c5ed54e7c5b7bc7a7227d27052b1c33d], 

Wartości rejestru: 2
Trojan.Agent.ED, HKU\S-1-5-21-1547161642-117609710-725345543-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|{E560D0D0-8773-ECEA-CD98-B27DD4FBB3CC}, "C:\Documents and Settings\amx.X-628658B1E9874\Dane aplikacji\Ciqapo\otozd.exe", Dodano do kwarantanny, [337f2318dd9fb77fb21e35a951b0f60a]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPTAB|ptid, smt, Dodano do kwarantanny, [238f0239c3b946f0c2269ba552b119e7]

Dane rejestru: 1
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-1547161642-117609710-725345543-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.mystartsearch.com/web/?type=ds&ts=1414628476&from=smt&uid=ST9100828AS_5LZ103DEXXXX5LZ103DE&q={searchTerms}, Dobry: (www.google.com), Zły: (http://www.mystartsearch.com/web/?type=ds&ts=1414628476&from=smt&uid=ST9100828AS_5LZ103DEXXXX5LZ103DE&q={searchTerms}),Zastąpiono,[03afb2899ae277bfbcde72ca34d1c040]

Foldery: 8
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\plugins, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\TEMP, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.IePluginServices.A, C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\IePluginServices, Dodano do kwarantanny, [60527bc0700c7bbb8911e2377d86758b], 
PUP.Optional.IePluginServices.A, C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\IePluginServices\update, Dodano do kwarantanny, [60527bc0700c7bbb8911e2377d86758b], 
PUP.Optional.WPM.A, C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\WindowsMangerProtect, Dodano do kwarantanny, [625061da46368da9d42912092ed5ec14], 
PUP.Optional.WPM.A, C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\WindowsMangerProtect\update, Dodano do kwarantanny, [625061da46368da9d42912092ed5ec14], 

Pliki: 37
PUP.Optional.MaintainerSvc.A, C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\01e58235-010d-43b1-8340-277d43a75321\maintainer.exe, Usunięcie-po-restarcie, [654da19a0f6d999d5691f7e81ee319e7], 
Trojan.Agent.ED, C:\Documents and Settings\amx.X-628658B1E9874\Dane aplikacji\Ciqapo\otozd.exe, Usunięcie-po-restarcie, [337f2318dd9fb77fb21e35a951b0f60a], 
PUP.Optional.Sanbreel.A, C:\Program Files\PodoWeb\PodoWebBrowserFilter.exe, Dodano do kwarantanny, [d7db5fdc522a3cfa947949516e93718f], 
PUP.Optional.Somoto.A, C:\Documents and Settings\amx.X-628658B1E9874\Ustawienia lokalne\temp\nso20.tmp, Dodano do kwarantanny, [2b873ffca1dbe452b597dc8b56ab56aa], 
PUP.Optional.BPlug, C:\Documents and Settings\amx.X-628658B1E9874\Ustawienia lokalne\temp\setup.exe, Dodano do kwarantanny, [c2f026155f1dad89752c6360e0217b85], 
PUP.Optional.LiMo, C:\Documents and Settings\amx.X-628658B1E9874\Ustawienia lokalne\temp\smt_mystartsearch.exe, Dodano do kwarantanny, [b7fbea511b6150e6ae6f42f6d33260a0], 
PUP.Optional.Somoto, C:\Documents and Settings\amx.X-628658B1E9874\Ustawienia lokalne\temp\bitool.dll, Dodano do kwarantanny, [ffb30734a8d45cdab0014b37e919738d], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\PodoWeb.ico, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\7za.exe, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\kcgfhagdikiadbckmcmjhmkagibmmlla.crx, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\PodoWeb.BrowserFilter.Helper.dll, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\PodoWebUninstall.exe, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\updatePodoWeb.InstallState, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\7za.exe, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\BrowserAdapter.7z, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\d04f5c8412ff44868e31.dll, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\d04f5c8412ff44868e3164.dll, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\PodoWeb.BrowserAdapter.exe, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\PodoWeb.BrowserAdapter64.exe, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\PodoWeb.PurBrowse.exe, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\PodoWeb.PurBrowseG.zip, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\sqlite3.dll, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\utilPodoWeb.InstallState, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\{d04f5c84-12ff-4486-8e31-240e7ca6e6d3}.dll, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\{d04f5c84-12ff-4486-8e31-240e7ca6e6d3}64.dll, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\plugins\PodoWeb.Bromon.dll, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\plugins\PodoWeb.BroStats.dll, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\plugins\PodoWeb.BrowserAdapter.dll, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\plugins\PodoWeb.CompatibilityChecker.dll, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\plugins\PodoWeb.FFUpdate.dll, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\plugins\PodoWeb.GCUpdate.dll, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\plugins\PodoWeb.IEUpdate.dll, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\plugins\PodoWeb.Msvcmon.dll, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.PodoWeb.A, C:\Program Files\PodoWeb\bin\plugins\PodoWeb.PurBrowseG.dll, Dodano do kwarantanny, [0ba75dde91ebe056a1b357ee19ea649c], 
PUP.Optional.Sanbreel.A, C:\WINDOWS\system32\drivers\{d04f5c84-12ff-4486-8e31-240e7ca6e6d3}Gt.sys, Dodano do kwarantanny, [c6ec1f1cbcc0eb4b56944402bf44dd23], 
PUP.Optional.IePluginServices.A, C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\IePluginServices\update\conf, Dodano do kwarantanny, [60527bc0700c7bbb8911e2377d86758b], 
PUP.Optional.WPM.A, C:\Documents and Settings\All Users.WINDOWS\Dane aplikacji\WindowsMangerProtect\update\conf, Dodano do kwarantanny, [625061da46368da9d42912092ed5ec14], 

Sektory fizyczne: 0
(No malicious items detected)


(end)