Malwarebytes Anti-Malware
www.malwarebytes.org

Data skanowania: 2016-02-28
Czas skanowania: 21:15:05
Raport: MBAM - raport.txt
Administrator: Tak

Wersja: 2.2.0.1024
Baza szkodliwego oprogramowania: v2016.03.09.04
Baza danych rootkitów: v2016.02.27.01
Licencja: Darmowa
Ochrona przed złośliwym oprogramowaniem: Wyłączony
Ochrona przed szkodliwymi stronami: Wyłączony
Samoobrona: Wyłączony

System operacyjny: Windows XP Service Pack 3
Procesor: x86
System plików: NTFS
Użytkownik: Mafia

Typ skanowania: Dokładne skanowanie
Wynik: Zakończono
Obiekty przeskanowane: 544331
Czas, który upłynął: 39 min, 33 s

Pamięć: Włączony
Autostart: Włączony
System plików: Włączony
Archiwa: Włączony
Rootkity: Wyłączony
Heurystyka: Włączony
PUP: Włączony
PUM: Włączony

Procesy: 1
PUP.Optional.WindowsProtectManager, c:\documents and settings\all users\dane aplikacji\5wminipro5\wminipro.exe, 3144, , [694f8500bddc0d29eee93669e61b49b7]

Moduły: 0
(Nie wykryto zagrożeń)

Klucze rejestru: 15
PUP.Optional.WindowsProtectManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WdsManPro, , [694f8500bddc0d29eee93669e61b49b7], 
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}, , [a315067f8a0fa393775d8a08fc06de22], 
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\istartsurfSoftware, , [a3152164e9b084b226c29fbb42c2f010], 
PUP.Optional.WdsManPro, HKLM\SOFTWARE\WdsManPro, , [74440d78534690a642ba6bc7d72dc33d], 
PUP.Optional.IStartSurf, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\istartsurf uninstall, , [5464384dff9a80b676837e8b16eec53b], 
PUP.Optional.RegCleanPro, HKLM\SOFTWARE\REG\CLEAN\pro, , [a51383024059f541df41e4959371827e], 
PUP.Optional.Vitruvian, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LWSVC_1.10.0.14, , [d7e14441554444f2ad912bff966e0ef2], 
PUP.Optional.WindowsProtectionManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WdsManPro, , [d1e7661f0b8e26105e7d1bf92ad9946c], 
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2025429265-343818398-682003330-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\CHCT3316632, , [5266e99c9dfc96a034271ec8b05336ca], 
PUP.Optional.ProductSetup, HKU\S-1-5-21-2025429265-343818398-682003330-1003\SOFTWARE\PRODUCTSETUP, , [734544414c4d6ec888cff8214cb8847c], 
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2025429265-343818398-682003330-1011\SOFTWARE\Conduit, , [b4043a4b00999e98a99deb95d232f40c], 
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2025429265-343818398-682003330-1011\SOFTWARE\GOOGLE\CHROME\NATIVEMESSAGINGHOSTS\nmhostct3072253, , [5b5d1471c8d182b4b71f67b3b25155ab], 
PUP.Optional.RegCleanPro, HKU\S-1-5-21-2025429265-343818398-682003330-1011\SOFTWARE\REG\CLEAN\pro, , [b008265ffe9bcf6760bf5d1c40c4f60a], 
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2025429265-343818398-682003330-1011\SOFTWARE\SMARTBAR\CR, , [2494d0b59207bd792faa1dfd19ea4fb1], 
PUP.Optional.SmartBar, HKU\S-1-5-21-2025429265-343818398-682003330-1011\SOFTWARE\SMARTBAR, , [ac0cfe87fc9d181ef4c3cc5430d4629e], 

Wartości rejestru: 3
PUP.Optional.Vitruvian, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\lwsvc_1.10.0.14|ImagePath, "C:\Program Files\LinkWiz_1.10.0.14\Service\lwsvc.exe", , [d7e14441554444f2ad912bff966e0ef2]
PUP.Optional.ProductSetup, HKU\S-1-5-21-2025429265-343818398-682003330-1003\SOFTWARE\PRODUCTSETUP|tb, 0F1G1N1H1X, , [734544414c4d6ec888cff8214cb8847c]
PUP.Optional.SmartBar, HKU\S-1-5-21-2025429265-343818398-682003330-1011\SOFTWARE\SMARTBAR|GlobalUserId, A97C6240-586E-429A-857C-76C8621674B8, , [ac0cfe87fc9d181ef4c3cc5430d4629e]

Dane rejestru: 1
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, "C:\Program Files\Internet Explorer\iexplore.exe" http://www.istartsurf.com/?type=sc&ts=1446068732&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=cor&uid=GOODRAMXC50_FF1A07391E9700075851, Dobry: (iexplore.exe), Zły: ("C:\Program Files\Internet Explorer\iexplore.exe" http://www.istartsurf.com/?type=sc&ts=1446068732&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=cor&uid=GOODRAMXC50_FF1A07391E9700075851),,[1d9b671ea6f3e84e873dbd47e22309f7]

Foldery: 9
PUP.Optional.IStartSurf.ShrtCln, C:\Documents and Settings\Mafia\Dane aplikacji\istartsurf, , [7345265fcacfc1750ee94f889270619f], 
PUP.Optional.WindowsProtectManager, C:\Documents and Settings\All Users\Dane aplikacji\5WMiniPro5, , [07b14c39f0a91a1ca851db2c778cfb05], 
PUP.Optional.WindowsProtectManager, C:\Documents and Settings\All Users\Dane aplikacji\5WMiniPro5\mitest, , [07b14c39f0a91a1ca851db2c778cfb05], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mafia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aifbhkgndkhidjnebdeonlnliogifjia\1.0.5613.30003_0, , [a612394c128738fe5e5fe74fbb4aa35d], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mafia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aifbhkgndkhidjnebdeonlnliogifjia, , [a612394c128738fe5e5fe74fbb4aa35d], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mafia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghnlfcifkgnjhehokhldhmbfgjoombpc\1.0.5499.25531_0, , [4a6e196ce2b7181e8c3166d0b1544cb4], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mafia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghnlfcifkgnjhehokhldhmbfgjoombpc, , [4a6e196ce2b7181e8c3166d0b1544cb4], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mama\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghnlfcifkgnjhehokhldhmbfgjoombpc\1.0.5499.25531_0, , [17a1c0c50198dd59dde0e551ef168e72], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mama\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghnlfcifkgnjhehokhldhmbfgjoombpc, , [17a1c0c50198dd59dde0e551ef168e72], 

Pliki: 27
PUP.Optional.WindowsProtectManager, c:\documents and settings\all users\dane aplikacji\5wminipro5\wminipro.exe, , [694f8500bddc0d29eee93669e61b49b7], 
PUP.Optional.WindowsProtectManager, c:\documents and settings\all users\dane aplikacji\5wminipro5\trz6.tmp, , [b305cbba6930a690bb1c544b6f9238c8], 
PUP.Optional.InstallCore, c:\documents and settings\mafia\pulpit\face-off-max-22576-dp.exe, , [20981174a2f7dd59c262de53996cd927], 
PUP.Optional.InstallCore, c:\documents and settings\mafia\ustawienia lokalne\temp\1a6.tmp, , [81373d482079fe389193bd7494719868], 
PUP.Optional.InstallCore, c:\documents and settings\mafia\ustawienia lokalne\temp\icreinstall_face-off-max-22576-dp.exe, , [f1c7681d6f2a79bd4dd7fb364abb639d], 
PUP.Optional.LinkWiz, C:\Documents and Settings\Mafia\Ustawienia lokalne\temp\is1094620407\7F0A8178_stp\linkwiz-setup-1.10.0.14.exe, , [9a1e22639cfd6bcb64fe36fbd431f907], 
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Mama\Ustawienia lokalne\Dane aplikacji\The_Game_Creators_Ltd\ldrtbThe2.dll, , [2197aed7148545f1415d062413f26d93], 
PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\Mama\Ustawienia lokalne\Dane aplikacji\The_Game_Creators_Ltd\tbThe2.dll, , [b602ef96f1a8b6806f2fa585e91cec14], 
PUP.Optional.IStartSurf.ShrtCln, C:\Documents and Settings\Mama\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage, , [0bad91f45a3fbb7bf4573da5d72ca15f], 
PUP.Optional.IStartSurf.ShrtCln, C:\Documents and Settings\Mama\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Local Storage\http_www.istartsurf.com_0.localstorage-journal, , [9028275ea7f2ee4828231bc7ca39b24e], 
PUP.Optional.IStartSurf.ShrtCln, C:\Documents and Settings\Mafia\Dane aplikacji\istartsurf\593.json, , [7345265fcacfc1750ee94f889270619f], 
PUP.Optional.IStartSurf.ShrtCln, C:\Documents and Settings\Mafia\Dane aplikacji\istartsurf\bnd, , [7345265fcacfc1750ee94f889270619f], 
PUP.Optional.IStartSurf.ShrtCln, C:\Documents and Settings\Mafia\Dane aplikacji\istartsurf\un.ini, , [7345265fcacfc1750ee94f889270619f], 
PUP.Optional.IStartSurf.ShrtCln, C:\Documents and Settings\Mafia\Dane aplikacji\istartsurf\uninstallDlg2.xml, , [7345265fcacfc1750ee94f889270619f], 
PUP.Optional.WindowsProtectManager, C:\Documents and Settings\All Users\Dane aplikacji\5WMiniPro5\mitestconf, , [07b14c39f0a91a1ca851db2c778cfb05], 
PUP.Optional.WindowsProtectManager, C:\Documents and Settings\All Users\Dane aplikacji\5WMiniPro5\trz7.tmp, , [07b14c39f0a91a1ca851db2c778cfb05], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mafia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aifbhkgndkhidjnebdeonlnliogifjia\1.0.5613.30003_0\manifest.json, , [a612394c128738fe5e5fe74fbb4aa35d], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mafia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aifbhkgndkhidjnebdeonlnliogifjia\1.0.5613.30003_0\background.js, , [a612394c128738fe5e5fe74fbb4aa35d], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mafia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aifbhkgndkhidjnebdeonlnliogifjia\1.0.5613.30003_0\icon.png, , [a612394c128738fe5e5fe74fbb4aa35d], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mafia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghnlfcifkgnjhehokhldhmbfgjoombpc\1.0.5499.25531_0\manifest.json, , [4a6e196ce2b7181e8c3166d0b1544cb4], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mafia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghnlfcifkgnjhehokhldhmbfgjoombpc\1.0.5499.25531_0\background.js, , [4a6e196ce2b7181e8c3166d0b1544cb4], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mafia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghnlfcifkgnjhehokhldhmbfgjoombpc\1.0.5499.25531_0\content.js, , [4a6e196ce2b7181e8c3166d0b1544cb4], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mafia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghnlfcifkgnjhehokhldhmbfgjoombpc\1.0.5499.25531_0\icon.png, , [4a6e196ce2b7181e8c3166d0b1544cb4], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mama\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghnlfcifkgnjhehokhldhmbfgjoombpc\1.0.5499.25531_0\manifest.json, , [17a1c0c50198dd59dde0e551ef168e72], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mama\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghnlfcifkgnjhehokhldhmbfgjoombpc\1.0.5499.25531_0\background.js, , [17a1c0c50198dd59dde0e551ef168e72], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mama\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghnlfcifkgnjhehokhldhmbfgjoombpc\1.0.5499.25531_0\content.js, , [17a1c0c50198dd59dde0e551ef168e72], 
PUP.Optional.InternetProgram, C:\Documents and Settings\Mama\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghnlfcifkgnjhehokhldhmbfgjoombpc\1.0.5499.25531_0\icon.png, , [17a1c0c50198dd59dde0e551ef168e72], 

Sektory fizyczne: 0
(Nie wykryto zagrożeń)


(end)