Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Wersja bazy: 4469 Windows 5.1.2600 Dodatek Service Pack 2 Internet Explorer 8.0.6001.18702 2010-08-24 18:30:01 Malwarebytes Typ skanowania: Pełne skanowanie (C:\|) Przeskanowano obiektów: 161420 Upłynęło: 14 minut(y), 17 sekund(y) Zainfekowanych procesów w pamięci: 1 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 6 Zainfekowanych wartości rejestru: 1 Zainfekowane informacje rejestru systemowego: 2 Zainfekowanych folderów: 0 Zainfekowanych plików: 110 Zainfekowanych procesów w pamięci: C:\WINDOWS\svc2.exe (Trojan.Sisproc.Gen) -> No action taken. Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: HKEY_CLASSES_ROOT\sp (TrojanProxy.Agent) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken. Zainfekowanych wartości rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\netlog2 (Trojan.Sisproc.Gen) -> No action taken. Zainfekowane informacje rejestru systemowego: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Rogue.Antivirus2010) -> Data: c:\windows\system32\userinit.exe -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Rogue.Antivirus2010) -> Data: system32\userinit.exe -> No action taken. Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: C:\WINDOWS\svc2.exe (Trojan.Sisproc.Gen) -> No action taken. C:\2008.exe (Trojan.Sisproc.Gen) -> No action taken. C:\Documents and Settings\DOMOWY\DoctorWeb\Quarantine\updata.exe (Trojan.Refpron) -> No action taken. C:\Documents and Settings\DOMOWY\Ustawienia lokalne\Temporary Internet Files\Content.IE5\2BMQY2GH\cs[1].gif (Extension.Mismatch) -> No action taken. C:\Qoobox\Quarantine\C\2008.exe.vir (Trojan.Sisron) -> No action taken. C:\Qoobox\Quarantine\C\lsass.exe.vir (Trojan.Puvbed) -> No action taken. C:\Qoobox\Quarantine\C\Documents and Settings\DOMOWY\Dane aplikacji\39AA00BBCDF4F5F63BF1E4BA4DEE43BC\setupupdater0002.exe.vir (VirTool.Obfuscator) -> No action taken. C:\Qoobox\Quarantine\C\Documents and Settings\DOMOWY\Menu Start\Programy\Autostart\wwwqxk32.exe.vir (Trojan.Dropper) -> No action taken. C:\Qoobox\Quarantine\C\DOCUME~1\DOMOWY\USTAWI~1\Temp\0.exe.vir (Trojan.Ransom) -> No action taken. C:\Qoobox\Quarantine\C\DOCUME~1\DOMOWY\USTAWI~1\Temp\4_pinnew.exe.vir (Trojan.Zbot) -> No action taken. C:\Qoobox\Quarantine\C\DOCUME~1\DOMOWY\USTAWI~1\Temp\avto.exe.vir (Trojan.Ransom) -> No action taken. C:\Qoobox\Quarantine\C\DOCUME~1\DOMOWY\USTAWI~1\Temp\q1.exe.vir (Trojan.Krap) -> No action taken. C:\Qoobox\Quarantine\C\DOCUME~1\DOMOWY\USTAWI~1\Temp\teste1_p.exe.vir (Trojan.XBlocker) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\cndrive32.exe.vir (Trojan.Dropper) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\ctfmon.exe.vir (Trojan.Dropper) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\lsass.exe.vir (Trojan.XBlocker) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\servicelayer.exe.vir (Trojan.Dropper) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\svc2.exe.vir (Trojan.Sisron) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\svc3.exe.vir (Trojan.Sisproc.Gen) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\svw.exe.vir (Trojan.Clicker) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\svx.exe.vir (Trojan.Clicker) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\tmp0781393.log.vir (Trojan.Agent) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\tmp3047514.log.vir (Trojan.Agent) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\tmp4094166.log.vir (Trojan.Agent) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\tmp5659986.log.vir (Trojan.Agent) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\tmp7070070.log.vir (Trojan.Agent) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\tmp7637918.log.vir (Trojan.XBlocker) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\tmp7754353.log.vir (Trojan.XBlocker) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\tmp8290846.log.vir (Trojan.Agent) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\tmp8616832.log.vir (Trojan.Agent) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\tmp9728289.log.vir (Trojan.XBlocker) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\system\dwm.exe.vir (Backdoor.Votwup) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\system32\ipcmd.dll.vir (Trojan.Dropper) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\system32\sysdiag.dll.vir (Malware.Packer.Gen) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\system32\winntcmd_2_0.dll.vir (Trojan.Dropper) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\aec.sys.vir (Rootkit.Agent) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\imhd7a2.sys.vir (Rootkit.Kryptik) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\kbxrr.sys.vir (Rootkit.Agent) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\kkf5adc.sys.vir (Rootkit.Kryptik) -> No action taken. C:\Qoobox\Quarantine\C\WINDOWS\system32\wbem\grpconv.exe.vir (Trojan.Dropper) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0033367.exe (Worm.KoobFace) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0033368.dll (Trojan.Agent) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0033377.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0033378.exe (Trojan.Agent) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0034371.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0034373.exe (Trojan.Agent) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0034375.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0034378.sys (Rootkit.Agent) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0034396.sys (Rootkit.Kryptik) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0035371.exe (Trojan.Puvbed) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0036371.exe (Trojan.Puvbed) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0036372.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0036373.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0036374.exe (Trojan.Agent) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0037371.exe (Trojan.Puvbed) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0037373.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0037374.exe (Trojan.Agent) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0037376.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039453.exe (Worm.Palevo) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039491.exe (Trojan.Dropper) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0038371.exe (Trojan.Puvbed) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0038372.exe (Trojan.Agent) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039371.exe (Trojan.Puvbed) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039372.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039373.exe (Trojan.Agent) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039375.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039386.exe (Trojan.Puvbed) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039389.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039390.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039391.exe (Trojan.Agent) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039448.exe (Email.Flooder) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039449.exe (Worm.Palevo) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039450.exe (Worm.Palevo) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039451.exe (Worm.Palevo) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039452.exe (Worm.Palevo) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039455.exe (Trojan.Agent) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039481.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039485.exe (VirTool.Obfuscator) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039487.exe (Trojan.Dropper) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039488.exe (Trojan.Puvbed) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039490.exe (Trojan.Dropper) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039492.exe (Trojan.XBlocker) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039493.exe (Trojan.Dropper) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039494.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039495.exe (Trojan.Sisproc.Gen) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039496.exe (Trojan.Clicker) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039497.exe (Trojan.Clicker) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039498.exe (Backdoor.Votwup) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039501.sys (Rootkit.Kryptik) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039503.sys (Rootkit.Kryptik) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039505.dll (Trojan.Dropper) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039511.dll (Malware.Packer.Gen) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039512.exe (Trojan.Dropper) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0039513.dll (Trojan.Dropper) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0040527.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0040528.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0041527.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0042625.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0043727.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0043848.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0043853.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0043854.sys (Rootkit.Agent) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0044898.exe (Trojan.Sisron) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0044917.exe (Trojan.Sisproc.Gen) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0044928.exe (Trojan.Sisproc.Gen) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0044937.exe (Trojan.Sisproc.Gen) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0044948.exe (Trojan.Sisproc.Gen) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0043837.sys (Rootkit.Agent) -> No action taken. C:\System Volume Information\_restore{91D1CDD0-D074-4DFD-9485-54D76C9E163D}\RP72\A0046056.exe (Trojan.Sisproc.Gen) -> No action taken. C:\_OTL\MovedFiles\08242010_102205\C_WINDOWS\svc2.exe (Trojan.Sisron) -> No action taken.