Malwarebytes Anti-Malware www.malwarebytes.org Data skanowania: 2015-10-07 Czas skanowania: 08:41 Raport: antimalware.txt Administrator: Tak Wersja: 2.1.8.1057 Baza szkodliwego oprogramowania: v2015.10.07.01 Baza danych rootkitów: v2015.10.06.01 Licencja: Darmowa Ochrona przed złośliwym oprogramowaniem: Wyłączony Ochrona przed szkodliwymi stronami: Wyłączony Samoobrona: Wyłączony System operacyjny: Windows 7 Service Pack 1 Procesor: x86 System plików: NTFS Użytkownik: Kamil Typ skanowania: Dokładne skanowanie Wynik: Zakończono Obiekty przeskanowane: 386101 Czas, który upłynął: 16 min, 27 s Pamięć: Włączony Autostart: Włączony System plików: Włączony Archiwa: Włączony Rootkity: Włączony Heurystyka: Włączony PUP: Włączony PUM: Włączony Procesy: 0 (Nie wykryto zagrożeń) Moduły: 0 (Nie wykryto zagrożeń) Klucze rejestru: 7 Trojan.Agent.PAK, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DW20.EXE, , [ac71eb694645aa8c000a369e24dd0ff1], PUP.Optional.SProtector, HKLM\SOFTWARE\SProtector, , [e835064ec6c5cf67620392037b8934cc], PUP.Optional.Babylon, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dhkplhfnhceodhffomolpfigojocbpcb, , [fa2343113f4c6fc7c6f092060df7e41c], PUP.Optional.Tuto4PC, HKLM\SOFTWARE\TUTORIALS, , [d8458dc7fe8dd56154359f357e86629e], PUP.Optional.InstallCore, HKU\S-1-5-21-1100579147-315741855-2830510848-1000\SOFTWARE\InstallCore, , [a27b4f05fe8d6bcb24a5981b2bd9ac54], PUP.Optional.Tuto4PC, HKU\S-1-5-21-1100579147-315741855-2830510848-1000\SOFTWARE\TutoTag, , [1b029bb9f99279bd4045706451b3cd33], PUP.Optional.SProtector, HKU\S-1-5-21-1100579147-315741855-2830510848-1000\SOFTWARE\APPDATALOW\SProtector, , [c45999bb256675c127b714ba73919070], Wartości rejestru: 2 PUP.Optional.FirstSeenToday, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_pl_110, , [2bf24f05a4e7979f3f79961525df24dc], PUP.Optional.Tuto4PC, HKLM\SOFTWARE\TUTORIALS|HostGUID, C81F7507-D3AA-4E73-B654-74B3491C0E84, , [d8458dc7fe8dd56154359f357e86629e] Dane rejestru: 0 (Nie wykryto zagrożeń) Foldery: 19 PUP.Optional.NextLive, C:\Users\Kamil\AppData\Roaming\newnext.me, , [e13cb4a06724b77f0bbdf63a5aa98a76], PUP.Optional.NextLive, C:\Users\Kamil\AppData\Roaming\newnext.me\cache, , [e13cb4a06724b77f0bbdf63a5aa98a76], PUP.Optional.OptimizerPro, C:\Users\Kamil\AppData\Roaming\Optimizer Pro, , [819cf262cbc047ef82ebea474cb7ba46], PUP.Optional.OptimizerPro, C:\Users\Kamil\AppData\Roaming\Optimizer Pro\Backup, , [819cf262cbc047ef82ebea474cb7ba46], PUP.Optional.OptimizerPro, C:\Users\Kamil\AppData\Roaming\Optimizer Pro\Log, , [819cf262cbc047ef82ebea474cb7ba46], PUP.Optional.OptimizerPro, C:\Users\Kamil\AppData\Roaming\Optimizer Pro\Undo, , [819cf262cbc047ef82ebea474cb7ba46], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\css, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\scripts, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\by, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\de, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\en, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\fr, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\ru, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\uk, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_metadata, , [8d90aaaa4b40d2646c2163d4bc476f91], Pliki: 40 Trojan.Agent.PAK, C:\Users\Kamil\AppData\Roaming\Thinstall\MOEW2007\1000000800002i\svchost.exe, , [c85578dc9dee5bdb86847e56aa575ca4], Trojan.Agent.PAK, C:\Users\Kamil\AppData\Roaming\Thinstall\MOEW2007\300000002ca00002i\OffDiag.exe, , [8994bb99a9e2bb7bf218686ce91813ed], Trojan.Agent.PAK, C:\Users\Kamil\AppData\Roaming\Thinstall\MOEW2007\300000005700002i\WINWORD.EXE, , [48d5272d5b3090a652b8736110f14bb5], Trojan.Agent.PAK, C:\Users\Kamil\AppData\Roaming\Thinstall\MOEW2007\30000000d900002i\DW20.EXE, , [ac71eb694645aa8c000a369e24dd0ff1], Trojan.Agent, C:\Users\Kamil\AppData\Roaming\dropped.exe, , [79a4c292dfac6acc50cb4fb0cb3828d8], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eonffnnfmbfnmjpaiigdclmfelolemah_0.localstorage, , [3edf381c08833ef8328ed3f91fe5d030], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eonffnnfmbfnmjpaiigdclmfelolemah_0.localstorage-journal, , [7ca12f2517746dc91ea256767f853ac6], PUP.Optional.NextLive, C:\Users\Kamil\AppData\Roaming\newnext.me\nengine.cookie, , [e13cb4a06724b77f0bbdf63a5aa98a76], PUP.Optional.NextLive, C:\Users\Kamil\AppData\Roaming\newnext.me\cache\spark.bin, , [e13cb4a06724b77f0bbdf63a5aa98a76], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\background.html, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\manifest.json, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\popup.html, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\css\popup.css, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\bg.gif, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\blank.png, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\icon-128.png, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\icon-16.png, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\icon-48.png, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\icon_del.png, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\icon_empty.png, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\icon_full.png, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\rhtitle-bg.gif, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\scrollbar-down-active.gif, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\scrollbar-down.gif, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\scrollbar-handle-active.gif, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\scrollbar-handle.gif, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\scrollbar-up-active.gif, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\scrollbar-up.gif, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\scripts\background.js, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\scripts\popup.js, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\by\messages.json, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\de\messages.json, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\en\messages.json, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\fr\messages.json, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\ru\messages.json, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\uk\messages.json, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_metadata\computed_hashes.json, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.SmartCoupon, C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_metadata\verified_contents.json, , [8d90aaaa4b40d2646c2163d4bc476f91], PUP.Optional.Babylon, C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\4u5vy8tz.default\prefs.js, Dobry: (), Zły: (user_pref("extensions.BabylonToolbar.prtkDS", 0);), ,[839a87cd07844ee836cd1aa8f1147c84] PUP.Optional.Babylon, C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\4u5vy8tz.default\prefs.js, Dobry: (), Zły: (Preferences /* Do not edit this file. * * If), ,[2bf2391b1d6ed1650cf7dfe349bc18e8] Sektory fizyczne: 0 (Nie wykryto zagrożeń) (end)