Malwarebytes
www.malwarebytes.com

-Szczegóły raportu-
Data skanowania: 03.01.2017
Czas skanowania: 17:44
Raport: malwarebytes.txt
Administrator: Tak

-Informacje o oprogramowaniu-
Wersja: 3.0.5.1299
Wersja komponentów: 1.0.43
Aktualna wersja pakietu: 1.0.914
Licencja: Wersja próbna

-Informacje o systemie-
System operacyjny: Windows 7 Service Pack 1
Procesor: x64
System plików: NTFS
Użytkownik: Dellik\Ola

-Wyniki skanowania-
Typ skanowania: Pełne skanowanie
Wynik: Ukończono
Obiekty przeskanowane: 412726
Czas, który upłynął: 8 min, 33 s

-Opcje skanowania-
Pamięć: Włączony
Autostart: Włączony
System plików: Włączony
Archiwa: Włączony
Rootkity: Wyłączony
Heurystyka: Włączony
PUP: Włączony
PUM: Włączony

-Szczegóły skanowania-
Proces: 1
RiskWare.Tool.CK, C:\WINDOWS\KMSERVICE.EXE, Dodano do kwarantanny, [340], [133383],1.0.914

Moduł: 1
RiskWare.Tool.CK, C:\WINDOWS\KMSERVICE.EXE, Dodano do kwarantanny, [340], [133383],1.0.914

Klucz rejestru: 12
PUP.Optional.BrowseFox, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{cc30460f-753f-44d9-b58c-13dae1321968}w64, Dodano do kwarantanny, [2074], [299543],1.0.914
PUP.Optional.BrowseFox, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wStLibG64, Dodano do kwarantanny, [2074], [299543],1.0.914
PUP.Optional.Babylon, HKU\S-1-5-21-1190775597-3038459951-4028443085-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}, Dodano do kwarantanny, [2107], [167673],1.0.914
PUP.Optional.Babylon, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Dodano do kwarantanny, [2107], [167673],1.0.914
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\debmkdhphjfcbaomiknnceliiclnpmfg, Dodano do kwarantanny, [70], [246730],1.0.914
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\DataMngr, Dodano do kwarantanny, [10834], [253614],1.0.914
PUP.Optional.JumpFlip, HKLM\SOFTWARE\WOW6432NODE\Jump Flip, Dodano do kwarantanny, [10846], [239693],1.0.914
PUP.Optional.InstallCore, HKU\S-1-5-21-1190775597-3038459951-4028443085-1000\SOFTWARE\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I, Dodano do kwarantanny, [8], [352832],1.0.914
PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-1190775597-3038459951-4028443085-1000\SOFTWARE\DataMngr, Dodano do kwarantanny, [10834], [253612],1.0.914
PUP.Optional.InstallCore, HKU\S-1-5-21-1190775597-3038459951-4028443085-1000\SOFTWARE\InstallCore, Dodano do kwarantanny, [8], [239563],1.0.914
PUP.Optional.BProtector, HKU\S-1-5-21-1190775597-3038459951-4028443085-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, Dodano do kwarantanny, [5951], [235981],1.0.914
PUP.Optional.JumpFlip, HKU\S-1-5-21-1190775597-3038459951-4028443085-1000\SOFTWARE\Jump Flip, Dodano do kwarantanny, [10846], [239692],1.0.914

Wartość rejestru: 7
PUP.Optional.Babylon, HKU\S-1-5-21-1190775597-3038459951-4028443085-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, Dodano do kwarantanny, [2107], [235650],1.0.914
PUP.Optional.Babylon, HKU\S-1-5-21-1190775597-3038459951-4028443085-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|FAVICONURL, Dodano do kwarantanny, [2107], [235650],1.0.914
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\debmkdhphjfcbaomiknnceliiclnpmfg|PATH, Dodano do kwarantanny, [70], [246730],1.0.914
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Dodano do kwarantanny, [10834], [-1],0.0.0
PUP.Optional.WstLib, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wStLibG64|IMAGEPATH, Dodano do kwarantanny, [8621], [245123],1.0.914
PUP.Optional.Babylon, HKU\S-1-5-21-1190775597-3038459951-4028443085-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Zastąpiono, [2107], [293037],1.0.914
PUP.Optional.BProtector, HKU\S-1-5-21-1190775597-3038459951-4028443085-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|BPROTECTORDEFAULTSCOPE, Dodano do kwarantanny, [5951], [251613],1.0.914

Strumień danych: 0
(Nie wykryto zagrożeń)

Folder: 18
PUP.Optional.NextLive, C:\Users\Ola\AppData\Roaming\newnext.me\cache, Dodano do kwarantanny, [8496], [178681],1.0.914
PUP.Optional.NextLive, C:\USERS\OLA\APPDATA\ROAMING\newnext.me, Dodano do kwarantanny, [8496], [178681],1.0.914
PUP.Optional.JumpFlip, C:\Program Files (x86)\Jump Flip\bin\plugins, Dodano do kwarantanny, [10846], [177879],1.0.914
PUP.Optional.JumpFlip, C:\Program Files (x86)\Jump Flip\bin\TEMP, Dodano do kwarantanny, [10846], [177879],1.0.914
PUP.Optional.JumpFlip, C:\Program Files (x86)\Jump Flip\bin, Dodano do kwarantanny, [10846], [177879],1.0.914
PUP.Optional.JumpFlip, C:\PROGRAM FILES (X86)\Jump Flip, Dodano do kwarantanny, [10846], [177879],1.0.914
Adware.MoboGenie, C:\PROGRAM FILES (X86)\Mobogenie, Dodano do kwarantanny, [1264], [350428],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\Download\Picture, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\Download\Music, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\Download\Video, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\Download\Apk, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\Download, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\backup, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\device, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\Data, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\USERS\OLA\APPDATA\LOCAL\Mobogenie, Brak akcji, [1109], [322690],1.0.914
PUP.Optional.Babylon, C:\Users\Ola\AppData\LocalLow\BabylonToolbar\BabylonToolbar, Dodano do kwarantanny, [2107], [175554],1.0.914
PUP.Optional.Babylon, C:\USERS\OLA\APPDATA\LOCALLOW\BABYLONTOOLBAR, Dodano do kwarantanny, [2107], [175554],1.0.914

Plik: 27
RiskWare.Tool.CK, C:\WINDOWS\KMSERVICE.EXE, Dodano do kwarantanny, [340], [133383],1.0.914
PUP.Optional.BrowseFox, C:\WINDOWS\SYSTEM32\DRIVERS\{CC30460F-753F-44D9-B58C-13DAE1321968}W64.SYS, Dodano do kwarantanny, [2074], [299543],1.0.914
PUP.Optional.BrowseFox, C:\WINDOWS\SYSTEM32\DRIVERS\WSTLIBG64.SYS, Dodano do kwarantanny, [2074], [299543],1.0.914
PUP.Optional.NextLive, C:\Users\Ola\AppData\Roaming\newnext.me\cache\spark.bin, Dodano do kwarantanny, [8496], [178681],1.0.914
PUP.Optional.NextLive, C:\Users\Ola\AppData\Roaming\newnext.me\nengine.cookie, Dodano do kwarantanny, [8496], [178681],1.0.914
PUP.Optional.JumpFlip, C:\Program Files (x86)\Jump Flip\bin\7za.exe, Dodano do kwarantanny, [10846], [177879],1.0.914
PUP.Optional.JumpFlip, C:\Program Files (x86)\Jump Flip\bin\BrowserAdapter.7z, Dodano do kwarantanny, [10846], [177879],1.0.914
PUP.Optional.JumpFlip, C:\Program Files (x86)\Jump Flip\bin\BrowserAdapterS.7z, Dodano do kwarantanny, [10846], [177879],1.0.914
PUP.Optional.JumpFlip, C:\Program Files (x86)\Jump Flip\bin\JumpFlip.BrowserFilter.Helper.dll, Dodano do kwarantanny, [10846], [177879],1.0.914
PUP.Optional.JumpFlip, C:\Program Files (x86)\Jump Flip\bin\JumpFlip.BrowserFilter.Helper.dll.old.064e9941-ca70-4eb9-90f0-e3bda82f8010, Dodano do kwarantanny, [10846], [177879],1.0.914
PUP.Optional.JumpFlip, C:\Program Files (x86)\Jump Flip\bin\JumpFlip.PurBrowse.zip, Dodano do kwarantanny, [10846], [177879],1.0.914
PUP.Optional.JumpFlip, C:\Program Files (x86)\Jump Flip\bin\sqlite3.dll, Dodano do kwarantanny, [10846], [177879],1.0.914
PUP.Optional.JumpFlip, C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.InstallState, Dodano do kwarantanny, [10846], [177879],1.0.914
PUP.Optional.JumpFlip, C:\Program Files (x86)\Jump Flip\JumpFlip.ico, Dodano do kwarantanny, [10846], [177879],1.0.914
PUP.Optional.JumpFlip, C:\Program Files (x86)\Jump Flip\sqlite3.exe, Dodano do kwarantanny, [10846], [177879],1.0.914
PUP.Optional.JumpFlip, C:\Program Files (x86)\Jump Flip\updateJumpFlip.InstallState, Dodano do kwarantanny, [10846], [177879],1.0.914
Adware.MoboGenie, C:\Program Files (x86)\Mobogenie\ok.htm, Dodano do kwarantanny, [1264], [350428],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\Data\mobogenie_u_user_dl.mg, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\driver\Unzip_Files\dell_0aa3829a0_64\dell_0aa3829a0_64\amd64\NOTICE, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\driver\Unzip_Files\dell_0aa3829a0_64\dell_0aa3829a0_64\androidwinusba64.cat, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\driver\Unzip_Files\dell_0aa3829a0_64\dell_0aa3829a0_64\android_winusb.inf, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\driver\Unzip_Files\dell_0aa3829a0_64\dell_0aa3829a0_64\mobo.genie, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\driver\dell_0aa3829a0_64.zip, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\client.time, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\driverresult.log, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\mobo.uuid, Dodano do kwarantanny, [1109], [322690],1.0.914
PUP.Optional.MoboGenie, C:\Users\Ola\AppData\Local\Mobogenie\Source.mu, Dodano do kwarantanny, [1109], [322690],1.0.914

Sektor fizyczny: 0
(Nie wykryto zagrożeń)


(end)