Malwarebytes' Anti-Malware 1.40 Wersja bazy definicji: 2731 Windows 5.1.2600 Dodatek Service Pack 2 2009-09-02 20:47:33 mbam-log-2009-09-02 (20-47-32).txt Typ skanowania: Pełne skanowanie (C:\|D:\|E:\|G:\|I:\|) Przeskanowane obiekty: 213812 Upłynęło: 32 minute(s), 34 second(s) Zainfekowane procesy w pamięci: 0 Zainfekowane moduły pamięci: 0 Zainfekowane klucze rejestru: 2 Zainfekowane wartości rejestru: 5 Zainfekowane pliki rejestru: 7 Zainfekowane foldery: 1 Zainfekowane pliki: 18 Zainfekowane procesy w pamięci: (Nie wykryto groźnych plików) Zainfekowane moduły pamięci: (Nie wykryto groźnych plików) Zainfekowane klucze rejestru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC_AntiSpyware2010 (Rogue.PC_AntiSpyware2010) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\PC_AntiSpyware2010 (Rogue.PC_AntiSpyware2010) -> Quarantined and deleted successfully. Zainfekowane wartości rejestru: HKEY_CURRENT_USER\Control Panel\don't load\scui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\don't load\wscui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\braviax (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Regedit32 (Trojan.Agent) -> Quarantined and deleted successfully. Zainfekowane pliki rejestru: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Zainfekowane foldery: C:\Documents and Settings\Bobcok\Menu Start\Programy\PC_AntiSpyware2010 (Rogue.PC_AntiSpyware2010) -> Quarantined and deleted successfully. Zainfekowane pliki: C:\System Volume Information\_restore{A77798C0-1EDE-4F71-96D7-E0BF8F334BB7}\RP189\A0065593.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A77798C0-1EDE-4F71-96D7-E0BF8F334BB7}\RP189\A0065594.sys (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A77798C0-1EDE-4F71-96D7-E0BF8F334BB7}\RP189\A0065598.sys (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A77798C0-1EDE-4F71-96D7-E0BF8F334BB7}\RP189\A0065599.sys (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A77798C0-1EDE-4F71-96D7-E0BF8F334BB7}\RP189\A0065614.sys (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A77798C0-1EDE-4F71-96D7-E0BF8F334BB7}\RP189\A0065618.sys (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A77798C0-1EDE-4F71-96D7-E0BF8F334BB7}\RP189\A0065619.sys (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A77798C0-1EDE-4F71-96D7-E0BF8F334BB7}\RP190\A0066698.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A77798C0-1EDE-4F71-96D7-E0BF8F334BB7}\RP190\A0066699.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A77798C0-1EDE-4F71-96D7-E0BF8F334BB7}\RP190\A0067803.sys (Trojan.KillAV) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dllcache\beep.sys (Trojan.KillAV) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\beep.sys (Trojan.KillAV) -> Quarantined and deleted successfully. C:\_OTS\MovedFiles\09022009_200630\C_Program Files\PC_Antispyware2010\htmlayout.dll (Rogue.AntiVirusPro) -> Quarantined and deleted successfully. I:\System Volume Information\_restore{7A643536-3819-4A1F-BF35-41A897453C4E}\RP6\A0000110.exe (Virus.Virut) -> Quarantined and deleted successfully. C:\Documents and Settings\Bobcok\Menu Start\Programy\PC_AntiSpyware2010\PC_Antispyware2010.lnk (Rogue.PC_AntiSpyware2010) -> Quarantined and deleted successfully. C:\Documents and Settings\Bobcok\Menu Start\Programy\PC_AntiSpyware2010\Uninstall.lnk (Rogue.PC_AntiSpyware2010) -> Quarantined and deleted successfully. C:\Documents and Settings\Bobcok\Dane aplikacji\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\Bobcok\Dane aplikacji\Microsoft\Internet Explorer\Quick Launch\PC_AntiSpyware2010.lnk (Rogue.PC_AntiSpyware2010) -> Quarantined and deleted successfully.