[ BBS @ 10.07.2011. 20:25 ] @
U pitanju je Windows XP SP2 laptop i zadnja verzija Malwarebytes Anti-Malware Posle skeeniranja izbacuje sledeći info: Code: Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Verzija baze: 7064 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 10.07.11 21:18:25 mbam-log-2011-07-10 (21-18-21).txt Način skeniranja: Brzo skeniranje Skeniranih objekata 139452 Proteklo vreme 8 minuta(e), 45 sekundi Inficirani procesi u memoriji: 0 Inficirani moduli u memoriji: 0 Inficirani ključevi u registru: 3 Inficirane vrednosti u registru: 2 Inficirani podaci u registru: 4 Inficirane fascikle: 5 Inficirane datoteke: 0 Inficirani procesi u memoriji: (Maliciozne stavke nisu pronađene) Inficirani moduli u memoriji: (Maliciozne stavke nisu pronađene) Inficirani ključevi u registru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DRM\amty (Worm.Autorun) -> No action taken. Inficirane vrednosti u registru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\csrcs (Trojan.Agent) -> Value: csrcs -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\csrcs (Trojan.Agent) -> Value: csrcs -> No action taken. Inficirani podaci u registru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe csrcs.exe) Good: (Explorer.exe) -> No action taken. Inficirane fascikle: c:\program files\funwebproducts (Adware.MyWebSearch) -> No action taken. c:\program files\funwebproducts\Installr (Adware.MyWebSearch) -> No action taken. c:\program files\funwebproducts\Installr\1.bin (Adware.MyWebSearch) -> No action taken. c:\program files\funwebproducts\Installr\2.bin (Adware.MyWebSearch) -> No action taken. c:\program files\funwebproducts\Installr\3.bin (Adware.MyWebSearch) -> No action taken. Inficirane datoteke: (Maliciozne stavke nisu pronađene) Šta se od ovog može bezbedno obrisati tj. staviti u karantin? Ovo pitam jer je ovaj program ranije znao da obori sistem jer je prijavljivao za brisanje i legitimne procese |