Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Malware Identified On PC

    Încărcat de

    Shitesh Sachan
    42 vizualizări6 pagini
    Malware Identified on PC

    Titlu original

    Malware Identified on PC

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    DOCX, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    Malware Identified on PC

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    42 vizualizări6 pagini

    Malware Identified On PC

    Încărcat de

    Shitesh Sachan
    Malware Identified on PC

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 6

    Malwarebytes Anti-Malware

    www.malwarebytes.org

    Scan Date: 10-01-2016


    Scan Time: 08:31
    Logfile:
    Administrator: Yes

    Version: 2.2.0.1024
    Malware Database: v2016.01.09.05
    Rootkit Database: v2016.01.09.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1


    CPU: x64
    File System: NTFS
    User: ajay.shrivastava

    Scan Type: Threat Scan


    Result: Completed
    Objects Scanned: 723396
    Time Elapsed: 19 min, 8 sec

    Memory: Enabled
    Startup: Enabled

    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 22
    PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\
    {47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, ,
    [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{47A1DF02BCE4-40C3-AE47-E3EA09A65E4A}, , [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy,
    HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3AE47-E3EA09A65E4A}, , [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy,
    HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{47A1DF02-BCE4-40C3AE47-E3EA09A65E4A}, , [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\
    {47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, ,
    [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\
    {B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, ,
    [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\TYPELIB\{1112F282-70994624-A439-DB29D6551552}, , [5841a493fe9b4fe7e57191947a8822de],

    PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{FA7B2795C0C8-4A58-8672-3F8D80CC0270}, , [5841a493fe9b4fe7e57191947a8822de],


    PUP.Optional.OpenCandy,
    HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FA7B2795-C0C8-4A588672-3F8D80CC0270}, , [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy,
    HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FA7B2795-C0C8-4A588672-3F8D80CC0270}, , [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\
    {1112F282-7099-4624-A439-DB29D6551552}, ,
    [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\
    {1112F282-7099-4624-A439-DB29D6551552}, ,
    [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK.1, ,
    [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK, ,
    [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy,
    HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK, ,
    [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy,
    HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK, ,
    [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy,
    HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK.1, ,
    [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy,
    HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK.1, ,
    [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\
    {B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, ,
    [5841a493fe9b4fe7e57191947a8822de],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS
    NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Bidaily Synchronize
    Task[973b], , [aced88af48514aec90078d36778c9070],

    PUP.Optional.MultiPlug, HKU\S-1-5-21-3157892369-3652318745-17197047972715_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, ,
    [87124fe80a8f1f171a8eea0035cecd33],
    PUP.Optional.MultiPlug, HKU\S-1-5-21-3157892369-3652318745-17197047972715_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, ,
    [87124fe80a8f1f171a8eea0035cecd33],

    Registry Values: 2
    Trojan.Downloader.UP, HKU\S-1-5-21-3157892369-3652318745-17197047971926\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|urlspace,
    C:\Users\shitesh.sachan\Desktop\IeQue\SEO\Jingling\jingling.exe -h, ,
    [acedc275fc9dd264acc7038506fda25e]
    Trojan.Downloader.UP, HKU\S-1-5-21-3157892369-3652318745-17197047972715\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|urlspace,
    C:\Users\shitesh.sachan\Desktop\IeQue\SEO\Jingling\jingling.exe -h, ,
    [8019b97eddbc7bbbdf94ec9c847fda26]

    Registry Data: 0
    (No malicious items detected)

    Folders: 2
    PUP.Optional.OpenCandy,
    C:\Users\ajay.shrivastava\AppData\Roaming\OpenCandy, ,
    [f0a962d5f6a3be780c4d3754d52dbd43],
    PUP.Optional.OpenCandy,
    C:\Users\ajay.shrivastava\AppData\Roaming\OpenCandy\OpenCandy_C52629B81
    4EB4DF591F10AE926D26CF2, , [f0a962d5f6a3be780c4d3754d52dbd43],

    Files: 19
    Trojan.Agent.Spy,
    C:\Users\ajay.shrivastava\AppData\Roaming\RPEng\ABCDE1351E254D258DEB55
    44107D593D\WWE_1.52.5.3.exe, , [1485ba7d2574fe38baa0fd9706fe3dc3],
    PUP.Optional.ChinAd, C:\Program Files (x86)\Application
    Assistance\AppHelper.exe, , [3b5e7cbbd9c0191db88f45c1649c867a],

    RiskWare.Tool.CK, C:\Program Files (x86)\Internet Download


    Manager\Tonec.Inc.Internet.Download.Manager.v6.xx.WinALL.Incl.Keygen.and.Pat
    ch.update1-UnREaL.exe, , [80198cab584155e12b9a734226de44bc],
    Spyware.PasswordStealer,
    C:\Users\ajay.shrivastava\AppData\Local\Temp\svchost.exe, ,
    [18816acd019843f38228d46a33cd768a],
    PUP.Optional.PassFox,
    C:\Users\ajay.shrivastava\AppData\Local\Temp\WebBrowserPassView1.exe, ,
    [6c2d0f28524776c036677553b64e6997],
    PUP.Optional.PasswordViewer,
    C:\Users\ajay.shrivastava\AppData\Local\Temp\WebBrowserPassView2.exe, ,
    [fc9d7cbb7f1a2a0c7e220eba51b3fd03],
    PUP.Optional.ChromePasswordTool,
    C:\Users\ajay.shrivastava\AppData\Local\Temp\WebBrowserPassView3.exe, ,
    [0f8a48ef5148af87c8907e4af014fc04],
    PUP.Optional.OperaPasswordTool,
    C:\Users\ajay.shrivastava\AppData\Local\Temp\WebBrowserPassView4.exe, ,
    [14857cbba2f71b1baeebbe0a3cc822de],
    Backdoor.Bot, C:\Users\ajay.shrivastava\AppData\Local\Temp\SQLi Dumper
    v.8.0\SQLi Dumper v.8.0.exe, , [277242f5930690a62e7bfb595ca5ca36],
    PUP.Optional.OpenCandy,
    C:\Users\shitesh.sachan\AppData\Local\Temp\HYDB75E.tmp.1449320324\HTA\ins
    tall.1449320324.zip, , [ddbc03340c8db58173e3f92c28daa45c],
    PUP.Optional.OpenCandy,
    C:\Users\shitesh.sachan\AppData\Local\Temp\HYDB75E.tmp.1449320324\HTA\3rd
    party\OCComSDK.dll, , [5841a493fe9b4fe7e57191947a8822de],
    Backdoor.KeyLogger, C:\Users\shitesh.sachan\Downloads\Havij 1.6 Pro
    Cracked.rar, , [c5d489ae2c6d3afcb34c11afad54f40c],
    PUP.Optional.MultiPlug, C:\Windows\Tasks\Bidaily Synchronize Task[973b].job, ,
    [4b4e50e7a4f5fd3955395b6817ec8080],
    Trojan.PasswordStealer,
    C:\Users\ajay.shrivastava\AppData\Local\Temp\WebBrowserPassView1.exe, ,
    [4356989f37628aacd66c6aa7fd0717e9],
    Trojan.PasswordStealer,
    C:\Users\ajay.shrivastava\AppData\Local\Temp\WebBrowserPassView2.exe, ,
    [8b0e42f54059ae886fd35ab7a460b64a],

    Trojan.PasswordStealer,
    C:\Users\ajay.shrivastava\AppData\Local\Temp\WebBrowserPassView3.exe, ,
    [0396d067673216205ce62fe29e66fd03],
    Trojan.PasswordStealer,
    C:\Users\ajay.shrivastava\AppData\Local\Temp\WebBrowserPassView4.exe, ,
    [4752a98e1683bc7a261c0d045da75ba5],
    Trojan.Agent.AutoIt, C:\Users\ajay.shrivastava\AppData\Local\Temp\svchost.CoM, ,
    [8a0ffa3d7623fe38e44c8794976d23dd],
    PUP.Optional.OpenCandy,
    C:\Users\ajay.shrivastava\AppData\Roaming\OpenCandy\OpenCandy_C52629B81
    4EB4DF591F10AE926D26CF2\dyesubd1_p3v0.exe, ,
    [f0a962d5f6a3be780c4d3754d52dbd43],

    Physical Sectors: 0
    (No malicious items detected)

    (end)

    S-ar putea să vă placă și