Documente Academic
Documente Profesional
Documente Cultură
www.malwarebytes.org
Version: 2.2.0.1024
Malware Database: v2016.01.09.05
Rootkit Database: v2016.01.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 22
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\
{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, ,
[5841a493fe9b4fe7e57191947a8822de],
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{47A1DF02BCE4-40C3-AE47-E3EA09A65E4A}, , [5841a493fe9b4fe7e57191947a8822de],
PUP.Optional.OpenCandy,
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3AE47-E3EA09A65E4A}, , [5841a493fe9b4fe7e57191947a8822de],
PUP.Optional.OpenCandy,
HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{47A1DF02-BCE4-40C3AE47-E3EA09A65E4A}, , [5841a493fe9b4fe7e57191947a8822de],
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\
{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, ,
[5841a493fe9b4fe7e57191947a8822de],
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\
{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, ,
[5841a493fe9b4fe7e57191947a8822de],
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\TYPELIB\{1112F282-70994624-A439-DB29D6551552}, , [5841a493fe9b4fe7e57191947a8822de],
PUP.Optional.MultiPlug, HKU\S-1-5-21-3157892369-3652318745-17197047972715_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, ,
[87124fe80a8f1f171a8eea0035cecd33],
PUP.Optional.MultiPlug, HKU\S-1-5-21-3157892369-3652318745-17197047972715_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, ,
[87124fe80a8f1f171a8eea0035cecd33],
Registry Values: 2
Trojan.Downloader.UP, HKU\S-1-5-21-3157892369-3652318745-17197047971926\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|urlspace,
C:\Users\shitesh.sachan\Desktop\IeQue\SEO\Jingling\jingling.exe -h, ,
[acedc275fc9dd264acc7038506fda25e]
Trojan.Downloader.UP, HKU\S-1-5-21-3157892369-3652318745-17197047972715\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|urlspace,
C:\Users\shitesh.sachan\Desktop\IeQue\SEO\Jingling\jingling.exe -h, ,
[8019b97eddbc7bbbdf94ec9c847fda26]
Registry Data: 0
(No malicious items detected)
Folders: 2
PUP.Optional.OpenCandy,
C:\Users\ajay.shrivastava\AppData\Roaming\OpenCandy, ,
[f0a962d5f6a3be780c4d3754d52dbd43],
PUP.Optional.OpenCandy,
C:\Users\ajay.shrivastava\AppData\Roaming\OpenCandy\OpenCandy_C52629B81
4EB4DF591F10AE926D26CF2, , [f0a962d5f6a3be780c4d3754d52dbd43],
Files: 19
Trojan.Agent.Spy,
C:\Users\ajay.shrivastava\AppData\Roaming\RPEng\ABCDE1351E254D258DEB55
44107D593D\WWE_1.52.5.3.exe, , [1485ba7d2574fe38baa0fd9706fe3dc3],
PUP.Optional.ChinAd, C:\Program Files (x86)\Application
Assistance\AppHelper.exe, , [3b5e7cbbd9c0191db88f45c1649c867a],
Trojan.PasswordStealer,
C:\Users\ajay.shrivastava\AppData\Local\Temp\WebBrowserPassView3.exe, ,
[0396d067673216205ce62fe29e66fd03],
Trojan.PasswordStealer,
C:\Users\ajay.shrivastava\AppData\Local\Temp\WebBrowserPassView4.exe, ,
[4752a98e1683bc7a261c0d045da75ba5],
Trojan.Agent.AutoIt, C:\Users\ajay.shrivastava\AppData\Local\Temp\svchost.CoM, ,
[8a0ffa3d7623fe38e44c8794976d23dd],
PUP.Optional.OpenCandy,
C:\Users\ajay.shrivastava\AppData\Roaming\OpenCandy\OpenCandy_C52629B81
4EB4DF591F10AE926D26CF2\dyesubd1_p3v0.exe, ,
[f0a962d5f6a3be780c4d3754d52dbd43],
Physical Sectors: 0
(No malicious items detected)
(end)