cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/12/20
Scan Time: 6:52 PM
Log File: 372dbc18-648a-11ea-9a45-001e33904a32.json

-Software Information-
Version: 4.1.0.56
Components Version: 1.0.835
Update Package Version: 1.0.20602
License: Free

-System Information-
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: LonLy-PC\LonLy

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 203443
Threats Detected: 55
Threats Quarantined: 0
Time Elapsed: 13 min, 15 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 4
Trojan.PasswordStealer, C:\PROGRAM FILES\WIN\MSN.EXE, No Action By User, 3588, 562787, , , ,
Trojan.CrthRazy, C:\Program Files\MachinerData\Atomic_SMS.exe, No Action By User, 3169, 676766, , , ,
Trojan.PasswordStealer, C:\PROGRAM FILES\WIN\MSN.EXE, No Action By User, 3588, 562787, , , ,
Spyware.LokiBot, C:\USERS\LONLY\APPDATA\LOCAL\TEMP\YVOIMELZSE.EXE, No Action By User, 4195, 799250, , , ,

Module: 4
Trojan.PasswordStealer, C:\PROGRAM FILES\WIN\MSN.EXE, No Action By User, 3588, 562787, , , ,
Trojan.CrthRazy, C:\Program Files\MachinerData\Atomic_SMS.exe, No Action By User, 3169, 676766, , , ,
Trojan.PasswordStealer, C:\PROGRAM FILES\WIN\MSN.EXE, No Action By User, 3588, 562787, , , ,
Spyware.LokiBot, C:\USERS\LONLY\APPDATA\LOCAL\TEMP\YVOIMELZSE.EXE, No Action By User, 4195, 799250, , , ,

Registry Key: 6
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, No Action By User, 6946, 252393, 1.0.20602, , ame,
PUP.Optional.GarbageCleaner, HKU\S-1-5-21-1931728027-1606494664-529009739-1000\SOFTWARE\GCleaner, No Action By User, 1202, 676886, 1.0.20602, , ame,
Trojan.CrthRazy, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Main Service, No Action By User, 3169, 676766, , , ,
Adware.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{EF758C50-5FA2-4B0A-86D3-8B65B176BC53}, No Action By User, 423, 785573, 1.0.20602, , ame,
Trojan.CrthRazy, HKLM\SOFTWARE\Machiner, No Action By User, 3169, 676882, 1.0.20602, , ame,
Trojan.CrthRazy.Generic, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ngpampappnmepgilojfohadhhmbhlaek, No Action By User, 14991, 676732, , , ,

Registry Value: 5
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, No Action By User, 6946, 252393, 1.0.20602, , ame,
Trojan.PasswordStealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|apo5, No Action By User, 3588, 562787, , , ,
Trojan.CrthRazy, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MAIN SERVICE|IMAGEPATH, No Action By User, 3169, 708187, 1.0.20602, , ame,
Trojan.CrthRazy.Generic, HKU\S-1-5-21-1931728027-1606494664-529009739-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|ngpampappnmepgilojfohadhhmbhlaek, No Action By User, 14991, 676732, , , ,
Trojan.PasswordStealer, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|apo5, No Action By User, 3588, 562787, , , ,

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 5
Trojan.CrthRazy, C:\PROGRAM FILES\MACHINERDATA, No Action By User, 3169, 676766, 1.0.20602, , ame,
PUP.Optional.GarbageCleaner, C:\PROGRAMDATA\GARBAGE CLEANER, No Action By User, 1202, 676884, 1.0.20602, , ame,
Trojan.CrthRazy.Generic, C:\USERS\LONLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\ngpampappnmepgilojfohadhhmbhlaek, No Action By User, 14991, 676732, , , ,
Trojan.CrthRazy.Generic, C:\USERS\LONLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NGPAMPAPPNMEPGILOJFOHADHHMBHLAEK, No Action By User, 14991, 676732, 1.0.20602, , ame,
Trojan.CrthRazy.E.Generic, C:\USERS\LONLY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\68WSFCCJ.DEFAULT-RELEASE\EXTENSIONS\{14553439-2741-4E9D-B474-784F336F58C9}, No Action By User, 14970, 689343, 1.0.20602, , ame,

File: 31
Trojan.PasswordStealer, C:\PROGRAM FILES\WIN\MSN.EXE, No Action By User, 3588, 562787, 1.0.20602, 7CF007B2B9E0D4920E470444, dds, 00628770
PUP.Optional.GarbageCleaner, C:\USERS\LONLY\DESKTOP\GARBAGE CLEANER.LNK, No Action By User, 1202, 676885, 1.0.20602, , ame,
Trojan.CrthRazy, C:\Program Files\MachinerData\Atomic_SMS.exe, No Action By User, 3169, 676766, , , ,
Trojan.CrthRazy, C:\Program Files\MachinerData\main.exe, No Action By User, 3169, 676766, , , ,
PUP.Optional.GarbageCleaner, C:\ProgramData\Garbage Cleaner\Bunifu_UI_v1.5.3.dll, No Action By User, 1202, 676884, , , ,
PUP.Optional.GarbageCleaner, C:\ProgramData\Garbage Cleaner\Garbage Cleaner.exe, No Action By User, 1202, 676884, , , ,
Trojan.CrthRazy.Generic, C:\USERS\LONLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, 14991, 676732, , , ,
Trojan.CrthRazy.Generic, C:\USERS\LONLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, No Action By User, 14991, 676732, , , ,
Trojan.CrthRazy.Generic, C:\Users\LonLy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngpampappnmepgilojfohadhhmbhlaek\000003.log, No Action By User, 14991, 676732, , , ,
Trojan.CrthRazy.Generic, C:\Users\LonLy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngpampappnmepgilojfohadhhmbhlaek\CURRENT, No Action By User, 14991, 676732, , , ,
Trojan.CrthRazy.Generic, C:\Users\LonLy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngpampappnmepgilojfohadhhmbhlaek\LOCK, No Action By User, 14991, 676732, , , ,
Trojan.CrthRazy.Generic, C:\Users\LonLy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngpampappnmepgilojfohadhhmbhlaek\LOG, No Action By User, 14991, 676732, , , ,
Trojan.CrthRazy.Generic, C:\Users\LonLy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngpampappnmepgilojfohadhhmbhlaek\LOG.old, No Action By User, 14991, 676732, , , ,
Trojan.CrthRazy.Generic, C:\Users\LonLy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngpampappnmepgilojfohadhhmbhlaek\MANIFEST-000001, No Action By User, 14991, 676732, , , ,
Trojan.CrthRazy.Generic, C:\USERS\LONLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NGPAMPAPPNMEPGILOJFOHADHHMBHLAEK\6.36.5_0\F1426WQXF8.JS, No Action By User, 14991, 676732, 1.0.20602, , ame,
Trojan.CrthRazy.E.Generic, C:\USERS\LONLY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\68WSFCCJ.DEFAULT-RELEASE\EXTENSIONS\{14553439-2741-4E9D-B474-784F336F58C9}\8JJYAPAX3J.JS, No Action By User, 14970, 689343, 1.0.20602, , ame,
Trojan.CrthRazy.E.Generic, C:\Users\LonLy\AppData\Roaming\Mozilla\Firefox\Profiles\68wsfccj.default-release\extensions\{14553439-2741-4e9d-b474-784f336f58c9}\5CH55EZZYI.js, No Action By User, 14970, 689343, , , ,
Trojan.CrthRazy.E.Generic, C:\Users\LonLy\AppData\Roaming\Mozilla\Firefox\Profiles\68wsfccj.default-release\extensions\{14553439-2741-4e9d-b474-784f336f58c9}\6VUDXYVT5L.js, No Action By User, 14970, 689343, , , ,
Trojan.CrthRazy.E.Generic, C:\Users\LonLy\AppData\Roaming\Mozilla\Firefox\Profiles\68wsfccj.default-release\extensions\{14553439-2741-4e9d-b474-784f336f58c9}\DA6CCWER4K.js, No Action By User, 14970, 689343, , , ,
Trojan.CrthRazy.E.Generic, C:\Users\LonLy\AppData\Roaming\Mozilla\Firefox\Profiles\68wsfccj.default-release\extensions\{14553439-2741-4e9d-b474-784f336f58c9}\F5HJULNPAD.js, No Action By User, 14970, 689343, , , ,
Trojan.CrthRazy.E.Generic, C:\Users\LonLy\AppData\Roaming\Mozilla\Firefox\Profiles\68wsfccj.default-release\extensions\{14553439-2741-4e9d-b474-784f336f58c9}\manifest.json, No Action By User, 14970, 689343, , , ,
Trojan.CrthRazy.E.Generic, C:\Users\LonLy\AppData\Roaming\Mozilla\Firefox\Profiles\68wsfccj.default-release\extensions\{14553439-2741-4e9d-b474-784f336f58c9}\P3RG59647S.js, No Action By User, 14970, 689343, , , ,
Trojan.CrthRazy.E.Generic, C:\Users\LonLy\AppData\Roaming\Mozilla\Firefox\Profiles\68wsfccj.default-release\extensions\{14553439-2741-4e9d-b474-784f336f58c9}\SEZCGYWOV0.js, No Action By User, 14970, 689343, , , ,
Trojan.PasswordStealer, C:\PROGRAM FILES\WIN\MSN.EXE, No Action By User, 3588, 562787, 1.0.20602, 7CF007B2B9E0D4920E470444, dds, 00628770
Spyware.LokiBot, C:\USERS\LONLY\APPDATA\LOCAL\TEMP\YVOIMELZSE.EXE, No Action By User, 4195, 799250, 1.0.20602, , ame,
Worm.AutoRun.Generic, C:\USERS\LONLY\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\L.LNK, No Action By User, 3935, 752501, 1.0.20602, , ame,
Adware.Agent, C:\PROGRAM FILES\USB DISK SECURITY\LINKZB.EXE, No Action By User, 90, 597820, 1.0.20602, , ame,
Spyware.LokiBot, C:\USERS\LONLY\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\CVPU0OH9SGXW7D9O.EXE, No Action By User, 4195, 799250, 1.0.20602, B67BB082D4BDB067A826AADD, dds, 00628770
Trojan.MalPack.GS, C:\USERS\LONLY\APPDATA\LOCAL\TEMP\4925359422.EXE, No Action By User, 8186, 799240, 1.0.20602, 2D736658C2DC3814F7E35432, dds, 00628770
Adware.DownloadAssistant, C:\USERS\LONLY\APPDATA\LOCAL\TEMP\WJE6DYUQF\NR1L7RJNO9DKQKYWGA.EXE, No Action By User, 7517, 778876, 1.0.20602, , ame,
Adware.DownloadAssistant, C:\USERS\LONLY\DESKTOP\CCLEANER PRO 5.63_632350030.EXE, No Action By User, 7517, 798293, 1.0.20602, , ame,

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Publicité


Signaler le contenu de ce document

Publicité