Malwarebytes
www.malwarebytes.com

-Szczegóły raportu-
Data skanowania: 28.12.2017
Czas skanowania: 17:14
Plik raportu: 3c3a531c-ebea-11e7-9777-d017c2d57105.json
Administrator: Tak

-Informacje o oprogramowaniu-
Wersja: 3.3.1.2183
Wersja komponentów: 1.0.262
Aktualna wersja pakietu: 1.0.3577
Licencja: Free

-Informacje o systemie-
System operacyjny: Windows 10 (Build 15063.786)
Procesor: x64
System plików: NTFS
Użytkownik: CIAM-PC\CIAM

-Wyniki skanowania-
Typ skanowania: Pełne skanowanie
Wynik: Ukończono
Obiekty przeskanowane: 334981
Wykryte zagrożenia: 86
Zagrożenia poddane kwarantannie: 86
Czas, który upłynął: 5 min, 47 s

-Opcje skanowania-
Pamięć: Włączony
Autostart: Włączony
System plików: Włączony
Archiwa: Włączony
Rootkity: Wyłączony
Heurystyka: Włączony
PUP: Wykrywanie
PUM: Wykrywanie

-Szczegóły skanowania-
Proces: 2
PUP.Optional.MailRu, C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe, Dodano do kwarantanny, [631], [384138],1.0.3577
PUP.Optional.MailRu, C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe, Dodano do kwarantanny, [631], [384138],1.0.3577

Moduł: 2
PUP.Optional.MailRu, C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe, Dodano do kwarantanny, [631], [384138],1.0.3577
PUP.Optional.MailRu, C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe, Dodano do kwarantanny, [631], [384138],1.0.3577

Klucz rejestru: 21
PUP.Optional.MailRu, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MailRuUpdater, Dodano do kwarantanny, [631], [403909],1.0.3577
PUP.Optional.MailRu, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0D042B4E-3D0D-49A8-BADC-AC0B35AD200E}, Dodano do kwarantanny, [631], [403909],1.0.3577
PUP.Optional.MailRu, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{0D042B4E-3D0D-49A8-BADC-AC0B35AD200E}, Dodano do kwarantanny, [631], [403909],1.0.3577
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}, Dodano do kwarantanny, [631], [471429],1.0.3577
PUP.Optional.Amigo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\amigo.exe, Dodano do kwarantanny, [3841], [386186],1.0.3577
PUP.Optional.MailRu, HKU\S-1-5-21-910666309-267904859-3003788689-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}, Dodano do kwarantanny, [631], [382913],1.0.3577
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bhjhnafpiilpffhglajcaepjbnbjemci, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hcadgijmedbfgciegjomfpjcdchlhnif, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Updater.Mail.Ru, Dodano do kwarantanny, [631], [384138],1.0.3577
PUP.Optional.MailRu, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\mrupdsrv, Dodano do kwarantanny, [631], [384138],1.0.3577
PUP.Optional.Downloader.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\IOrbAiID, Dodano do kwarantanny, [14849], [463827],1.0.3577
PUP.Optional.Downloader.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5BC75A2D-AE82-4F59-954C-5E63269DEB8A}, Dodano do kwarantanny, [14849], [463827],1.0.3577
PUP.Optional.Downloader.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{5BC75A2D-AE82-4F59-954C-5E63269DEB8A}, Dodano do kwarantanny, [14849], [463827],1.0.3577
PUP.Optional.Downloader.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IOrbAiID, Dodano do kwarantanny, [14849], [-1],0.0.0
PUP.Optional.Downloader.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BC75A2D-AE82-4F59-954C-5E63269DEB8A}, Dodano do kwarantanny, [14849], [-1],0.0.0
PUP.Optional.Downloader.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5BC75A2D-AE82-4F59-954C-5E63269DEB8A}, Dodano do kwarantanny, [14849], [-1],0.0.0
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO, Dodano do kwarantanny, [10], [351113],1.0.3577
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO.1, Dodano do kwarantanny, [10], [351113],1.0.3577
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}, Dodano do kwarantanny, [10], [351113],1.0.3577
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}, Dodano do kwarantanny, [10], [351113],1.0.3577
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8E8F97CD-60B5-456F-A201-73065652D099}, Dodano do kwarantanny, [10], [351113],1.0.3577

Wartość rejestru: 5
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}|APPPATH, Dodano do kwarantanny, [631], [471429],1.0.3577
PUP.Optional.MailRu, HKU\S-1-5-21-910666309-267904859-3003788689-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|URL, Dodano do kwarantanny, [631], [382913],1.0.3577
PUP.Optional.MailRu, HKU\S-1-5-21-910666309-267904859-3003788689-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|FAVICONURLFALLBACK, Dodano do kwarantanny, [631], [382913],1.0.3577
PUP.Optional.MailRu, HKU\S-1-5-21-910666309-267904859-3003788689-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|SUGGESTIONSURL, Dodano do kwarantanny, [631], [382913],1.0.3577
PUP.Optional.MailRu, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0D042B4E-3D0D-49A8-BADC-AC0B35AD200E}|PATH, Dodano do kwarantanny, [631], [403907],1.0.3577

Dane rejestru: 0
(Nie wykryto zagrożeń)

Strumień danych: 0
(Nie wykryto zagrożeń)

Folder: 16
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\integration\distribution, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\integration, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\_metadata, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\img, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\distribution, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\unity, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\_metadata, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\icons, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Program Files (x86)\Mail.Ru\Update Service, Dodano do kwarantanny, [631], [384138],1.0.3577
PUP.Optional.MailRu, C:\Program Files (x86)\Mail.Ru\MailRuUpdater, Dodano do kwarantanny, [631], [384138],1.0.3577
PUP.Optional.MailRu, C:\PROGRAM FILES (X86)\MAIL.RU, Dodano do kwarantanny, [631], [384138],1.0.3577

Plik: 40
PUP.Optional.MailRu, C:\WINDOWS\SYSTEM32\TASKS\MailRuUpdater, Dodano do kwarantanny, [631], [403909],1.0.3577
PUP.Optional.MailRu, C:\USERS\CIAM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0BMU5LP8.DEFAULT\EXTENSIONS\{A38384B3-2D1D-4F36-BC22-0F7AE402BCD7}.XPI, Dodano do kwarantanny, [631], [458842],1.0.3577
PUP.Optional.MailRu.Generic, C:\USERS\CIAM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0BMU5LP8.DEFAULT\EXTENSIONS\homepage@mail.ru.xpi, Dodano do kwarantanny, [7803], [462926],1.0.3577
PUP.Optional.MailRu.Generic, C:\USERS\CIAM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0BMU5LP8.DEFAULT\EXTENSIONS\search@mail.ru.xpi, Dodano do kwarantanny, [7803], [462926],1.0.3577
PUP.Optional.MailRu, C:\USERS\CIAM\FAVORITES\Mail.Ru Агент - используй для общения!.url, Dodano do kwarantanny, [631], [471428],1.0.3577
PUP.Optional.MailRu, C:\USERS\CIAM\FAVORITES\Mail.Ru.url, Dodano do kwarantanny, [631], [471428],1.0.3577
PUP.Optional.MailRu, C:\USERS\CIAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Zastąpiono, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\USERS\CIAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Zastąpiono, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\img\128.png, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\img\16.png, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\img\48.png, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\img\512.png, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\integration\distribution\background.js, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\integration\distribution\distribution-module.js, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\_metadata\computed_hashes.json, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\_metadata\verified_contents.json, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\manifest.json, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\metrics.js, Dodano do kwarantanny, [631], [448286],1.0.3577
PUP.Optional.MailRu, C:\USERS\CIAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Zastąpiono, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\USERS\CIAM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Zastąpiono, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\icons\128.png, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\icons\16.png, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\icons\48.png, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\icons\512.png, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\distribution\background.js, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\distribution\distribution-module.js, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\unity\unity-stub-background.js, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\unity\unity-stub-inject.js, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\_metadata\computed_hashes.json, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\_metadata\verified_contents.json, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\manifest.json, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Users\CIAM\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\metrics.js, Dodano do kwarantanny, [631], [403165],1.0.3577
PUP.Optional.MailRu, C:\Program Files (x86)\Mail.Ru\MailRuUpdater\MailRuUpdater.exe, Usunięcie-po-restarcie, [631], [384138],1.0.3577
PUP.Optional.MailRu, C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe, Usunięcie-po-restarcie, [631], [384138],1.0.3577
PUP.Optional.Downloader.TskLnk, C:\USERS\CIAM\APPDATA\LOCAL\CGWGGA, Dodano do kwarantanny, [14849], [463827],1.0.3577
PUP.Optional.Downloader.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\IOrbAiID, Dodano do kwarantanny, [14849], [463827],1.0.3577
PUP.Optional.Downloader.TskLnk, C:\USERS\CIAM\APPDATA\LOCAL\CGWGGA.BAT, Dodano do kwarantanny, [14849], [463827],1.0.3577
PUP.Optional.Downloader.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\IOrbAiID, Dodano do kwarantanny, [14849], [-1],0.0.0
Adware.FileTour, C:\USERS\CIAM\APPDATA\LOCAL\TEMP\IS-ID4HL.TMP\36E3FF6D, Dodano do kwarantanny, [150], [413261],1.0.3577
Adware.FileTour, C:\USERS\CIAM\APPDATA\LOCAL\TEMP\IS-ID4HL.TMP\D98B526, Dodano do kwarantanny, [150], [423225],1.0.3577

Sektor fizyczny: 0
(Nie wykryto zagrożeń)


(end)