Malwarebytes
www.malwarebytes.com

-Szczegóły raportu-
Data skanowania: 30.03.2021
Czas skanowania: 11:12
Plik raportu: fcac35de-9137-11eb-8077-e0d55e29c9eb.json

-Informacje o oprogramowaniu-
Wersja: 4.3.0.98
Wersja komponentów: 1.0.1236
Aktualna wersja pakietu: 1.0.38888
Licencja: Wersja próbna

-Informacje o systemie-
System operacyjny: Windows 10 (Build 19041.867)
Procesor: x64
System plików: NTFS
Użytkownik: DESKTOP-JSCFMDP\Johnny

-Wyniki skanowania-
Typ skanowania: Pełne skanowanie
Skan zapoczątkowany przez: Ręcznie
Wynik: Ukończono
Obiekty przeskanowane: 317490
Wykryte zagrożenia: 60
Zagrożenia poddane kwarantannie: 59
Czas, który upłynął: 4 min, 27 s

-Opcje skanowania-
Pamięć: Włączony
Autostart: Włączony
System plików: Włączony
Archiwa: Włączony
Rootkity: Włączony
Heurystyka: Włączony
PUP: Wykrywanie
PUM: Wykrywanie

-Szczegóły skanowania-
Proces: 0
(Nie wykryto zagrożeń)

Moduł: 0
(Nie wykryto zagrożeń)

Klucz rejestru: 21
PUP.Optional.SearchYa, HKU\S-1-5-21-3171440377-1465995704-668751129-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{993F5746-4C15-42BC-99C1-064A1764271B}, Dodano do kwarantanny, 430, 242794, 1.0.38888, , ame, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, Dodano do kwarantanny, 3016, 260247, 1.0.38888, , ame, , , 
Trojan.BitCoinMiner.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Google\GoogleUpdateTaskMachineGU, Dodano do kwarantanny, 3832, 698508, , , , , , 
Trojan.BitCoinMiner.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{41627AF2-4BDC-48BA-84C2-D3ED09C0A9A1}, Dodano do kwarantanny, 3832, 698508, , , , , , 
Adware.ForcedNotifications.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, Dodano do kwarantanny, 6705, -1, 0.0.0, , action, , , 
Adware.ForcedNotifications.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, Dodano do kwarantanny, 6705, -1, 0.0.0, , action, , , 
Adware.ForcedNotifications.ChrPRST, HKU\S-1-5-21-3171440377-1465995704-668751129-1001\SOFTWARE\POLICIES\GOOGLE\CHROME, Dodano do kwarantanny, 6705, -1, 0.0.0, , action, , , 
PUP.Optional.PCVARK, HKLM\SOFTWARE\QWRyb2l0IFN5c3RlbSBDYXJl, Dodano do kwarantanny, 536, 702107, 1.0.38888, , ame, , , 
PUP.Optional.InstallCore, HKU\S-1-5-21-3171440377-1465995704-668751129-1001\SOFTWARE\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I, Dodano do kwarantanny, 511, 352832, 1.0.38888, , ame, , , 
PUP.Optional.PCVARK, HKLM\SOFTWARE\XSC-PR, Dodano do kwarantanny, 536, 698879, 1.0.38888, , ame, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, Dodano do kwarantanny, 3016, 260247, 1.0.38888, , ame, , , 
PUP.Optional.JetMedia, HKLM\SOFTWARE\WOW6432NODE\JETMEDIA\NativeDesktopMediaService, Dodano do kwarantanny, 4073, 544579, 1.0.38888, , ame, , , 
PUP.Optional.PCVARK.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Adroit System Care_DDelayScheduled, Dodano do kwarantanny, 896, 698893, , , , , , 
PUP.Optional.PCVARK.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{311EFBA8-C6F7-4286-969B-A86D53F7FFA9}, Dodano do kwarantanny, 896, 698893, , , , , , 
PUP.Optional.PCVARK.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{311EFBA8-C6F7-4286-969B-A86D53F7FFA9}, Dodano do kwarantanny, 896, 698893, , , , , , 
Adware.Adposhel.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DAE68F60-E651-C558-A06E-6E5AB00BB052, Dodano do kwarantanny, 3829, 701906, , , , , , 
Adware.Adposhel.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6CD34A94-4B14-4CAC-A0A8-AB895343DC07}, Dodano do kwarantanny, 3829, 701906, , , , , , 
Adware.Adposhel.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{6CD34A94-4B14-4CAC-A0A8-AB895343DC07}, Dodano do kwarantanny, 3829, 701906, , , , , , 
Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{099A689E-7640-4B7A-B473-FCCD4AF93244}, Dodano do kwarantanny, 1198, 683129, , , , , , 
Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0307BE2C-BA78-40A6-872F-7A4E56E8CBE3}, Dodano do kwarantanny, 1198, 683129, , , , , , 
Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{0307BE2C-BA78-40A6-872F-7A4E56E8CBE3}, Dodano do kwarantanny, 1198, 683129, , , , , , 

Wartość rejestru: 12
PUP.Optional.SearchYa, HKU\S-1-5-21-3171440377-1465995704-668751129-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{993F5746-4C15-42BC-99C1-064A1764271B}|DISPLAYNAME, Dodano do kwarantanny, 430, 242794, 1.0.38888, , ame, , , 
Adware.ForcedNotifications.ChrPRST, HKU\S-1-5-21-3171440377-1465995704-668751129-1001\SOFTWARE\POLICIES\GOOGLE\CHROME\NOTIFICATIONSALLOWEDFORURLS|1, Dodano do kwarantanny, 6705, 787263, 1.0.38888, , ame, , , 
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{1a0cd0cf-f3e1-448e-9b53-232b2928217d}|NAMESERVER, Dodano do kwarantanny, 7210, 260226, 1.0.38888, , ame, , , 
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{6c3c5f70-f4e5-4491-b33d-46cd7dd2df7d}|NAMESERVER, Dodano do kwarantanny, 7210, 260226, 1.0.38888, , ame, , , 
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{8cccdd9f-e77e-4964-acc5-59c0dfeec49c}|NAMESERVER, Dodano do kwarantanny, 7210, 260226, 1.0.38888, , ame, , , 
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{a97bcb77-1c94-473c-b8a2-43f72a28b937}|NAMESERVER, Dodano do kwarantanny, 7210, 260226, 1.0.38888, , ame, , , 
PUP.Optional.OneSystemCare.EncJob, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|ONE SYSTEM CAREPERIOD.JOB, Dodano do kwarantanny, 1472, 878868, 1.0.38888, , ame, , , 
PUP.Optional.OneSystemCare.EncJob, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|ONE SYSTEM CAREPERIOD.JOB.FP, Dodano do kwarantanny, 1472, 878868, 1.0.38888, , ame, , , 
PUP.Optional.PCVARK, HKLM\SOFTWARE\XSC-PR|UTM_CAMPAIGN, Dodano do kwarantanny, 536, 698879, 1.0.38888, , ame, , , 
Adware.ForcedNotifications.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME\NOTIFICATIONSALLOWEDFORURLS|1, Dodano do kwarantanny, 6705, 786870, 1.0.38888, , ame, , , 
Adware.ForcedNotifications.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME\NOTIFICATIONSALLOWEDFORURLS|1, Dodano do kwarantanny, 6705, 786870, 1.0.38888, , ame, , , 
Adware.NetAdapter, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5AFEF7D2-D4AC-4B6E-8DEF-AA556053241E}, Dodano do kwarantanny, 1198, 683134, 1.0.38888, , ame, , , 

Dane rejestru: 16
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{116bb4db-a256-49e6-9c23-4bd194bd394d}|NameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{1a0cd0cf-f3e1-448e-9b53-232b2928217d}|NameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{1a0cd0cf-f3e1-448e-9b53-232b2928217d}|DhcpNameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}|NameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{4a889ff6-ca7f-4ce8-8e41-9fbce43c774a}|NameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{579b30b9-d1f2-491e-bdb5-5eaaef0aeac2}|NameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{579b30b9-d1f2-491e-bdb5-5eaaef0aeac2}|DhcpNameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{6bb4f047-2706-11e5-9bbe-806e6f6e6963}|NameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{6c3c5f70-f4e5-4491-b33d-46cd7dd2df7d}|NameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{6c3c5f70-f4e5-4491-b33d-46cd7dd2df7d}|DhcpNameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{8cccdd9f-e77e-4964-acc5-59c0dfeec49c}|NameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{8cccdd9f-e77e-4964-acc5-59c0dfeec49c}|DhcpNameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{a97bcb77-1c94-473c-b8a2-43f72a28b937}|NameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{a97bcb77-1c94-473c-b8a2-43f72a28b937}|DhcpNameServer, Zastąpiono, 3016, -1, 0.0.0, , action, , , 

Strumień danych: 0
(Nie wykryto zagrożeń)

Folder: 3
PUP.Optional.JetMedia, C:\ProgramData\Jetmedia\NativeDesktopMediaService, Dodano do kwarantanny, 4073, 690183, , , , , , 
PUP.Optional.JetMedia, C:\PROGRAMDATA\Jetmedia, Dodano do kwarantanny, 4073, 690183, 1.0.38888, , ame, , , 
HackTool.KMSpico, C:\PROGRAM FILES\KMSPICO, Dodano do kwarantanny, 7199, 921550, 1.0.38888, , ame, , , 

Plik: 8
PUP.Optional.JetMedia, C:\PROGRAMDATA\Jetmedia\NATIVEDESKTOPMEDIASERVICE\comdata.dat, Dodano do kwarantanny, 4073, 690183, 1.0.38888, , ame, , C8D6AAD43A712B9AD8FB7D8224684DF9, 7EDE55588D9D67748C4D4BDBFB72862D14D6E4511FF4EBA6F66AAF1D530686A8
Trojan.BitCoinMiner.Generic, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\GOOGLE\GoogleUpdateTaskMachineGU, Dodano do kwarantanny, 3832, 698508, 1.0.38888, , ame, , 3E9F44BA72232BC2E4F0A144C456B70D, D5C465BDF2FE52BC0E3AE998682B5723061372A2FB205ECD6AE2829211A4D15D
Adware.ForcedNotifications.ChrPRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, Usunięcie nie powiodło się, 6705, -1, 0.0.0, , action, , 075B0DA82E23780FA2DD7F2EA0464FD4, 26332AF7F0DCF06A13ABB741E5EAA39F0FF9E7E823512701500B4E52340357AB
Adware.ForcedNotifications.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, Dodano do kwarantanny, 6705, -1, 0.0.0, , action, , B6DBAFBEA859B6E288E31F126065F3C3, 479B63F6FB139CE1FCD38C23B7DDDE8947DC8E9ACDF1C3B2219DE139F50704E6
PUP.Optional.PCVARK.Generic, C:\WINDOWS\SYSTEM32\TASKS\Adroit System Care_DDelayScheduled, Dodano do kwarantanny, 896, 698893, 1.0.38888, , ame, , E7F7E8599CA5A7FE76F9822AE04C5931, 41BF235980373FF5EBF4A42AD1CD65527E5651B71E1235D2C12A6F2A9D78B01B
Adware.Adposhel.Generic, C:\WINDOWS\SYSTEM32\TASKS\DAE68F60-E651-C558-A06E-6E5AB00BB052, Dodano do kwarantanny, 3829, 701906, 1.0.38888, , ame, , 35FAF5C389B46EDA6E71B9FB8B675704, 9CE60E3B7A53FE1ABE455DE7AA1A1FFF9059F9981FA34326C732EAC1E9F93610
Adware.NetAdapter, C:\WINDOWS\SYSTEM32\TASKS\{099A689E-7640-4B7A-B473-FCCD4AF93244}, Dodano do kwarantanny, 1198, 683129, 1.0.38888, , ame, , F09C5758A5F8DDF4318072A10693D023, 6DBCFF5000A176516B80345F9C5E32D280FBB60BE011A23B2993C07276C78BD9
PUP.Optional.YTDVideoDownloader, C:\PROGRAMDATA\YTD VIDEO DOWNLOADER\YTD_INSTALLER.EXE, Dodano do kwarantanny, 14290, 883300, 1.0.38888, , ame, , 5927D7CBC00C648D5F26C3F09C25039E, CB441D57324A33CAB00E1FDD1F4EAD37C521FAFEA03C85E78863A11336E32F3A

Sektor fizyczny: 0
(Nie wykryto zagrożeń)

WMI: 0
(Nie wykryto zagrożeń)


(end)