Skocz do zawartości

Zarchiwizowany

Ten temat jest archiwizowany i nie można dodawać nowych odpowiedzi.

Ronex763

Proces explorer.exe zwiększa użycie CPU

Polecane posty

Witam !

Otóż od pewnego czasu zauważyłem, że wykorzystanie mojego procesora wzrosło. Postanowiłem sprawdzić jakiego czym było to spowodowane. Przyczyną był proces explorer.exe(32bity) bez ikony. Gdy wyłączam proces obciążenie maleje do normalnego stanu. Niestety problem nie ustępuje, gdyż włącza on się ponownie po jakimś czasie. W programie process monitor zauważyłem ( mam nadzieję, że nie błędnie), że strona mojego routera to jest www.huaweimobilewifi.com wysyła i odbiera jakieś pakiety przez port TCP z serwera eu2.wemineltc.com:http.

Proszę o pomoc w tym, aby jakoś ten proces wyłączyć lub naprawić na stałe.

Link do komentarza
Udostępnij na innych stronach

Wygląda na malware kopiące BitCoiny, które podczepia się do procesu explorer.exe. Ze starszymi wersjami tego szkodnika Malwarebytes' Anti-Malware sobie radziło, więc liczę, że i tu da radę.

Zainstaluj ten program, przeskanuj kompa i zamieść na forum wygenerowany log.

Link do komentarza
Udostępnij na innych stronach

Ok. Widzę, że znalazło tego bitcoin minera. Mógłbyś mi wyjaśnić na czym polega to podczepianie do procesów ?

Trochę potrwa skanowanie plików systemowych.

Jak na razie znalazło 15 obiektów.

Proszę bardzo :

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 2014-12-31

Scan Time: 22:50:21

Logfile: ihj.txt

Administrator: Yes

Version: 2.00.4.1028

Malware Database: v2014.11.20.06

Rootkit Database: v2014.11.18.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

OS: Windows 8.1

CPU: x64

File System: NTFS

User: Ronex

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 429862

Time Elapsed: 13 min, 15 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processes: 1

Trojan.Agent, C:\Users\Ronex1\pwo5\svchost.exe, 5996, , [2ed84fef5c20e650f7cdb1da52b1669a]

Modules: 1

Trojan.BitcoinMiner, c:\Users\Ronex1\AppData\Local\Temp\_MEI59002\bin\minerd.dll, , [21e574cabac200366dfd751ee121d927],

Registry Keys: 17

PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [7492d8667efe26103a36dce4d42e6997],

PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [7492d8667efe26103a36dce4d42e6997],

PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [7492d8667efe26103a36dce4d42e6997],

PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [7492d8667efe26103a36dce4d42e6997],

PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [0afcea54bdbf1c1addee1f7846be18e8],

PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, , [7b8b72ccf78579bd74186ed8ba4941bf],

PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pelmeidfhdlhlbjimpabfcbnnojbboma, , [b353f44a0c7073c3511384e6ed1650b0],

PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [21e576c80c7058de92391b7c9b6944bc],

PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, , [2adc61ddcdaf52e41a71f254857ee11f],

PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginService, , [4eb8211d1c6091a5d24cfd3b778c7987],

PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, , [7393ae90f08c45f1474a57e49370d42c],

PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [f31399a596e62214543ea89331d29e62],

PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-2797637584-790094135-2825667820-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , [bf47f14dc5b74cea7f08ace17094cc34],

PUP.Optional.WebSearches.A, HKU\S-1-5-21-2797637584-790094135-2825667820-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, , [b452f7470a7246f0003cb98f1ae9a060],

PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-2797637584-790094135-2825667820-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TutoTag, , [a165d8661963a98d3336ab04d72dd42c],

PUP.Optional.PassShow.A, HKU\S-1-5-21-2797637584-790094135-2825667820-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PassShow, , [947277c76f0d3006f2a54eef48bbb848],

PUP.Optional.Qone8, HKU\S-1-5-21-2797637584-790094135-2825667820-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [0afcf945a1db48eef9d1f89f877de41c],

Registry Values: 2

PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, amt, , [2adc61ddcdaf52e41a71f254857ee11f]

Trojan.Agent, HKU\S-1-5-21-2797637584-790094135-2825667820-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|pwo5, C:\Users\Ronex1\pwo5\svchost.exe, , [2ed84fef5c20e650f7cdb1da52b1669a]

Registry Data: 5

PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://istart.webssearches.com/?type=hp&ts=1417618975&from=brd&uid=ST1000LM014-1EJ164_W380AYV7XXXXW380AYV7,'>http://istart.webssearches.com/?type=hp&ts=1417618975&from=brd&uid=ST1000LM014-1EJ164_W380AYV7XXXXW380AYV7, Good: (www.google.com), Bad: (http://istart.webssearches.com/?type=hp&ts=1417618975&from=brd&uid=ST1000LM014-1EJ164_W380AYV7XXXXW380AYV7),,[699dbf7f710b8ea848ab57ed679e18e8]

PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[5da9a39bfd7f290dc54eef609174d62a]

PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://istart.webssearches.com/?type=hp&ts=1417618975&from=brd&uid=ST1000LM014-1EJ164_W380AYV7XXXXW380AYV7,'>http://istart.webssearches.com/?type=hp&ts=1417618975&from=brd&uid=ST1000LM014-1EJ164_W380AYV7XXXXW380AYV7, Good: (www.google.com), Bad: (http://istart.webssearches.com/?type=hp&ts=1417618975&from=brd&uid=ST1000LM014-1EJ164_W380AYV7XXXXW380AYV7),,[5da9ad91cbb12016be35ac98b64fa759]

PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[e71f122cfa82d75ff81b61eeb5507f81]

PUP.Optional.WebsSearches.A, HKU\S-1-5-21-2797637584-790094135-2825667820-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://istart.webssearches.com/?type=hp&ts=1417618975&from=brd&uid=ST1000LM014-1EJ164_W380AYV7XXXXW380AYV7,'>http://istart.webssearches.com/?type=hp&ts=1417618975&from=brd&uid=ST1000LM014-1EJ164_W380AYV7XXXXW380AYV7, Good: (www.google.com), Bad: (http://istart.webssearches.com/?type=hp&ts=1417618975&from=brd&uid=ST1000LM014-1EJ164_W380AYV7XXXXW380AYV7),,[7e882915f488ea4cb93775cfb1543fc1]

Folders: 4

PUP.Optional.Spigot.A, C:\Users\Ronex1\AppData\LocalLow\SEARCH SETTINGS, , [689e8fafb3c994a213778a969f6452ae],

PUP.Optional.Spigot.A, C:\Users\Ronex1\AppData\LocalLow\SEARCH SETTINGS\res, , [689e8fafb3c994a213778a969f6452ae],

PUP.Optional.Spigot.A, C:\Users\Ronex1\AppData\LocalLow\SEARCH SETTINGS emp, , [689e8fafb3c994a213778a969f6452ae],

PUP.Optional.SupTab.A, C:\Users\Ronex1\AppData\Roaming\SupTab, , [db2b74caf18b84b25e3c55d1649f2ed2],

Files: 51

Trojan.BitcoinMiner, c:\Users\Ronex1\AppData\Local\Temp\_MEI59002\bin\minerd.dll, , [21e574cabac200366dfd751ee121d927],

PUP.Optional.SupTab.A, C:\Users\Ronex1\AppData\Roaming\SupTab\SupTab.dll, , [42c4f24cff7d5ed8acd987ae2ed20cf4],

Trojan.Agent.H, C:\Users\Ronex1\AppData\Local\Temp\is-5N9H7.tmp\precomp042.exe, , [040298a68cf044f20586c48dca38b44c],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI56762\bin\csrss.exe, , [7690e35bb6c6d165beb6048f2cd66f91],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI56762\bin\minerd.dll, , [7c8a4cf2d9a365d15a100390b94918e8],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI57842\bin\csrss.exe, , [5aacaa94df9dad895c18048fa45e6997],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI57842\bin\minerd.dll, , [be48eb53b1cb221495d532612cd68d73],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI59002\bin\csrss.exe, , [d13542fcc6b6181ecea696fd59a94db3],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI23282\bin\csrss.exe, , [d2342717d9a3b77f5f15dfb418eaa55b],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI23282\bin\minerd.dll, , [55b1d96582fab77f5416e2b13bc7a15f],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI28322\bin\csrss.exe, , [d82ebd81d9a3201613618310b0525fa1],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI28322\bin\minerd.dll, , [b74f013d8cf04aecbcae385b72901ae6],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI42162\bin\csrss.exe, , [7393221c82fa2c0a1c580c87689a669a],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI42162\bin\minerd.dll, , [02047ec00973b680fa703360be44f907],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI42322\bin\csrss.exe, , [44c2ad911765191d4b29642f13ef6898],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI42322\bin\minerd.dll, , [9571a39b85f781b507631c774ab87e82],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI43442\bin\csrss.exe, , [6e9874cadd9ffc3a264e9ff4659d0df3],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI43442\bin\minerd.dll, , [b65081bd3f3d00361f4b098a44be2ad6],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI43962\bin\csrss.exe, , [20e60638eb910432680c444ff60c04fc],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI43962\bin\minerd.dll, , [12f4c47a4e2eed49f6742a6953afe31d],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI46322\bin\csrss.exe, , [e02641fd4c3086b00e66751e2ad8758b],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI46322\bin\minerd.dll, , [29dd8bb3fb81ea4ca8c2662d1de50000],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI48002\bin\csrss.exe, , [b84ec7778bf1ba7c5123771cf40e0bf5],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI48002\bin\minerd.dll, , [6c9a79c52f4da29479f1563d2ed4619f],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI49362\bin\csrss.exe, , [a75f88b6b3c9a294fd77fb9860a2f60a],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI49362\bin\minerd.dll, , [fa0c4fefa7d551e55c0ea5ee4cb641bf],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI50442\bin\csrss.exe, , [ca3ca9952b5120161163583b57ab38c8],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI50442\bin\minerd.dll, , [da2c59e587f5e551bab0bdd6bb47629e],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI51442\bin\csrss.exe, , [d72fa599e498e94d9fd53c57ae54e818],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI51442\bin\minerd.dll, , [e4229ba38def181e55150d8644be9c64],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI51682\bin\csrss.exe, , [df27b5892953c175254fd0c3c14119e7],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI51682\bin\minerd.dll, , [0df9b589b0cc8fa75416e6adc63c738d],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI52802\bin\csrss.exe, , [9373cc722a520c2a1262048f51b16799],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI52802\bin\minerd.dll, , [c83e52ec18645fd73f2bcac93bc726da],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI52882\bin\csrss.exe, , [b65035098eeeaf8714608c07946e5da3],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI52882\bin\minerd.dll, , [19edfc42374575c12b3fd0c3ef137a86],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI53122\bin\csrss.exe, , [d333f34b5e1e6ec8caaa6c27bf43b64a],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI53122\bin\minerd.dll, , [b1554fef13698aacb9b19df6ee14f709],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI53442\bin\csrss.exe, , [44c2a8966e0eec4a96de563dfa08728e],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI53442\bin\minerd.dll, , [c5411a2496e6bd797ded157e738f2ed2],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI53443\bin\csrss.exe, , [26e080be82fa082e1d5799fac43eea16],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI53443\bin\minerd.dll, , [2dd9112dfd7f4beb09619af9a55d6f91],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI54122\bin\csrss.exe, , [15f152ec19631026c6aeddb6788a34cc],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI54122\bin\minerd.dll, , [af57e6589ede092d6604efa4ec163dc3],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI54202\bin\csrss.exe, , [61a56fcf96e6ce68d79d147f758d738d],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI54202\bin\minerd.dll, , [bc4ad569027a3df943278d06bd45e41c],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI54282\bin\csrss.exe, , [8e78ea54ee8edd59d4a0147fa45e8080],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI54282\bin\minerd.dll, , [719526187903e74f96d46a298c7610f0],

Trojan.Agent, C:\Users\Ronex1\AppData\Local\Temp\_MEI55642\bin\csrss.exe, , [9076a49a81fb9c9a7afa068dd131f709],

Trojan.BitcoinMiner, C:\Users\Ronex1\AppData\Local\Temp\_MEI55642\bin\minerd.dll, , [f70f95a9e498d36387e3f69da1612ed2],

Trojan.Agent, C:\Users\Ronex1\pwo5\svchost.exe, , [2ed84fef5c20e650f7cdb1da52b1669a],

Physical Sectors: 0

(No malicious items detected)

(end)

Co chwila wyskakuje mi okienko z explorer.exe, że nie można uruchomić programu, ponieważ na komputerze nie znaleziono minerd.dll oraz okienko programu w dolnym prawym rogu z informacja o blokowanej domenie i jej ip 111.111.111.111 oraz porcie co chwila innym.

Link do komentarza
Udostępnij na innych stronach

Ok. Widzę, że znalazło tego bitcoin minera. Mógłbyś mi wyjaśnić na czym polega to podczepianie do procesów ?

Malware wszczepia kod do prawidłowego procesu lub wykorzystuje jego mechanizmy/luki, by odpalić się i być widocznym w systemie jako ten proces. Dzięki temu ukrywa się on przed użytkownikiem.

Jedna rzecz:

Malware Database: v2014.11.20.06

Rootkit Database: v2014.11.18.01

Skanowanie wykonałeś na nieaktualnych bazach. Uaktualnij program i przeprowadź je jeszcze raz. Usuń wszystkie zagrożenia, które znajdzie MBAM. Dodatkowo zrestartuj komputer.

Wtedy napisz, czy wszystko działa i wrzuć nowego loga.

Link do komentarza
Udostępnij na innych stronach

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 2014-12-31

Scan Time: 23:22:26

Logfile: asd.txt

Administrator: Yes

Version: 2.00.4.1028

Malware Database: v2014.12.31.05

Rootkit Database: v2014.12.30.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

OS: Windows 8.1

CPU: x64

File System: NTFS

User: Ronex

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 442546

Time Elapsed: 21 min, 47 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 4

PUP.Optional.MyPCBackup.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\MyPC Backup, , [e9780069483494a2770ccc94000308f8],

PUP.Optional.MyPCBackup.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\MyPC Backup, , [322fee7bbac2270f98ebd28ee41f0000],

PUP.Optional.MyPCBackup.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKUPSTACK, , [73eea4c5e5974ee8ccd5ec7d8c777f81],

PUP.Optional.Qone8, HKU\S-1-5-21-2797637584-790094135-2825667820-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [adb4f673443866d06dffbb0b8b7942be],

Registry Values: 1

PUP.Optional.MyPCBackup.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKUPSTACK|ImagePath, C:\Program Files (x86)\MyPC Backup\BackupStack.exe, , [73eea4c5e5974ee8ccd5ec7d8c777f81]

Registry Data: 0

(No malicious items detected)

Folders: 4

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MYPC BACKUP, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MYPC BACKUP\x64, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MYPC BACKUP\x86, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.Enabler.A, C:\ProgramData\SetApp\WS.Enabler, , [88d97aef3d3f44f2abfa243636cd9c64],

Files: 46

PUP.Optional.OpenCandy, C:\Users\Ronex1\AppData\Local\Temp\nsh7AAD.tmp\KMPAddedCode_OpperCD.exe, , [ce936702e29af6401f8beebcce375ca4],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\pt_PT.mo, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\it_IT.mo, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaFS.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.51.x86.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x64.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.52.x86.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x64.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.60.x86.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\AlphaVSS.Common.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\BackupStack.exe, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\BackupStackUI.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\BplusDotNet.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Configuration Updater.exe, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\de_DE.mo, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\es_ES.mo, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\fr_FR.mo, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\GetText.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\InstMgr.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Ionic.Zip.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\LogicNP.EZShellExtensions.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Microsoft.Win32.TaskScheduler.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\MPCBClient.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\MPCBContextMenu.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\mypcbackup.ico, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\NativeHashWrapper.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Newtonsoft.Json.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\ObjectListView.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\PipeDiff.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x64.exe, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet20_x86.exe, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet40_x64.exe, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\RegisterExtensionDotNet40_x86.exe, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Service Start.exe, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Shared Stack.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\SignupWizard.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\syncicon.ico, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\System.Data.SQLite.DLL, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\uninst.exe, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\UnRegisterExtensions.exe, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Updater.exe, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\Updater_.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\websocket-sharp.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\x64\SQLite.Interop.dll, , [afb2650415672214752b79f03fc403fd],

PUP.Optional.MyPCBackup.A, C:\Program Files (x86)\MyPC Backup\x86\SQLite.Interop.dll, , [afb2650415672214752b79f03fc403fd],

Physical Sectors: 0

(No malicious items detected)

(end)

Na 4 linijkę 3 akapitu nie musisz zwracać uwagi ...

Link do komentarza
Udostępnij na innych stronach



  • Kto przegląda   0 użytkowników

    • Brak zalogowanych użytkowników przeglądających tę stronę.
×
×
  • Utwórz nowe...