Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan "Whole computer scan" completed.
- Infections;"58";"39";"19"
- Warnings;"4";"3";"1"
- Folders selected for scanning:;"Whole computer scan"
- Scan started:;"zondag 13 november 2011, 2:36:45"
- Scan finished:;"zondag 13 november 2011, 4:16:28 (1 hour(s) 39 minute(s) 42 second(s))"
- Total object scanned:;"957781"
- User who launched the scan:;"Wouter"
- Infections
- ;"File";"Infection";"Result"
- ;"C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (3672):\memory_02030000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (3888):\memory_03750000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\Program Files\Bonjour\mDNSResponder.exe (3908):\memory_00850000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (3864):\memory_00af0000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\Program Files\Hotspot Shield\bin\hsswd.exe (1960):\memory_00e20000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\Program Files\Hotspot Shield\bin\openvpnas.exe (3472):\memory_00b10000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\Program Files\Hotspot Shield\bin\openvpntray.exe (4812):\memory_015f0000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (2512):\memory_00930000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\Program Files\Java\jre6\bin\jqs.exe (3332):\memory_00d80000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (2208):\memory_01b20000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\Program Files\Windows Live\Messenger\msnmsgr.exe (2140):\memory_034d0000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\WINDOWS\ehome\ehSched.exe (736):\memory_00e10000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\WINDOWS\system32\lsass.exe (1596):\memory_00e30000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\WINDOWS\system32\ping.exe (5872):\memory_00f20000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\WINDOWS\system32\svchost.exe (628):\memory_017b0000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\WINDOWS\system32\svchost.exe (628):\memory_01fa0000";"Trojan horse Agent_r.ARN";"Infected"
- ;"C:\Documents and Settings\Default User.WINDOWS\Menu Start\Programma's\Opstarten\irok.exe";"Trojan horse Generic25.BLBR";"Moved to Virus Vault"
- ;"C:\Documents and Settings\Default User.WINDOWS\Menu Start\Programma's\Opstarten\sayt.exe";"Trojan horse Dropper.Generic4.CASQ";"Moved to Virus Vault"
- ;"C:\Documents and Settings\Default User.WINDOWS\Menu Start\Programma's\Opstarten\upeh.exe";"Trojan horse Dropper.Generic4.CASQ";"Moved to Virus Vault"
- ;"C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\Sun\Java\Deployment\cache\6.0\35\53414423-664e44f0";"Trojan horse Dropper.Generic4.CASQ";"Moved to Virus Vault"
- ;"C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\Sun\Java\Deployment\cache\6.0\3\690bcbc3-3be7b212";"Trojan horse Cryptic.DTF";"Moved to Virus Vault"
- ;"C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\Sun\Java\Deployment\cache\6.0\44\1ae528ec-6d7f5f9e";"Trojan horse Generic25.BORT";"Moved to Virus Vault"
- ;"C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\Sun\Java\Deployment\cache\6.0\52\76661234-7843f0ca";"Trojan horse Dropper.Generic4.CASQ";"Moved to Virus Vault"
- ;"C:\Documents and Settings\Wouter.SINDARIN\Application Data\Sun\Java\Deployment\cache\6.0\3\45378d03-1c96f208";"Trojan horse Downloader.Generic12.XXX";"Moved to Virus Vault"
- ;"C:\Documents and Settings\Wouter.SINDARIN\Application Data\Sun\Java\Deployment\cache\6.0\58\677d857a-2ca94bad";"Trojan horse PSW.Generic9.AKJS";"Moved to Virus Vault"
- ;"C:\Documents and Settings\Wouter.SINDARIN\Mijn documenten\Downloads\messenger_setup.exe";"Trojan horse Generic18.BBZJ";"Moved to Virus Vault"
- ;"C:\downloads\command and conquer - red alert 2 (full game).exe";"Trojan horse BackDoor.Generic13.KMP";"Deleted"
- ;"C:\downloads\command and conquer - red alert 2 (full game).exe:\TRAINER.EXE";"Trojan horse BackDoor.Generic13.KMP";"Deleted"
- ;"C:\downloads\PopCap Games\all.popcap.games-crack.exe";"Trojan horse Generic21.INJ";"Moved to Virus Vault"
- ;"C:\downloads\PopCap Games\Big Money Deluxe v1.3\BigMoneySetup.exe";"Trojan horse Generic22.AOSY";"Moved to Virus Vault"
- ;"C:\downloads\PopCap Games\Big Money Deluxe v1.3\BigMoneySetup.exe:\files\Big Money Deluxe\PopUninstall.exe";"Trojan horse Generic22.AOSY";"Moved to Virus Vault"
- ;"C:\downloads\PopCap Games\FeedingFrenzy v5.7.18.1\FeedingFrenzySetup.exe";"Trojan horse Generic22.AOSY";"Deleted"
- ;"C:\downloads\PopCap Games\FeedingFrenzy v5.7.18.1\FeedingFrenzySetup.exe:\files\FeedingFrenzy\PopUninstall.exe";"Trojan horse Generic22.AOSY";"Deleted"
- ;"C:\downloads\PopCap Games\tiptop.deluxe-crack.exe";"Trojan horse Generic21.INJ";"Moved to Virus Vault"
- ;"C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (3672)";"Trojan horse Agent_r.ARN";"Deleted"
- ;"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (3888)";"Trojan horse Agent_r.ARN";"Deleted"
- ;"C:\Program Files\Bonjour\mDNSResponder.exe (3908)";"Trojan horse Agent_r.ARN";"Deleted"
- ;"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (3864)";"Trojan horse Agent_r.ARN";"Deleted"
- ;"C:\Program Files\eRightSoft\SUPER\SUPER.exe";"Trojan horse Downloader.Generic11.ADTP";"Moved to Virus Vault"
- ;"C:\Program Files\Hotspot Shield\bin\hsswd.exe (1960)";"Trojan horse Agent_r.ARN";"Deleted"
- ;"C:\Program Files\Hotspot Shield\bin\openvpnas.exe (3472)";"Trojan horse Agent_r.ARN";"Deleted"
- ;"C:\Program Files\Hotspot Shield\bin\openvpntray.exe (4812)";"Trojan horse Agent_r.ARN";"Deleted"
- ;"C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (2512)";"Trojan horse Agent_r.ARN";"Deleted"
- ;"C:\Program Files\Java\jre6\bin\jqs.exe (3332)";"Trojan horse Agent_r.ARN";"Deleted"
- ;"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (2208)";"Trojan horse Agent_r.ARN";"Deleted"
- ;"C:\Program Files\Windows Live\Messenger\msnmsgr.exe (2140)";"Trojan horse Agent_r.ARN";"Deleted"
- ;"C:\WINDOWS\ehome\ehSched.exe (736)";"Trojan horse Agent_r.ARN";"Deleted"
- ;"C:\WINDOWS\system32\0.17901043761260405.exe";"Trojan horse Generic25.BORT";"Moved to Virus Vault"
- ;"C:\WINDOWS\system32\config\systemprofile\Application Data\q0enev4828\rplh.exe";"Trojan horse SHeur4.HHM";"Moved to Virus Vault"
- ;"C:\WINDOWS\system32\config\systemprofile\Application Data\q0enev4828\rplh.exe";"Trojan horse SHeur4.HHM";"Object is inaccessible."
- ;"C:\WINDOWS\system32\DRIVERS\netbt.sys";"Trojan horse BackDoor.Generic14.BQHF";"Object is white-listed (critical/system file that should not be removed)"
- ;"C:\WINDOWS\system32\drivers\netbt.sys";"Trojan horse BackDoor.Generic14.BQHF";"Object is white-listed (critical/system file that should not be removed)"
- ;"C:\WINDOWS\system32\lsass.exe (1596)";"Trojan horse Agent_r.ARN";"Deleted"
- ;"C:\WINDOWS\system32\ping.exe (5872)";"Trojan horse Agent_r.ARN";"Deleted"
- ;"C:\WINDOWS\system32\svchost.exe (628)";"Trojan horse Agent_r.ARN";"Deleted"
- ;"C:\WINDOWS\Temp\flcdyb\setup.exe";"Trojan horse Proxy.ASEF";"Moved to Virus Vault"
- ;"C:\WINDOWS\Temp\hki28967.exe";"Trojan horse SHeur4.HHM";"Moved to Virus Vault"
- ;"C:\WINDOWS\Temp\roculs\setup.exe";"Trojan horse SHeur4.HHM";"Moved to Virus Vault"
- Warnings
- ;"File";"Infection";"Result"
- ;"C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\0R8YPHIO\vlc-1.1.1[1].exe";"Corrupted executable file";"Moved to Virus Vault"
- ;"HKLM\SYSTEM\CurrentControlSet\services\NetBT";"Found registry key with reference to infected file C:\WINDOWS\system32\DRIVERS\netbt.sys";"Moved to Virus Vault"
- ;"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Update";"Found registry key with reference to infected file C:\WINDOWS\system32\config\systemprofile\Application Data\q0enev4828\rplh.exe";"Moved to Virus Vault"
- ;"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Update";"Found registry key with reference to infected file C:\WINDOWS\system32\config\systemprofile\Application Data\q0enev4828\rplh.exe";"Object is inaccessible."
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement