API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 23rd, 2020
186
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.04 KB | None | 0 0
raw download clone embed print report
  1. Malwarebytes
  2. www.malwarebytes.com
  3.  
  4. -Log Details-
  5. Scan Date: 2/23/20
  6. Scan Time: 5:05 PM
  7. Log File: 0bd88c06-5624-11ea-972b-40167eb12a11.json
  8.  
  9. -Software Information-
  10. Version: 4.0.4.49
  11. Components Version: 1.0.750
  12. Update Package Version: 1.0.19666
  13. License: Trial
  14.  
  15. -System Information-
  16. OS: Windows 10 (Build 18362.535)
  17. CPU: x64
  18. File System: NTFS
  19. User: DESKTOP-72U3JJO\Briliant_Fik
  20.  
  21. -Scan Summary-
  22. Scan Type: Threat Scan
  23. Scan Initiated By: Manual
  24. Result: Completed
  25. Objects Scanned: 302719
  26. Threats Detected: 98
  27. Threats Quarantined: 98
  28. Time Elapsed: 2 min, 22 sec
  29.  
  30. -Scan Options-
  31. Memory: Enabled
  32. Startup: Enabled
  33. Filesystem: Enabled
  34. Archives: Enabled
  35. Rootkits: Disabled
  36. Heuristics: Enabled
  37. PUP: Detect
  38. PUM: Detect
  39.  
  40. -Scan Details-
  41. Process: 1
  42. RiskWare.BitCoinMiner, C:\PROGRAMDATA\ORACLE\JAVA\JAVA.EXE, Quarantined, 840, 787170, , , ,
  43.  
  44. Module: 1
  45. RiskWare.BitCoinMiner, C:\PROGRAMDATA\ORACLE\JAVA\JAVA.EXE, Quarantined, 840, 787170, , , ,
  46.  
  47. Registry Key: 53
  48. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\MUI\LPupdate, Delete-on-Reboot, 5890, 773517, , , ,
  49. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D0962B28-95A8-4763-B73F-ECC0A6FE87BA}, Delete-on-Reboot, 5890, 773517, , , ,
  50. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{D0962B28-95A8-4763-B73F-ECC0A6FE87BA}, Delete-on-Reboot, 5890, 773517, , , ,
  51. Trojan.BitCoinMiner.Powershell, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\cli_optimization_v2.0.55727_32, Delete-on-Reboot, 5890, 773514, 1.0.19666, , ame,
  52. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\UPnP\UPnPHost, Delete-on-Reboot, 485, 773528, , , ,
  53. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{93E71D11-DB4E-406F-8998-6F1D4BF6BCC5}, Delete-on-Reboot, 485, 773528, , , ,
  54. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{93E71D11-DB4E-406F-8998-6F1D4BF6BCC5}, Delete-on-Reboot, 485, 773528, , , ,
  55. Trojan.Agent.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\MobilePC\DetectPC, Delete-on-Reboot, 1313, 773534, , , ,
  56. Trojan.Agent.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5133896A-7FA0-4EBF-BC71-FF5992A48B03}, Delete-on-Reboot, 1313, 773534, , , ,
  57. Trojan.Agent.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{5133896A-7FA0-4EBF-BC71-FF5992A48B03}, Delete-on-Reboot, 1313, 773534, , , ,
  58. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Shell\updshell, Delete-on-Reboot, 485, 773544, , , ,
  59. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D41D9A14-B832-4E2D-90D5-7F20802F953F}, Delete-on-Reboot, 485, 773544, , , ,
  60. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{D41D9A14-B832-4E2D-90D5-7F20802F953F}, Delete-on-Reboot, 485, 773544, , , ,
  61. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\UPnP\UPNPCLIENT TASK, Delete-on-Reboot, 485, 773554, , , ,
  62. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9CDBFA25-C9C5-4995-87FA-0E2E825B94E0}, Delete-on-Reboot, 485, 773554, , , ,
  63. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{9CDBFA25-C9C5-4995-87FA-0E2E825B94E0}, Delete-on-Reboot, 485, 773554, , , ,
  64. Trojan.BitCoinMiner.Powershell, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\cli_optimization_v2.0.55727_64, Delete-on-Reboot, 5890, 773514, 1.0.19666, , ame,
  65. Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0F5DB344-C014-4E61-8527-CEDA1290788E}, Delete-on-Reboot, 891, 787641, 1.0.19666, , ame,
  66. Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\UPDATE SHELL, Delete-on-Reboot, 891, 787642, , , ,
  67. Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{0F5DB344-C014-4E61-8527-CEDA1290788E}, Delete-on-Reboot, 891, 787642, , , ,
  68. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{13DE7A23-60B5-436E-A607-C11314459C75}, Delete-on-Reboot, 5890, 773521, 1.0.19666, , ame,
  69. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1C4F4BD8-7AA4-45C2-9045-0A32838C1D4C}, Delete-on-Reboot, 485, 773542, 1.0.19666, , ame,
  70. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Shell\WinShell, Delete-on-Reboot, 485, 773537, , , ,
  71. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A55DD094-88C5-4FC9-B535-B9323DEDEFB4}, Delete-on-Reboot, 485, 773537, , , ,
  72. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{A55DD094-88C5-4FC9-B535-B9323DEDEFB4}, Delete-on-Reboot, 485, 773537, , , ,
  73. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Shell\WINDOWSSHELLUPDATE, Delete-on-Reboot, 485, 773523, , , ,
  74. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{551D9345-B3A8-4406-9689-5CCDA6CE6CBA}, Delete-on-Reboot, 485, 773523, , , ,
  75. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{551D9345-B3A8-4406-9689-5CCDA6CE6CBA}, Delete-on-Reboot, 485, 773523, , , ,
  76. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Bluetooth\UPDATEDEVICETASK, Delete-on-Reboot, 485, 773541, , , ,
  77. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{1C4F4BD8-7AA4-45C2-9045-0A32838C1D4C}, Delete-on-Reboot, 485, 773541, , , ,
  78. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Autochk\SYSTEMPROXY, Delete-on-Reboot, 485, 773551, , , ,
  79. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6600F6DF-B149-4FD7-89A6-B8738CC5503C}, Delete-on-Reboot, 485, 773551, , , ,
  80. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{6600F6DF-B149-4FD7-89A6-B8738CC5503C}, Delete-on-Reboot, 485, 773551, , , ,
  81. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{345AFB5D-088F-4CA9-A344-54C13320E6FF}, Delete-on-Reboot, 5890, 773521, 1.0.19666, , ame,
  82. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{365E3D50-4C00-491A-8A3A-D36B1B5241B1}, Delete-on-Reboot, 5890, 773521, 1.0.19666, , ame,
  83. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B9EBCE87-30D9-4E19-A58E-1341E3D43A09}, Delete-on-Reboot, 485, 773548, 1.0.19666, , ame,
  84. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E2B7F392-07E9-4684-8D18-EE38BF4AA5A3}, Delete-on-Reboot, 485, 773556, 1.0.19666, , ame,
  85. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{ED553F53-E58F-4E5D-AB4F-F7B498E9D056}, Delete-on-Reboot, 485, 773531, 1.0.19666, , ame,
  86. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{13DE7A23-60B5-436E-A607-C11314459C75}, Delete-on-Reboot, 5890, 773522, , , ,
  87. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MICROSOFT\WINDOWS\.NET FRAMEWORK\.NET Framework Cache Optimization, Delete-on-Reboot, 5890, 773522, 1.0.19666, , ame,
  88. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{345AFB5D-088F-4CA9-A344-54C13320E6FF}, Delete-on-Reboot, 5890, 773522, , , ,
  89. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MICROSOFT\WINDOWS\.NET FRAMEWORK\.NET Framework Cache Optimization Files-S-3-5-21-2236678155-433529325-2142214968-1138, Delete-on-Reboot, 5890, 773522, 1.0.19666, , ame,
  90. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{365E3D50-4C00-491A-8A3A-D36B1B5241B1}, Delete-on-Reboot, 5890, 773522, , , ,
  91. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MICROSOFT\WINDOWS\.NET FRAMEWORK\.NET Framework Cache Optimization Files-S-3-5-21-2236678156-433529325-2142214268-1138, Delete-on-Reboot, 5890, 773522, 1.0.19666, , ame,
  92. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{B9EBCE87-30D9-4E19-A58E-1341E3D43A09}, Delete-on-Reboot, 485, 773539, , , ,
  93. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MICROSOFT\WINDOWS\EDP\EDP App Lock Task, Delete-on-Reboot, 485, 773539, 1.0.19666, , ame,
  94. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Registry\REGBACKUP, Delete-on-Reboot, 485, 773530, , , ,
  95. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{ED553F53-E58F-4E5D-AB4F-F7B498E9D056}, Delete-on-Reboot, 485, 773530, , , ,
  96. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\EDP\EDP APP UPDATE CACHE, Delete-on-Reboot, 485, 773557, , , ,
  97. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E2B7F392-07E9-4684-8D18-EE38BF4AA5A3}, Delete-on-Reboot, 485, 773557, , , ,
  98. Trojan.BitCoinMiner.Powershell, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\THUNDERSEC, Delete-on-Reboot, 5890, 773515, 1.0.19666, , ame,
  99. Trojan.BitCoinMiner.Powershell, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDEFENDS, Delete-on-Reboot, 5890, 773558, 1.0.19666, , ame,
  100. Trojan.BitCoinMiner.Powershell, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDOWSNETWORKSVC, Delete-on-Reboot, 5890, 773598, 1.0.19666, , ame,
  101.  
  102. Registry Value: 19
  103. Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0F5DB344-C014-4E61-8527-CEDA1290788E}|PATH, Delete-on-Reboot, 891, 787641, 1.0.19666, , ame,
  104. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{13DE7A23-60B5-436E-A607-C11314459C75}|PATH, Delete-on-Reboot, 5890, 773521, 1.0.19666, , ame,
  105. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1C4F4BD8-7AA4-45C2-9045-0A32838C1D4C}|PATH, Delete-on-Reboot, 485, 773542, 1.0.19666, , ame,
  106. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{345AFB5D-088F-4CA9-A344-54C13320E6FF}|PATH, Delete-on-Reboot, 5890, 773521, 1.0.19666, , ame,
  107. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{365E3D50-4C00-491A-8A3A-D36B1B5241B1}|PATH, Delete-on-Reboot, 5890, 773521, 1.0.19666, , ame,
  108. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5133896A-7FA0-4EBF-BC71-FF5992A48B03}|PATH, Delete-on-Reboot, 485, 773535, 1.0.19666, , ame,
  109. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{551D9345-B3A8-4406-9689-5CCDA6CE6CBA}|PATH, Delete-on-Reboot, 485, 773525, 1.0.19666, , ame,
  110. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6600F6DF-B149-4FD7-89A6-B8738CC5503C}|PATH, Delete-on-Reboot, 485, 773550, 1.0.19666, , ame,
  111. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{93E71D11-DB4E-406F-8998-6F1D4BF6BCC5}|PATH, Delete-on-Reboot, 485, 773527, 1.0.19666, , ame,
  112. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9CDBFA25-C9C5-4995-87FA-0E2E825B94E0}|PATH, Delete-on-Reboot, 485, 773553, 1.0.19666, , ame,
  113. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A55DD094-88C5-4FC9-B535-B9323DEDEFB4}|PATH, Delete-on-Reboot, 485, 773538, 1.0.19666, , ame,
  114. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B9EBCE87-30D9-4E19-A58E-1341E3D43A09}|PATH, Delete-on-Reboot, 485, 773548, 1.0.19666, , ame,
  115. Trojan.BitCoinMiner.Powershell, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D0962B28-95A8-4763-B73F-ECC0A6FE87BA}|PATH, Delete-on-Reboot, 5890, 773518, 1.0.19666, , ame,
  116. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D41D9A14-B832-4E2D-90D5-7F20802F953F}|PATH, Delete-on-Reboot, 485, 773545, 1.0.19666, , ame,
  117. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E2B7F392-07E9-4684-8D18-EE38BF4AA5A3}|PATH, Delete-on-Reboot, 485, 773556, 1.0.19666, , ame,
  118. Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{ED553F53-E58F-4E5D-AB4F-F7B498E9D056}|PATH, Delete-on-Reboot, 485, 773531, 1.0.19666, , ame,
  119. Trojan.BitCoinMiner.Powershell, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\THUNDERSEC|IMAGEPATH, Delete-on-Reboot, 5890, 773515, 1.0.19666, , ame,
  120. Trojan.BitCoinMiner.Powershell, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDEFENDS|IMAGEPATH, Delete-on-Reboot, 5890, 773558, 1.0.19666, , ame,
  121. Trojan.BitCoinMiner.Powershell, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDOWSNETWORKSVC|IMAGEPATH, Delete-on-Reboot, 5890, 773598, 1.0.19666, , ame,
  122.  
  123. Registry Data: 0
  124. (No malicious items detected)
  125.  
  126. Data Stream: 0
  127. (No malicious items detected)
  128.  
  129. Folder: 0
  130. (No malicious items detected)
  131.  
  132. File: 24
  133. Trojan.BitCoinMiner.Powershell, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\MUI\LPUPDATE, Delete-on-Reboot, 5890, 773517, 1.0.19666, , ame,
  134. Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\UPNP\UPNPHOST, Delete-on-Reboot, 485, 773528, 1.0.19666, , ame,
  135. Trojan.Agent.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\MobilePC\DetectPC, Delete-on-Reboot, 1313, 773534, , , ,
  136. Trojan.Agent.TskLnk, C:\WINDOWS\FONTS\SASD.BAT, Delete-on-Reboot, 1313, 773534, 1.0.19666, , ame,
  137. Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\SHELL\UPDSHELL, Delete-on-Reboot, 485, 773544, 1.0.19666, , ame,
  138. Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\UPNP\UPNPCLIENT TASK, Delete-on-Reboot, 485, 773554, 1.0.19666, , ame,
  139. Trojan.BitCoinMiner, C:\WINDOWS\SYSTEM32\TASKS\UPDATE SHELL, Delete-on-Reboot, 891, 787642, 1.0.19666, , ame,
  140. Trojan.Agent.Powershell, C:\WINDOWS\FONTS\DEL.PS1, Delete-on-Reboot, 735, 709116, 1.0.19666, , ame,
  141. Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\SHELL\WINSHELL, Delete-on-Reboot, 485, 773537, 1.0.19666, , ame,
  142. Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\SHELL\WINDOWSSHELLUPDATE, Delete-on-Reboot, 485, 773523, 1.0.19666, , ame,
  143. Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\BLUETOOTH\UPDATEDEVICETASK, Delete-on-Reboot, 485, 773541, 1.0.19666, , ame,
  144. Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\AUTOCHK\SYSTEMPROXY, Delete-on-Reboot, 485, 773551, 1.0.19666, , ame,
  145. Trojan.BitCoinMiner.Powershell, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\.NET FRAMEWORK\.NET FRAMEWORK CACHE OPTIMIZATION, Delete-on-Reboot, 5890, 773522, , , ,
  146. Trojan.BitCoinMiner.Powershell, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\.NET FRAMEWORK\.NET FRAMEWORK CACHE OPTIMIZATION FILES-S-3-5-21-2236678155-433529325-2142214968-1138, Delete-on-Reboot, 5890, 773522, , , ,
  147. Trojan.BitCoinMiner.Powershell, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\.NET FRAMEWORK\.NET FRAMEWORK CACHE OPTIMIZATION FILES-S-3-5-21-2236678156-433529325-2142214268-1138, Delete-on-Reboot, 5890, 773522, , , ,
  148. Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\EDP\EDP APP LOCK TASK, Delete-on-Reboot, 485, 773539, , , ,
  149. Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\REGISTRY\REGBACKUP, Delete-on-Reboot, 485, 773530, 1.0.19666, , ame,
  150. Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\EDP\EDP APP UPDATE CACHE, Delete-on-Reboot, 485, 773557, 1.0.19666, , ame,
  151. RiskWare.BitCoinMiner, C:\PROGRAMDATA\ORACLE\JAVA\JAVA.EXE, Delete-on-Reboot, 840, 787170, 1.0.19666, F3066AFF9071C59259856A94, dds, 00602469
  152. HackTool.FilePatch, C:\USERS\BRILIANT_FIK\APPDATA\LOCAL\TEMP\IDM.6.32.1+PATCH.EXE, Delete-on-Reboot, 7580, 281135, 1.0.19666, , ame,
  153. PUP.Optional.InstallCore.Generic, D:\DOWNLOADS\DESKTOPHUT LIVE V5.0.0_3708520584.EXE, Delete-on-Reboot, 6007, 512142, 1.0.19666, , ame,
  154. Spyware.PasswordStealer, D:\DOWNLOADS\KAPPA MENU V1.4.7 2.RAR, Delete-on-Reboot, 544, 639934, 1.0.19666, 46915B1087456AF205A7442D, dds, 00602469
  155. CrackTool.Agent, D:\DOWNLOADS\[BAGAS31] - ADOBEACROBAT - JAMUH [BAGAS31].ZIP, Delete-on-Reboot, 6021, 445980, 1.0.19666, 000000000000000000000003, dds, 00602469
  156. HackTool.Agent.UPX, D:\DOWNLOADS\[WWW.GIGAPURBALINGGA.NET]_IDM632B9F.RAR, Delete-on-Reboot, 8582, 651975, 1.0.19666, DA3C764A9FCCC15ECCAD3A8D, dds, 00602469
  157.  
  158. Physical Sector: 0
  159. (No malicious items detected)
  160.  
  161. WMI: 0
  162. (No malicious items detected)
  163.  
  164.  
  165. (end)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!