Data Yang Kena Virus

Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 2/10/20
Scan Time: 4:03 AM
Log File: 90af7476-4b7f-11ea-a10c-0090f58b156d.json
-Software Information-
Version: 4.0.4.49
Components Version: 1.0.810
Update Package Version: 1.0.18948
License: Trial
-System Information-
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: SOPIANIRAWAN-PC\SOPIAN IRAWAN
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 161864
Threats Detected: 211
Threats Quarantined: 211
Time Elapsed: 6 min, 2 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 4
Trojan.Crypt.GO, C:\WINDOWS\WINDEFENDER.EXE, Quarantined, 8149, 747294, , , ,
Adware.DotDo.Generic, C:\PROGRAM FILES\DESTRUCTED\DRAWL.EXE, Quarantined, 5838,
702079, , , ,
702079, , , ,
Adware.DotDo.Generic, C:\PROGRAM FILES\PONDEROUS\FICTIONAL.EXE, Quarantined, 5838,
782812, , , ,
Module: 4
Trojan.Crypt.GO, C:\WINDOWS\WINDEFENDER.EXE, Quarantined, 8149, 747294, , , ,
702079, , , ,
702079, , , ,
Adware.DotDo.Generic, C:\PROGRAM FILES\PONDEROUS\FICTIONAL.EXE, Quarantined, 5838,
782812, , , ,
Registry Key: 53
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CloudPrinter,
Delete-on-Reboot, 906, 259506, , , ,
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Quoteex, Delete-
on-Reboot, 906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\INTERNET
EXPLORER\SEARCHSCOPES\ielnksrch, Delete-on-Reboot, 906, 259989, 1.0.18948, , ame,
Adware.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE
EXECUTION OPTIONS\Quoteex.exe, Delete-on-Reboot, 423, 527830, 1.0.18948, , ame,
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\UPDATER_ONLINE_APPLICATION, Delete-on-
Reboot, 3694, 391429, , , ,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{660A1902-F022-4ADC-9ED0-400869503F36},
Delete-on-Reboot, 3694, 391429, , , ,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{660A1902-F022-4ADC-9ED0-400869503F36},
Delete-on-Reboot, 3694, 391429, , , ,
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{053112AE-1E23-4A89-82C7-31C42F68EF61},
Delete-on-Reboot, 1300, 527820, 1.0.18948, , ame,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{402426C7-4E89-4FCA-BDB3-59D52E5C86E4},
Adware.OnlineIO, HKLM\SOFTWARE\Microleaves, Delete-on-Reboot, 1300, 716215,
1.0.18948, , ame,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4AA315F7-A75F-405B-8492-AF5B793EA3EA},
Trojan.Crypt.GO, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinDefender, Delete-on-
Reboot, 8149, 747294, , , ,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\mtQuoteex, Delete-on-Reboot, 906, 260625,
1.0.18948, , ame,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{897979BD-14B7-4FB3-9816-73809A1CEBC6},
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8AE95CC1-33F4-41E0-9679-418CBAD27AF7},
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8E6374A6-1E09-4219-8BA9-CE0BBD0430D6},
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\TRACING\CloudPrinter_RASAPI32,
Trojan.Glupteba.E, HKU\S-1-5-21-3055940647-3653487965-3928083403-
1000\SOFTWARE\MICROSOFT\TESTAPP, Delete-on-Reboot, 5773, 781336, 1.0.18948, , ame,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\TRACING\CloudPrinter_RASMANCS,
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\
{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Delete-on-Reboot, 3694, 398592,
1.0.18948, , ame,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\TRACING\Quoteex_RASAPI32,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\TRACING\Quoteex_RASMANCS,
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\
{EC7247A2-E800-444D-B351-1DA32C0785FE}, Delete-on-Reboot, 268, 239939, 1.0.18948, ,
ame,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS
NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe, Delete-on-Reboot, 906, 260624,
1.0.18948, , ame,
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Winmon, Delete-on-Reboot,
5773, 781212, 1.0.18948, , ame,
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinmonFS, Delete-on-
Reboot, 5773, 781211, 1.0.18948, , ame,
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinmonProcessMonitor,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{053112AE-1E23-4A89-82C7-31C42F68EF61},
Delete-on-Reboot, 1300, 613263, , , ,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G1, Delete-on-
Reboot, 1300, 613263, 1.0.18948, , ame,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{402426C7-4E89-4FCA-BDB3-59D52E5C86E4},
Delete-on-Reboot, 1300, 613263, , , ,
Reboot, 1300, 613263, 1.0.18948, , ame,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{8E6374A6-1E09-4219-8BA9-CE0BBD0430D6},
Delete-on-Reboot, 1300, 613263, , , ,
Reboot, 1300, 613263, 1.0.18948, , ame,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{897979BD-14B7-4FB3-9816-73809A1CEBC6},
Delete-on-Reboot, 1300, 613263, , , ,
Reboot, 1300, 613263, 1.0.18948, , ame,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{8AE95CC1-33F4-41E0-9679-418CBAD27AF7},
Delete-on-Reboot, 1300, 613263, , , ,
Reboot, 1300, 613263, 1.0.18948, , ame,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{4AA315F7-A75F-405B-8492-AF5B793EA3EA},
Delete-on-Reboot, 1300, 613263, , , ,
Reboot, 1300, 613263, 1.0.18948, , ame,
Adware.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKLH, Delete-on-Reboot,
423, 379533, 1.0.18948, , ame,
PUP.Optional.Linkury.ACMB1,
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting,
1000\SOFTWARE\EpicNet Inc., Delete-on-Reboot, 5773, 781249, 1.0.18948, , ame,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\bestavicampaign563, Delete-on-Reboot, 518,
584322, 1.0.18948, , ame,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\campaign9961, Delete-on-Reboot, 518,
518478, 1.0.18948, , ame,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\multitimercampaign84170, Delete-on-Reboot,
518, 518476, 1.0.18948, , ame,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\Speedycar, Delete-on-Reboot, 518, 518473,
1.0.18948, , ame,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\TechnologyDesktopnew, Delete-on-Reboot,
518, 518479, 1.0.18948, , ame,
Adware.DotDo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\philby, Delete-on-Reboot, 5838, 702079, ,
, ,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B9B502B2-653D-4D18-BEA9-A316E45FC65D},
Delete-on-Reboot, 5838, 702079, , , ,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{B9B502B2-653D-4D18-BEA9-A316E45FC65D},
Delete-on-Reboot, 5838, 702079, , , ,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\philbyphilby, Delete-on-Reboot, 5838,
702079, , , ,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F3DECC34-B889-46D5-83C5-20D2FF7BD20B},
Delete-on-Reboot, 5838, 702079, , , ,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{F3DECC34-B889-46D5-83C5-20D2FF7BD20B},
Delete-on-Reboot, 5838, 702079, , , ,
Registry Value: 28
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3055940647-3653487965-3928083403-
1000\ENVIRONMENT|SNP, Delete-on-Reboot, 906, 259518, 1.0.18948, , ame,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS
NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Delete-on-Reboot, 906, -1, 0.0.0, , action,
1000\ENVIRONMENT|SNF, Delete-on-Reboot, 906, -1, 0.0.0, , action,
1000\ENVIRONMENT|SNF, Delete-on-Reboot, 906, 259517, 1.0.18948, , ame,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\INTERNET
EXPLORER\SEARCHSCOPES\ielnksrch|URL, Delete-on-Reboot, 906, 259989, 1.0.18948, ,
ame,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{053112AE-1E23-4A89-82C7-31C42F68EF61}|
PATH, Delete-on-Reboot, 1300, 527820, 1.0.18948, , ame,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{402426C7-4E89-4FCA-BDB3-59D52E5C86E4}|
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4AA315F7-A75F-405B-8492-AF5B793EA3EA}|
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{660A1902-F022-4ADC-9ED0-400869503F36}|
Generic.Malware/Suspicious, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|
fn34nhw5flr, Delete-on-Reboot, 0, 392686, , , ,
1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Delete-on-Reboot, 906,
259988, 1.0.18948, , ame,
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\INTERNET
EXPLORER\SEARCHSCOPES\ielnksrch|DISPLAYNAME, Delete-on-Reboot, 268, 259314,
1.0.18948, , ame,
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{897979BD-14B7-4FB3-9816-73809A1CEBC6}|
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8AE95CC1-33F4-41E0-9679-418CBAD27AF7}|
NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8E6374A6-1E09-4219-8BA9-CE0BBD0430D6}|
1000\SOFTWARE\MICROSOFT\TESTAPP|DEFENDER, Delete-on-Reboot, 5773, 781336,
1.0.18948, , ame,
{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|CONTACT, Delete-on-Reboot, 3694, 333852,
1.0.18948, , ame,
{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|URLINFOABOUT, Delete-on-Reboot, 3694,
321304, 1.0.18948, , ame,
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\
{EC7247A2-E800-444D-B351-1DA32C0785FE}|PUBLISHER, Delete-on-Reboot, 268, 239939,
1.0.18948, , ame,
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\QUOTEEX|
IMAGEPATH, Delete-on-Reboot, 906, 260626, 1.0.18948, , ame,
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDEFENDER|IMAGEPATH, Delete-
on-Reboot, 489, 428246, 1.0.18948, , ame,
Adware.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKLH|IMAGEPATH, Delete-on-
Reboot, 423, 379533, 1.0.18948, , ame,
Trojan.BitCoinMiner,
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREW
ALLRULES|{2A143A8D-C8A1-4424-93EE-6662E14BEFFE}, Delete-on-Reboot, 890, 446017,
1.0.18948, , ame,
PUP.Optional.CloudNet,
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREW
ALLRULES|{2DA1450E-A140-4630-B7EA-F03E2A777CE4}, Delete-on-Reboot, 6005, 446028,
1.0.18948, , ame,
PUM.Optional.DisableMRT, HKLM\SOFTWARE\POLICIES\MICROSOFT\MRT|DONTOFFERTHROUGHWUAU,
PUM.Optional.DisableMRT, HKLM\SOFTWARE\POLICIES\MICROSOFT\MRT|
DONTREPORTINFECTIONINFORMATION, Delete-on-Reboot, 6978, 676881, 1.0.18948, , ame,
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CLOUDPRINTER|
IMAGEPATH, Delete-on-Reboot, 906, 259916, 1.0.18948, , ame,
Adware.DotDo.Generic, HKU\S-1-5-21-3055940647-3653487965-3928083403-
1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fictional, Delete-on-Reboot,
5838, 782812, , , ,
Registry Data: 6
1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Replace-on-Reboot, 906,
293485, 1.0.18948, , ame,
1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Replace-on-Reboot, 906,
293485, 1.0.18948, , ame,
1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Replace-on-Reboot,
906, 293485, 1.0.18948, , ame,
1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Replace-on-
Reboot, 906, 293486, 1.0.18948, , ame,
Adware.SonicSearch, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT,
Replace-on-Reboot, 13535, 693611, 1.0.18948, , ame,
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|
DEFAULTSCOPE, Replace-on-Reboot, 268, 293477, 1.0.18948, , ame,
Data Stream: 0
(No malicious items detected)
Folder: 37
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\CloudPrinter.exe\Protection
Dir, Delete-on-Reboot, 906, 259506, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\CloudPrinter.exe, Delete-
on-Reboot, 906, 259506, , , ,
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\CLOUDPRINTER, Delete-on-Reboot, 906,
259506, 1.0.18948, , ame,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.exe\Protection Dir,
Delete-on-Reboot, 906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.exe, Delete-on-Reboot,
906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\ondemand, Delete-on-Reboot, 906,
260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\temp, Delete-on-Reboot, 906,
260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\QUOTEEX, Delete-on-Reboot, 906, 260620,
1.0.18948, , ame,
PUP.Optional.BundleInstaller, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\TEMP\12002482,
Delete-on-Reboot, 505, 463480, 1.0.18948, 00C7174FF90EBB48E4C7ED5C, dds,
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1},
Adware.OnlineIO, C:\ProgramData\Microleaves\Online Application\updates, Delete-on-
Reboot, 1300, 399763, , , ,
Adware.OnlineIO, C:\ProgramData\Microleaves\Online Application, Delete-on-Reboot,
1300, 399763, , , ,
Adware.OnlineIO, C:\PROGRAMDATA\MICROLEAVES, Delete-on-Reboot, 1300, 399763,
1.0.18948, , ame,
Adware.OnlineIO, C:\Users\SOPIAN IRAWAN\AppData\Roaming\Microleaves\Online
Application 2.7.0\install\CFCBAA1, Delete-on-Reboot, 1300, 399763, , , ,
Application 2.7.0\install, Delete-on-Reboot, 1300, 399763, , , ,
Application 2.7.0, Delete-on-Reboot, 1300, 399763, , , ,
Adware.OnlineIO, C:\USERS\SOPIAN IRAWAN\APPDATA\ROAMING\MICROLEAVES, Delete-on-
Reboot, 1300, 399763, 1.0.18948, , ame,
Adware.Linkury, C:\ProgramData\Logic Cramble\set.exe\Protection Dir, Delete-on-
Reboot, 423, 431817, , , ,
Adware.Linkury, C:\ProgramData\Logic Cramble\set.exe, Delete-on-Reboot, 423,
431817, , , ,
Adware.Linkury, C:\ProgramData\Logic Cramble\X64, Delete-on-Reboot, 423,
431817, , , ,
Adware.Linkury, C:\ProgramData\Logic Cramble\X86, Delete-on-Reboot, 423,
431817, , , ,
Adware.Linkury, C:\PROGRAMDATA\LOGIC CRAMBLE, Delete-on-Reboot, 423, 431817,
1.0.18948, , ame,
Adware.OnlineIO, C:\Program Files\Microleaves\Online Application\Version
2.6.0\Online-Guardian.exe\Protection Dir, Delete-on-Reboot, 1300, 716213, , , ,
2.6.0\Online-Guardian.exe, Delete-on-Reboot, 1300, 716213, , , ,
Adware.OnlineIO, C:\Program Files\Microleaves\Online Application\Version 2.6.0,
Delete-on-Reboot, 1300, 716213, , , ,
Adware.OnlineIO, C:\Program Files\Microleaves\Online Application, Delete-on-Reboot,
1300, 716213, , , ,
Adware.OnlineIO, C:\PROGRAM FILES\MICROLEAVES, Delete-on-Reboot, 1300, 716213,
1.0.18948, , ame,
Trojan.Glupteba.BITSRST, C:\Users\SOPIAN IRAWAN\AppData\Roaming\EpicNet
Inc\CloudNet\cloudnet.exe\Protection Dir, Delete-on-Reboot, 1123, 781247, , , ,
Inc\CloudNet\cloudnet.exe, Delete-on-Reboot, 1123, 781247, , , ,
Inc\CloudNet, Delete-on-Reboot, 1123, 781247, , , ,
Trojan.Glupteba.BITSRST, C:\USERS\SOPIAN IRAWAN\APPDATA\ROAMING\EPICNET INC,
Trojan.Glupteba.BITSRST, C:\Users\SOPIAN IRAWAN\AppData\Local\EpicNet
Inc\CloudNet\cloudnet.exe\Protection Dir, Delete-on-Reboot, 1123, 781248, , , ,
Trojan.Glupteba.BITSRST, C:\Users\SOPIAN IRAWAN\AppData\Local\EpicNet
Inc\CloudNet\cloudnet.exe, Delete-on-Reboot, 1123, 781248, , , ,
Trojan.Glupteba.BITSRST, C:\Users\SOPIAN IRAWAN\AppData\Local\EpicNet Inc\CloudNet,
Delete-on-Reboot, 1123, 781248, , , ,
Trojan.Glupteba.BITSRST, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\EPICNET INC, Delete-
on-Reboot, 1123, 781248, 1.0.18948, , ame,
Adware.Linkury.TskLnk, C:\PROGRAM FILES\COMMON FILES\GOLDCOF, Delete-on-Reboot,
14923, 444930, 1.0.18948, , ame,
PUP.Optional.Linkury.Generic, C:\PROGRAMDATA\QUOTEEXS, Delete-on-Reboot, 204,
380106, 1.0.18948, , ame,
File: 79
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\CLOUDPRINTER\CLOUDPRINTER.DAT, Delete-
on-Reboot, 906, 259506, 1.0.18948, , ame,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\Config.xml, Delete-on-
Reboot, 906, 259506, , , ,
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\QUOTEEX\1xnnmrv4.xml, Delete-on-Reboot,
906, 260620, 1.0.18948, , ame,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Beta-Lux.dat, Delete-on-Reboot,
906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Canhome.bin, Delete-on-Reboot,
906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Coffind.bin, Delete-on-Reboot,
906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\conf.config, Delete-on-Reboot,
906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Damtough.dll, Delete-on-Reboot,
906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Dripla.exe.config, Delete-on-
Reboot, 906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Goodtip.bin, Delete-on-Reboot,
906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Joycore.dat, Delete-on-Reboot,
906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\md.xml, Delete-on-Reboot, 906,
260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.d.dat, Delete-on-Reboot,
906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.dat, Delete-on-Reboot,
906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\RanLux.bin, Delete-on-Reboot,
906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\RanLux.bin.bck, Delete-on-
Reboot, 906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\S--Ing.exe, Delete-on-Reboot,
906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\S--Ing.exe.config, Delete-on-
Reboot, 906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Supercom.bin, Delete-on-Reboot,
906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\TrioJaystock.bin, Delete-on-
Reboot, 906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\uninstall.dat, Delete-on-Reboot,
906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\WhiteStock.bin, Delete-on-
Reboot, 906, 260620, , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Zimlux.dat, Delete-on-Reboot,
906, 260620, , , ,
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\UPDATER_ONLINE_APPLICATION.JOB, Delete-on-
Reboot, 3694, 391430, 1.0.18948, , ame,
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\UPDATER_ONLINE_APPLICATION,
Adware.Linkury.Generic, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\NOAH.DAT, Delete-on-
Reboot, 3755, 404865, 1.0.18948, , ame,
Adware.Linkury.Generic, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\Blackbam.tst, Delete-
on-Reboot, 3755, 404871, 1.0.18948, , ame,
Adware.Linkury.Generic, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\UNINSTALL_TEMP.ICO,
Adware.Linkury.Generic, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\InchFax.tst, Delete-
on-Reboot, 3755, 404871, 1.0.18948, , ame,
Adware.Linkury.Generic, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\MD.XML, Delete-on-
Reboot, 3755, 404866, 1.0.18948, , ame,
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSTEM32\FINDIT.XML, Delete-on-Reboot, 906,
259512, 1.0.18948, , ame,
Adware.Linkury.Generic, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\AGENT.DAT, Delete-on-
Reboot, 3755, 404872, 1.0.18948, , ame,
Adware.Linkury.Generic, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\MAIN.DAT, Delete-on-
Reboot, 3755, 442900, 1.0.18948, , ame,
Trojan.Crypt.GO, C:\WINDOWS\WINDEFENDER.EXE, Delete-on-Reboot, 8149, 747294,
1.0.18948, B69A5D7C91A8FEE349A9B5EA, dds, 00582979
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\SOURCEHASH{5266F634-7B7D-4537-BDDC-
98DD6CFCBAA1}, Delete-on-Reboot, 3694, 391431, 1.0.18948, , ame,
Trojan.Agent, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\LOBBY.DAT, Delete-on-Reboot,
489, 712637, 1.0.18948, , ame,
Trojan.Agent, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\APPLICATIONHOSTING.DAT, Delete-
on-Reboot, 489, 712640, 1.0.18948, , ame,
Generic.Malware/Suspicious, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\BLACKBAM.EXE,
Delete-on-Reboot, 0, 392686, 1.0.18948, , shuriken,
Generic.Malware/Suspicious, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\SUMITY.BIN,
Generic.Malware/Suspicious, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\INCHFAX.EXE,
Generic.Malware/Suspicious, C:\PROGRAM FILES\VERB\729355285.EXE, Delete-on-Reboot,
0, 392686, 1.0.18948, , shuriken,
Generic.Malware/Suspicious, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\TEMP\IS-
0NBF1.TMP\VALIUMSHC.EXE, Delete-on-Reboot, 0, 392686, 1.0.18948, , shuriken,
Adware.Linkury,
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\installer.dat, Delete-on-
Reboot, 423, 715618, 1.0.18948, , ame,
PUP.Optional.BundleInstaller, C:\USERS\SOPIAN
IRAWAN\APPDATA\LOCAL\TEMP\12002482\ic-0.0c2f8f8b02420c.exe, Delete-on-Reboot, 505,
463480, 1.0.18948, 00C7174FF90EBB48E4C7ED5C, dds, 00582979
PUP.Optional.BundleInstaller, C:\Users\SOPIAN
IRAWAN\AppData\Local\Temp\12002482\dlreport, Delete-on-Reboot, 505, 463480, , , ,
IRAWAN\AppData\Local\Temp\12002482\ic-0.9a7d4298ce1c8.exe, Delete-on-Reboot, 505,
463480, , , ,
IRAWAN\AppData\Local\Temp\12002482\ic-0.f410532c0e90d.exe, Delete-on-Reboot, 505,
463480, , , ,
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-
98DD6CFCBAA1}\online.exe, Delete-on-Reboot, 3694, 391425, , , ,
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-
98DD6CFCBAA1}\SystemFoldermsiexec.exe, Delete-on-Reboot, 3694, 391425, , , ,
Application 2.7.0\install\CFCBAA1\Basic Installer with memory detection.msi,
Delete-on-Reboot, 1300, 399763, , , ,
Adware.Linkury, C:\ProgramData\Logic Cramble\X64\SQLite.Interop.dll, Delete-on-
Reboot, 423, 431817, , , ,
Adware.Linkury, C:\ProgramData\Logic Cramble\X86\SQLite.Interop.dll, Delete-on-
Reboot, 423, 431817, , , ,
Adware.Linkury, C:\ProgramData\Logic Cramble\Config.json, Delete-on-Reboot, 423,
431817, , , ,
Adware.Linkury, C:\ProgramData\Logic Cramble\set.exe.config, Delete-on-Reboot, 423,
431817, , , ,
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.dll, Delete-on-
Reboot, 423, 431817, , , ,
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.Linq.dll, Delete-
on-Reboot, 423, 431817, , , ,
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.xml, Delete-on-
Reboot, 423, 431817, , , ,
2.6.0\Online.io EULA.url, Delete-on-Reboot, 1300, 716213, , , ,
2.6.0\Online.io Privacy.url, Delete-on-Reboot, 1300, 716213, , , ,
2.6.0\Uninstall Online Application.lnk, Delete-on-Reboot, 1300, 716213, , , ,
Adware.OnlineIO, C:\Program Files\Microleaves\Online Application\Online Application
Updater.exe, Delete-on-Reboot, 1300, 716213, , , ,
Adware.OnlineIO, C:\Program Files\Microleaves\Online Application\Online Application
Updater.ini, Delete-on-Reboot, 1300, 716213, , , ,
Adware.Linkury, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\installer.dat, Delete-on-
Reboot, 423, 715618, 1.0.18948, , ame,
Adware.Linkury.TskLnk, C:\PROGRAM FILES\COMMON
FILES\GOLDCOF\INSTALLATIONCONFIGURATION.XML, Delete-on-Reboot, 14923, 444930,
1.0.18948, , ame,
Adware.Linkury.TskLnk, C:\Program Files\Common Files\Goldcof\uninstall.dat, Delete-
on-Reboot, 14923, 444930, , , ,
Adware.Linkury.TskLnk, C:\Program Files\Common Files\Goldcof\uninstall.exe, Delete-
on-Reboot, 14923, 444930, , , ,
Adware.Linkury.TskLnk, C:\Program Files\Common Files\Goldcof\uninstall.ico, Delete-
on-Reboot, 14923, 444930, , , ,
Adware.Linkury.TskLnk, C:\USERS\SOPIAN
IRAWAN\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, Delete-on-Reboot, 14923,
444923, 1.0.18948, , ame,
PUP.Optional.Linkury.Generic, C:\PROGRAMDATA\QUOTEEXS\FF.HP, Delete-on-Reboot, 204,
380106, 1.0.18948, , ame,
PUP.Optional.Linkury.Generic, C:\ProgramData\Quoteexs\ff.NT, Delete-on-Reboot, 204,
380106, , , ,
PUP.Optional.Linkury.Generic, C:\ProgramData\Quoteexs\snp.sc, Delete-on-Reboot,
204, 380106, , , ,
Adware.Linkury.Generic, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\CONFIG.XML, Delete-on-
Reboot, 3755, 404859, 1.0.18948, , ame,
Adware.Linkury.TskLnk,
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XM
L, Delete-on-Reboot, 14923, 444922, 1.0.18948, , ame,
Adware.DotDo.Generic, C:\WINDOWS\SYSTEM32\TASKS\philby, Delete-on-Reboot, 5838,
702079, , , ,
Adware.DotDo.Generic, C:\WINDOWS\SYSTEM32\TASKS\philbyphilby, Delete-on-Reboot,
5838, 702079, , , ,
Adware.DotDo.Generic, C:\PROGRAM FILES\DESTRUCTED\DRAWL.EXE, Delete-on-Reboot,
5838, 702079, 1.0.18948, 90E44DDF323ABFC2E72D57CF, dds, 00582979
Adware.DotDo.Generic, C:\PROGRAM FILES\PONDEROUS\FICTIONAL.EXE, Delete-on-Reboot,
5838, 782812, 1.0.18948, , ame,
Trojan.MalPack.GS, C:\USERS\SOPIAN IRAWAN\APPDATA\ROAMING\DVCGEVF, Delete-on-
Reboot, 8210, 780454, 1.0.18948, , ame,
Trojan.IStartSurf, C:\USERS\SOPIAN IRAWAN\APPDATA\LOCAL\TEMP\SMADAV PRO 2020 CRACK
REGISTRATION KEY FULL LATEST [27 JANUARY 2020].ZIP, Delete-on-Reboot, 622, 778047,
1.0.18948, 000000000000000000000004, dds, 00582979
Physical Sector: 0
WMI: 0
(end)

Data Yang Kena Virus

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Data Yang Kena Virus

Загружено:

Авторское право:

Доступные форматы

Malwarebytes

Вам также может понравиться