Computer screen going black and flashing when trying to run security software - Virus, Trojan, Spyware, and Malware Removal Help
Common Information
Type Value
UUID 0ec10e61-e0c4-45da-80b8-627d7a9dce35
Fingerprint 3fda3b50fece0ec7
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 25, 2022, 3:50 p.m.
Added to db Dec. 26, 2022, 1:43 a.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline Computer screen going black and flashing when trying to run security software
Title Computer screen going black and flashing when trying to run security software - Virus, Trojan, Spyware, and Malware Removal Help
Detected Hints/Tags/Attributes 54/2/203
Attributes
Details Type #Events CTI Value
Details Domain 295
amazon.com
Details Domain 37
java.com
Details Domain 368
microsoft.com
Details Domain 57
adobe.com
Details Domain 8
intel-webapi.intel.com
Details Domain 37
videolan.org
Details Domain 1
citrixonline.com
Details Domain 1
www.travelandleisure.com
Details Domain 768
www.youtube.com
Details Domain 18
gog.com
Details Domain 1
sqa.com
Details Domain 87
regid.1991-06.com.microsoft
Details File 4
c:\program files\amd\cnext\cnext\amdrsserv.exe
Details File 4
c:\program files\amd\cnext\cnext\radeonsoftware.exe
Details File 29
jusched.exe
Details File 18
jucheck.exe
Details File 4
c:\program files\amd\cnext\cnext\amdow.exe
Details File 4
c:\program files\amd\performance profile client\aueplauncher.exe
Details File 2
c:\program files\amd\performance profile client\auepmaster.exe
Details File 1
c:\program files\amd\performance profile client\auepuf.exe
Details File 3
c:\program files\logitech\logioptions\logioptions.exe
Details File 2
c:\programdata\logishrd\logioptions\software\current\logioverlay.exe
Details File 4
c:\programdata\logishrd\logioptions\software\current\logioptionsmgr.exe
Details File 4
c:\program files\logitech\setpointp\setpoint.exe
Details File 3
c:\program files\common files\logishrd\khal3\khalmnpr.exe
Details File 46
c:\program files\malwarebytes\anti-malware\mbamservice.exe
Details File 39
c:\program files\malwarebytes\anti-malware\mbamtray.exe
Details File 3
cnmnsst2.exe
Details File 1
u0366524.inf
Details File 14
atiesrxx.exe
Details File 1
c:\windows\system32\driverstore\filerepository\u0366524.inf
Details File 15
atieclxx.exe
Details File 1260
explorer.exe
Details File 2
c:\program files\daemon tools lite\dtagent.exe
Details File 128
msedge.exe
Details File 1
c:\users\abc\appdata\local\microsoft\bingwallpaperapp\bingwallpaperapp.exe
Details File 5
c:\program files\nordvpn\nordvpn.exe
Details File 15
c:\program files\realtek\audio\hda\rtkngui64.exe
Details File 1
cbinterface.exe
Details File 23
c:\windows\system32\mousocoreworker.exe
Details File 306
services.exe
Details File 2
c:\program files\daemon tools lite\discsoftbusservicelite.exe
Details File 2
cbvscservice11.exe
Details File 41
jhi_service.exe
Details File 26
lms.exe
Details File 2
cbservice.exe
Details File 15
gameinputsvc.exe
Details File 10
gamingservices.exe
Details File 10
gamingservicesnet.exe
Details File 27
c:\windows\system32\msiexec.exe
Details File 1
c:\windows\system32\amdlogsr.exe
Details File 198
msmpeng.exe
Details File 87
nissrv.exe
Details File 1
msi_liveupdate_service.exe
Details File 3
msiddrservice.exe
Details File 3
msicontrolservice.exe
Details File 5
c:\program files\nordupdater\nordupdateservice.exe
Details File 5
c:\program files\nordvpn\nordvpn-service.exe
Details File 1122
svchost.exe
Details File 12
cortana.exe
Details File 13
hxoutlook.exe
Details File 19
hxtsr.exe
Details File 27
phoneexperiencehost.exe
Details File 85
c:\windows\system32\dllhost.exe
Details File 67
c:\windows\system32\smartscreen.exe
Details File 35
c:\windows\system32\wlanext.exe
Details File 12
updaterstartuputility.exe
Details File 3
startcommandcenter.exe
Details File 6
cloud.exe
Details File 42
adobearm.exe
Details File 5
acrotray.exe
Details File 175
update.exe
Details File 87
skype.exe
Details File 3
c:\program files\microsoft office\office15\lync.exe
Details File 409
c:\windows\system32\cmd.exe
Details File 1
c:\users\madhu\appdata\local\microsoft\onedrive\update\onedrivesetup.exe
Details File 1
c:\users\madhu\appdata\local\microsoft\onedrive\standaloneupdater\onedrivesetup.exe
Details File 2
f:\setup.exe
Details File 1
i:\setup.exe
Details File 1
j:\setup.exe
Details File 1
c:\windows\system32\spool\prtprocs\x64\cnmpddl.dll
Details File 7
c:\windows\system32\adobepdf.dll
Details File 1
c:\windows\system32\cncaldl.dll
Details File 1
c:\windows\system32\cnmlmae.dll
Details File 1
c:\windows\system32\cnmxlmae.dll
Details File 1
c:\windows\system32\cnmlmdl.dll
Details File 4
c:\windows\system32\cnmn6ppm.dll
Details File 1
c:\windows\system32\stkmonitor.dll
Details File 61
chrmstp.exe
Details File 2
c:\program files\microsoft office\office15\onenotem.exe
Details File 97
mpcmdrun.exe
Details File 6
systemreset.exe
Details File 8
c:\program files\amd\cnext\cnext\cncmd.exe
Details File 105
googleupdate.exe
Details File 8
c:\program files\amd\cim\bin64\installmanagerapp.exe
Details File 2
c:\program files\microsoft office\office15\msoia.exe
Details File 2
c:\program files\common files\microsoft shared\office15\olicenseheartbeat.exe
Details File 7
c:\program files\amd\cnext\cnext\rsservcmd.exe
Details File 1
c:\program files\microsoft office\office15\msosync.exe
Details File 3
c:\windows\system32\pcalua.exe
Details File 1
g:\games\age of mythology\aom.exe
Details File 99
c:\windows\explorer.exe
Details File 8
intelpttekrecertification.exe
Details File 91
addition.txt
Details File 1
g:\coding\java 8\bin\dtplugin\npdeployjava1.dll
Details File 1
g:\coding\java 8\bin\plugin2\npjp2.dll
Details File 1
c:\program files\microsoft office\office15\npspwrap.dll
Details File 13
npadobeaamdetect64.dll
Details File 8
npintelwebapiipt.dll
Details File 8
npintelwebapiupdater.dll
Details File 6
npmeetingjoinpluginoc.dll
Details File 16
npspwrap.dll
Details File 10
npvlc.dll
Details File 10
nppdf32.dll
Details File 10
npadobeaamdetect32.dll
Details File 1
c:\users\madhu\appdata\local\citrix\plugins\104\npappdetector.dll
Details File 38
armsvc.exe
Details File 11
adobeupdateservice.exe
Details File 15
agsservice.exe
Details File 8
c:\program files\electronic arts\ea desktop\ea desktop\eabackgroundservice.exe
Details File 18
easyanticheat.exe
Details File 5
galaxycommunication.exe
Details File 4
idrivert.exe
Details File 1
msiclockservice.exe
Details File 3
msicommservice.exe
Details File 1
msicpuservice.exe
Details File 3
msismbservice.exe
Details File 3
msisuperioservice.exe
Details File 38
c:\program files\windows defender advanced threat protection\mssense.exe
Details File 2
c:\windows\system32\samsung\easysetup\ss_conn_launcher.exe
Details File 2
c:\windows\system32\drivers\amdkmafd.sys
Details File 21
c:\windows\system32\drivers\applelowerfilter.sys
Details File 1
c:\windows\system32\drivers\busenum.sys
Details File 15
c:\windows\system32\drivers\ssudbus2.sys
Details File 3
c:\windows\system32\drivers\dtlitescsibus.sys
Details File 3
c:\windows\system32\drivers\dtliteusbbus.sys
Details File 1
c:\windows\system32\drivers\elbycdio.sys
Details File 1
c:\windows\system32\drivers\htcvcomv64.sys
Details File 30
c:\windows\system32\drivers\mbamchameleon.sys
Details File 38
c:\windows\system32\drivers\mbamelam.sys
Details File 38
c:\windows\system32\drivers\mbamswissarmy.sys
Details File 39
mpksldrv.sys
Details File 4
c:\windows\system32\drivers\mtkbtfilterx.sys
Details File 4
c:\windows\system32\drivers\mtkwl6ex.sys
Details File 5
ndivert.sys
Details File 3
c:\windows\system32\drivers\nlwt.sys
Details File 5
c:\windows\system32\drivers\nordlwf.sys
Details File 2
c:\windows\system32\drivers\npf.sys
Details File 4
ntiolib_x64.sys
Details File 5
c:\windows\system32\drivers\scpvbus.sys
Details File 2
c:\windows\syswow64\drivers\secdrv.sys
Details File 12
c:\windows\system32\drivers\ssudmdm.sys
Details File 2
c:\windows\system32\drivers\ssudserd.sys
Details File 8
c:\windows\system32\drivers\ss_conn_usb_driver2.sys
Details File 8
c:\windows\system32\drivers\tapnordvpn.sys
Details File 1
c:\windows\system32\drivers\vclone.sys
Details File 1
c:\windows\system32\drivers\vjoy.sys
Details File 70
c:\windows\system32\drivers\wd\wdboot.sys
Details File 70
c:\windows\system32\drivers\wd\wdfilter.sys
Details File 70
c:\windows\system32\drivers\wd\wdnisdrv.sys
Details File 11
c:\windows\system32\drivers\wintun.sys
Details File 1
c:\users\abc\appdata\local\temp\alsysio64.sys
Details File 1
c:\users\abc\downloads\mbsetup-8ac5b30a.exe
Details File 1
c:\users\abc\appdata\roaming\0f1d65e581090372f3b6276a41be559a2d8ac9f9   2022-12-21 12:30 - 2022-12-21 12:33 - 001171046 _____ c:\users\abc\documents\img_20221221_0001.pdf
Details File 3
c:\windows\system32\mtkihvx.dll
Details File 1
c:\frst   2022-12-25 12:42 - 2022-06-27 22:33 - 000000000 ____d c:\users\abc\desktop\frst   2022-12-25 12:31 - 2020-10-31 20:26 - 000000000 ____d c:\users\abc\appdata\local\crashdumps   2022-12-25 11:58 - 2021-03-13 11:39 - 000971894 _____ c:\windows\system32\perfstringbackup.ini
Details File 1
c:\program files\malwarebytes   2022-12-25 11:55 - 2018-01-27 11:09 - 000000000 ___rd c:\users\abc\onedrive   2022-12-25 11:55 - 2017-07-19 17:35 - 000000000 ____d c:\programdata\malwarebytes   2022-12-25 11:54 - 2022-04-26 17:14 - 000000000 ____d c:\windows\pss   2022-12-25 11:54 - 2021-03-13 11:40 - 000003106 _____ c:\windows\system32\tasks\amdinstalllauncher   2022-12-25 11:54 - 2021-03-13 11:40 - 000003092 _____ c:\windows\system32\tasks\amdlinkupdate   2022-12-25 11:54 - 2021-03-13 11:40 - 000000006 ____h c:\windows\tasks\sa.dat
Details File 38
c:\dumpstack.log
Details File 1
c:\program files\process hacker 2   2022-12-25 11:47 - 2022-04-26 22:38 - 000001400 _____ c:\users\abc\desktop\rkill.txt
Details File 3
c:\windows\system32\spu_storage.bin
Details File 1
c:\programdata\microsoft\windows\start menu\programs\process hacker 2   2022-12-25 02:04 - 2021-03-13 11:40 - 000005184 _____ c:\windows\system32\tasks\microsoft office 15 sync maintenance for red-phoenix red   2022-12-25 01:45 - 2019-12-07 01:14 - 000000000 ____d c:\windows\appreadiness   2022-12-25 01:40 - 2021-03-13 11:32 - 005109760 _____ c:\windows\system32\fntcache.dat
Details File 54
c:\windows\syswow64\printconfig.dll
Details File 59
c:\windows\system32\mrt.exe
Details File 1
c:\users\abc\appdata\roaming\fc29fa0894fe.ini
Details File 1
c:\users\abc\appdata\roaming\microsoft\microsoftmalwareprotection.exe
Details File 86
frst.txt
Details sha1 1
0f1d65e581090372f3b6276a41be559a2d8ac9f9
Details IPv4 27
192.168.1.3
Details IPv4 1
50.0.1.1
Details IPv4 1
50.0.2.2
Details IPv4 4
103.86.99.99
Details IPv4 4
103.86.96.96
Details IPv4 2
3.0.7.1
Details IPv4 1
6.45.10.0
Details Url 1
https://www.travelandleisure.com
Details Url 1
http://www.google.com/","hxxps://portal.azure.com/#blade
Details Url 103
https://www.youtube.com
Details Windows Registry Key 68
HKLM\...\Run
Details Windows Registry Key 50
HKLM-x32\...\Run
Details Windows Registry Key 19
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
Details Windows Registry Key 1
HKU\S-1-5-21-2295683800-2167020549-2390551489-1001\...\Run
Details Windows Registry Key 1
HKU\S-1-5-21-2295683800-2167020549-2390551489-1001\...\RunOnce
Details Windows Registry Key 1
HKU\S-1-5-21-2295683800-2167020549-2390551489-1001\...\Policies\system
Details Windows Registry Key 1
HKU\S-1-5-21-2295683800-2167020549-2390551489-1003\...\Run
Details Windows Registry Key 1
HKU\S-1-5-21-2295683800-2167020549-2390551489-1003\...\MountPoints2
Details Windows Registry Key 14
HKLM\...\Windows
Details Windows Registry Key 7
HKLM\...\Print\Monitors\Adobe
Details Windows Registry Key 15
HKLM\...\Print\Monitors\Canon
Details Windows Registry Key 1
HKLM\...\Print\Monitors\stkMonitor
Details Windows Registry Key 59
HKLM\Software\Microsoft\Active
Details Windows Registry Key 19
HKLM-x32\...\Firefox\Extensions
Details Windows Registry Key 1
HKU\S-1-5-21-2295683800-2167020549-2390551489-1001
Details Windows Registry Key 39
HKLM-x32\...\Chrome\Extension