Virus detected by a program, nothing found in Windows Defender or Malwarebytes - Virus, Trojan, Spyware, and Malware Removal Help
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 14f39118-9cbb-42e1-a055-ddf18b6c6157 |
| Fingerprint | 17d83b2afec6aec3 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | July 14, 2023, 5:45 p.m. |
| Added to db | July 14, 2023, 11:59 p.m. |
| Last updated | Nov. 17, 2024, 10:40 p.m. |
| Headline | Virus detected by a program, nothing found in Windows Defender or Malwarebytes |
| Title | Virus detected by a program, nothing found in Windows Defender or Malwarebytes - Virus, Trojan, Spyware, and Malware Removal Help |
| Detected Hints/Tags/Attributes | 116/2/462 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 163 | ✔ | — | https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 285 | microsoft.net |
|
| Details | Domain | 1 | act.server.host |
|
| Details | Domain | 707 | google.com |
|
| Details | Domain | 454 | www.google.com |
|
| Details | Domain | 1 | bho.com |
|
| Details | Domain | 42 | mcafee.com |
|
| Details | Domain | 57 | adobe.com |
|
| Details | Domain | 10 | foxitsoftware.com |
|
| Details | Domain | 8 | intel-webapi.intel.com |
|
| Details | Domain | 369 | microsoft.com |
|
| Details | Domain | 4 | nortonsafe.search.ask.com |
|
| Details | Domain | 4 | ss-sym.search.ask.com |
|
| Details | Domain | 1 | www.callback.com |
|
| Details | Domain | 1 | newsoftwares.net |
|
| Details | Domain | 1 | workplace-diagnostics-20230713-153052.zip |
|
| Details | Domain | 1 | implementation.zip |
|
| Details | Domain | 1 | revised.zip |
|
| Details | Domain | 87 | regid.1991-06.com.microsoft |
|
| Details | Domain | 1 | softwares.net |
|
| Details | Domain | 295 | amazon.com |
|
| Details | Domain | 50 | microsoft.photos |
|
| Details | Domain | 2 | samsungelectronicsco.ltd |
|
| Details | Domain | 1 | www.sidestep.com |
|
| Details | Domain | 4 | nbc.com |
|
| Details | Domain | 1 | hp13.msn.com |
|
| Details | Domain | 1 | inforworks.rbc.com |
|
| Details | Domain | 1 | stonex.com |
|
| Details | Domain | 1 | idp.stonex.com |
|
| Details | Domain | 5 | webcompanion.com |
|
| Details | Domain | 1 | fredjlowehpenvy.mshome.net |
|
| Details | Domain | 1 | lgwebostv.mshome.net |
|
| Details | Domain | 1 | servicegateway.intel.com |
|
| Details | Domain | 64 | go.microsoft.com |
|
| Details | 1 | firefox@bho.com |
||
| Details | 2 | msktbird@mcafee.com |
||
| Details | File | 1 | c:\users\fred\downloads\frst64.exe |
|
| Details | File | 271 | chrome.exe |
|
| Details | File | 409 | c:\windows\system32\cmd.exe |
|
| Details | File | 1 | c:\program files\adobe\acrobat dc\acrobat\acrobat.exe |
|
| Details | File | 1 | c:\program files\adobe\acrobat dc\acrobat\acrocef_1\acrocef.exe |
|
| Details | File | 1 | c:\program files\microsoft office 15\root\office15\excel.exe |
|
| Details | File | 7 | c:\windows\splwow64.exe |
|
| Details | File | 27 | c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
|
| Details | File | 6 | nvcontainer.exe |
|
| Details | File | 1 | c:\users\fred\appdata\local\webex\webexhost.exe |
|
| Details | File | 1 | c:\users\fred\appdata\local\webex\webex64\meetings\atmgr.exe |
|
| Details | File | 1 | c:\users\fred\appdata\local\programs\cisco spark\ciscocollabhost.exe |
|
| Details | File | 2126 | cmd.exe |
|
| Details | File | 1 | workplacebrowserhelper.exe |
|
| Details | File | 1260 | explorer.exe |
|
| Details | File | 2 | c:\program files\canon\canon mf network scan utility\cnmfsut6.exe |
|
| Details | File | 2 | c:\program files\canon\canon mf network scanner selector\cmfnss6.exe |
|
| Details | File | 127 | c:\windows\system32\rundll32.exe |
|
| Details | File | 63 | thunderbird.exe |
|
| Details | File | 1 | flcomservctrl.exe |
|
| Details | File | 1 | c:\windows\syswow64\winfltray.exe |
|
| Details | File | 7 | c:\windows\system32\igfxtray.exe |
|
| Details | File | 8 | c:\windows\system32\igfxem.exe |
|
| Details | File | 8 | c:\windows\system32\igfxhk.exe |
|
| Details | File | 85 | c:\windows\system32\dllhost.exe |
|
| Details | File | 8 | c:\windows\system32\musnotifyicon.exe |
|
| Details | File | 674 | node.js |
|
| Details | File | 31 | helper.exe |
|
| Details | File | 306 | services.exe |
|
| Details | File | 2 | anti_ransomware_service.exe |
|
| Details | File | 2 | afcdpsrv.exe |
|
| Details | File | 3 | syncagentsrv.exe |
|
| Details | File | 4 | mms_mini.exe |
|
| Details | File | 3 | schedul2.exe |
|
| Details | File | 38 | armsvc.exe |
|
| Details | File | 6 | hpqwmiex.exe |
|
| Details | File | 1 | hpwmisvc.exe |
|
| Details | File | 2 | hpsupportsolutionsframeworkservice.exe |
|
| Details | File | 2 | c:\program files\hp\hp enabling services\apphelpercap.exe |
|
| Details | File | 2 | c:\program files\hp\hp enabling services\diagscap.exe |
|
| Details | File | 2 | c:\program files\hp\hp enabling services\networkcap.exe |
|
| Details | File | 2 | c:\program files\hp\hp enabling services\sysinfocap.exe |
|
| Details | File | 11 | c:\program files\hpprintscandoctor\hpprintscandoctorservice.exe |
|
| Details | File | 17 | c:\windows\system32\driverstore\filerepository\lms.inf |
|
| Details | File | 26 | lms.exe |
|
| Details | File | 9 | c:\windows\system32\igfxcuiservice.exe |
|
| Details | File | 5 | c:\windows\system32\intel\dptf\esif_uf.exe |
|
| Details | File | 3 | c:\program files\common files\intel\wirelesscommon\regsrvc.exe |
|
| Details | File | 3 | c:\program files\intel\wifi\bin\evteng.exe |
|
| Details | File | 3 | c:\program files\intel\wifi\bin\zeroconfigservice.exe |
|
| Details | File | 33 | c:\windows\system32\driverstore\filerepository\dal.inf |
|
| Details | File | 41 | jhi_service.exe |
|
| Details | File | 9 | c:\windows\system32\ibtsiva.exe |
|
| Details | File | 1 | c:\program files\intel corporation\usb over ip\bin\uoipservice.exe |
|
| Details | File | 62 | sqlbrowser.exe |
|
| Details | File | 3 | c:\program files\microsoft office 15\clientx64\officeclicktorun.exe |
|
| Details | File | 3 | c:\program files\microsoft sql server\90\shared\sqlwriter.exe |
|
| Details | File | 119 | sqlservr.exe |
|
| Details | File | 27 | presentationfontcache.exe |
|
| Details | File | 2 | c:\windows\system32\valwbfpolicyservice.exe |
|
| Details | File | 198 | msmpeng.exe |
|
| Details | File | 87 | nissrv.exe |
|
| Details | File | 20 | host.exe |
|
| Details | File | 1 | c:\windows\syswow64\winflservice.exe |
|
| Details | File | 44 | container.exe |
|
| Details | File | 1 | c:\program files\nvidia corporation\nvtelemetry\nvtelemetrycontainer.exe |
|
| Details | File | 13 | manager.exe |
|
| Details | File | 4 | c:\program files\samsung\usb drivers\27_ssconn\conn\ss_conn_service.exe |
|
| Details | File | 3 | c:\program files\samsung\usb drivers\28_ssconn2\conn\ss_conn_service2.exe |
|
| Details | File | 7 | monitor.exe |
|
| Details | File | 1 | webserver.exe |
|
| Details | File | 86 | service.exe |
|
| Details | File | 2 | c:\windows\system32\syntpenhservice.exe |
|
| Details | File | 175 | update.exe |
|
| Details | File | 1 | wddriveservice.exe |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 1 | coolsense.exe |
|
| Details | File | 67 | c:\windows\system32\smartscreen.exe |
|
| Details | File | 35 | c:\windows\system32\wlanext.exe |
|
| Details | File | 1 | flcomserv.exe |
|
| Details | File | 2 | syntpenhservice.exe |
|
| Details | File | 1 | c:\windows\system32\syntpenh.exe |
|
| Details | File | 15 | c:\program files\realtek\audio\hda\rtkngui64.exe |
|
| Details | File | 3 | schedhlp.exe |
|
| Details | File | 1 | hpmsgsvc.exe |
|
| Details | File | 1 | cntnrststask.exe |
|
| Details | File | 3 | trueimagemonitor.exe |
|
| Details | File | 2 | tib_mounter_monitor.exe |
|
| Details | File | 128 | msedge.exe |
|
| Details | File | 1 | workplace.exe |
|
| Details | File | 1 | c:\windows\system32\cncalbl.dll |
|
| Details | File | 4 | c:\windows\system32\cnmn6ppm.dll |
|
| Details | File | 3 | c:\windows\system32\cncenpm6.dll |
|
| Details | File | 4 | c:\windows\system32\cnas0mok.dll |
|
| Details | File | 1 | c:\windows\system32\custmon64i_v31.dll |
|
| Details | File | 1 | c:\windows\system32\hpinksts6f12lm.dll |
|
| Details | File | 1 | c:\windows\system32\hpinksts7012lm.dll |
|
| Details | File | 1 | c:\windows\system32\hpinksts7212lm.dll |
|
| Details | File | 1 | c:\windows\system32\hpinkstsbc11lm.dll |
|
| Details | File | 2 | c:\windows\system32\hpinkstsd711lm.dll |
|
| Details | File | 1 | c:\windows\system32\hpinkstsdc11lm.dll |
|
| Details | File | 1 | c:\windows\system32\hpinkstse511lm.dll |
|
| Details | File | 1 | c:\windows\system32\hpbprtmon.dll |
|
| Details | File | 61 | chrmstp.exe |
|
| Details | File | 1 | integration.exe |
|
| Details | File | 48 | agent.exe |
|
| Details | File | 42 | adobearm.exe |
|
| Details | File | 1 | c:\program files\avast software\secureline\vpnupdate.exe |
|
| Details | File | 2 | c:\program files\canon\oippesp\cnpspcnt.exe |
|
| Details | File | 2 | c:\program files\canon\oippesp\cnpspcfg.xml |
|
| Details | File | 2 | dropboxoem.exe |
|
| Details | File | 1 | c:\users\fred\appdata\local\gotomeeting\19950\g2mupdate.exe |
|
| Details | File | 1 | c:\users\fred\appdata\local\gotomeeting\19950\g2mupload.exe |
|
| Details | File | 105 | googleupdate.exe |
|
| Details | File | 5 | bingpopup.exe |
|
| Details | File | 6 | hpsfreport.exe |
|
| Details | File | 2 | hpssfupdater.exe |
|
| Details | File | 5 | hpwarrantychecker.exe |
|
| Details | File | 10 | c:\windows\system32\driverstore\filerepository\iclsclient.inf |
|
| Details | File | 8 | intelpttekrecertification.exe |
|
| Details | File | 6 | iumsvc.exe |
|
| Details | File | 1 | c:\program files\common files\av\mcafee anti-virus and anti-spyware\upgrade.exe |
|
| Details | File | 3 | c:\program files\microsoft office 15\clientx64\officec2rclient.exe |
|
| Details | File | 2 | %programfiles%\rempl\remsh.exe |
|
| Details | File | 97 | mpcmdrun.exe |
|
| Details | File | 1 | %systemroot%\system32\autoworkplace.exe |
|
| Details | File | 8 | symerr.exe |
|
| Details | File | 20 | c:\programdata\nvidia\nvcontainerdriverupdatecheck.log |
|
| Details | File | 2 | experience.exe |
|
| Details | File | 19 | nvnodejslauncher.exe |
|
| Details | File | 19 | c:\program files\nvidia corporation\update core\nvprofileupdater64.exe |
|
| Details | File | 2 | nvtmmon.exe |
|
| Details | File | 3 | nvtmrep.exe |
|
| Details | File | 1 | c:\program files\hewlett-packard\simplepass\opbhobroker.exe |
|
| Details | File | 1 | c:\program files\hewlett-packard\simplepass\opbhobrokerdsktop.exe |
|
| Details | File | 1 | c:\program files\hewlett-packard\simplepass\clientcore.exe |
|
| Details | File | 18 | c:\windows\system32\net.exe |
|
| Details | File | 99 | c:\windows\explorer.exe |
|
| Details | File | 2 | c:\program files\mcafee\msc\npmcsnffpl64.dll |
|
| Details | File | 19 | c:\program files\adobe\acrobat dc\acrobat\air\nppdf32.dll |
|
| Details | File | 1 | c:\windows\syswow64\adobe\director\np32dsw_1217157.dll |
|
| Details | File | 5 | npfoxitphantompdfplugin.dll |
|
| Details | File | 8 | npintelwebapiipt.dll |
|
| Details | File | 8 | npintelwebapiupdater.dll |
|
| Details | File | 2 | npmcsnffpl.dll |
|
| Details | File | 3 | c:\program files\microsoft office 15\root\office15\npspwrap.dll |
|
| Details | File | 6 | scheduler.exe |
|
| Details | File | 2 | brynsvc.exe |
|
| Details | File | 1 | elevationservice.exe |
|
| Details | File | 3 | mobile_backup_server.exe |
|
| Details | File | 3 | mobile_backup_status_server.exe |
|
| Details | File | 38 | c:\program files\windows defender advanced threat protection\mssense.exe |
|
| Details | File | 58 | sqlagent.exe |
|
| Details | File | 2 | tib_mounter_service.exe |
|
| Details | File | 2 | c:\programdata\wondershare\service\installassistservice.exe |
|
| Details | File | 4 | wsappservice.exe |
|
| Details | File | 4 | driverinstall.exe |
|
| Details | File | 26 | c:\windows\system32\drivers\btha2dp.sys |
|
| Details | File | 1 | c:\windows\system32\drivers\cbfs20.sys |
|
| Details | File | 1 | c:\windows\system32\drivers\clwvd10.sys |
|
| Details | File | 15 | c:\windows\system32\drivers\ssudbus2.sys |
|
| Details | File | 2 | c:\windows\system32\drivers\file_protector.sys |
|
| Details | File | 2 | c:\windows\system32\drivers\file_tracker.sys |
|
| Details | File | 3 | c:\windows\system32\drivers\fltsrv.sys |
|
| Details | File | 1 | c:\windows\system32\drivers\fspfltd2.sys |
|
| Details | File | 39 | mpksldrv.sys |
|
| Details | File | 1 | c:\windows\syswow64\winvdedrv6.sys |
|
| Details | File | 1 | c:\windows\system32\drivers\rsfx0300.sys |
|
| Details | File | 1 | c:\windows\system32\drivers\tib.sys |
|
| Details | File | 2 | c:\windows\system32\drivers\tib_mounter.sys |
|
| Details | File | 1 | c:\windows\system32\drivers\tnd.sys |
|
| Details | File | 1 | c:\windows\system32\drivers\usb3hub.sys |
|
| Details | File | 2 | c:\windows\system32\drivers\virtual_file.sys |
|
| Details | File | 2 | c:\windows\system32\drivers\volume_tracker.sys |
|
| Details | File | 70 | c:\windows\system32\drivers\wd\wdboot.sys |
|
| Details | File | 8 | c:\windows\system32\drivers\wdcsam64.sys |
|
| Details | File | 70 | c:\windows\system32\drivers\wd\wdfilter.sys |
|
| Details | File | 70 | c:\windows\system32\drivers\wd\wdnisdrv.sys |
|
| Details | File | 1 | c:\windows\syswow64\winfladrv.sys |
|
| Details | File | 1 | c:\windows\syswow64\winvdedrv.sys |
|
| Details | File | 9 | c:\windows\system32\drivers\wireguard.sys |
|
| Details | File | 8 | c:\windows\system32\drivers\wirelessbuttondriver64.sys |
|
| Details | File | 1 | c:\windows\system32\drivers\workplacecontainerdriver.sys |
|
| Details | File | 2 | c:\windows\temp\cpuz153\cpuz153_x64.sys |
|
| Details | File | 2 | 0.sys |
|
| Details | File | 1 | ssudmdm.sys |
|
| Details | File | 1 | c:\users\fred\downloads\frst.txt |
|
| Details | File | 1 | c:\users\fred\desktop\workplace-diagnostics-20230713-153052.zip |
|
| Details | File | 1 | c:\users\fred\downloads\support-logmeinrescue.exe |
|
| Details | File | 1 | c:\users\fred\downloads\august-2023.pdf |
|
| Details | File | 1 | c:\users\fred\desktop\august-2023.pdf |
|
| Details | File | 1 | c:\windows\system32\cbfsshellhelper20.dll |
|
| Details | File | 1 | c:\windows\system32\cbfsevtmsg.dll |
|
| Details | File | 1 | c:\windows\syswow64\cbfsshellhelper20.dll |
|
| Details | File | 1 | c:\users\fred\downloads\workplacewebinstaller.exe |
|
| Details | File | 1 | c:\programdata\microsoft\windows\start menu\programs\workplace 2023-07-09 07:49 - 2023-07-09 07:49 - 016081768 _____ c:\users\fred\desktop\eibd_071023.pdf |
|
| Details | File | 1 | c:\users\fred\desktop\one on one calculator_vers_74a.xlsm |
|
| Details | File | 1 | c:\users\fred\downloads\jun 2023 statement.pdf |
|
| Details | File | 1 | c:\users\fred\downloads\financial statement-jul-02-23.pdf |
|
| Details | File | 1 | c:\users\fred\downloads\ta22upsw.exe |
|
| Details | File | 1 | c:\users\fred\desktop\ltf client brochure 2023.pdf |
|
| Details | File | 1 | c:\users\fred\downloads\important notice_ venn workplace implementation.zip |
|
| Details | File | 1 | c:\users\fred\downloads\important please read_ sa stone wealth management wsp's have been revised.zip |
|
| Details | File | 1 | c:\users\fred\appdata\roaming\microsoft\windows\start menu\programs\zoom 2023-06-19 11:38 - 2023-06-19 11:38 - 000000000 _____ c:\windows\system32\chkdsk 2023-06-14 08:02 - 2023-06-14 08:02 - 003222970 _____ c:\users\fred\downloads\ameritrade december 2021.pdf |
|
| Details | File | 1 | c:\users\fred\downloads\ameritrade 2022-2018.pdf |
|
| Details | File | 1 | c:\users\fred\downloads\re_.zip |
|
| Details | File | 1 | c:\programdata\nvidia 2023-07-14 12:12 - 2017-11-18 09:26 - 000077520 _____ c:\ifrtoollog.txt |
|
| Details | File | 1 | c:\programdata\synaptics 2023-07-14 08:10 - 2019-12-07 05:03 - 000000000 ____d c:\windows\cbstemp 2023-07-14 07:46 - 2022-10-15 08:55 - 000000000 ____d c:\programdata\mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-07-14 07:45 - 2020-06-20 10:37 - 000000000 ____d c:\users\fred\appdata\locallow\mozilla 2023-07-14 07:37 - 2021-05-16 07:38 - 000255782 _____ c:\users\fred\desktop\coronavirus.xlsx |
|
| Details | File | 6 | c:\windows\system32\mpsigstub.exe |
|
| Details | File | 1 | c:\windows\inf 2023-07-13 21:29 - 2020-07-10 22:12 - 000935246 _____ c:\windows\system32\perfstringbackup.ini |
|
| Details | File | 40 | c:\windows\tasks\sa.dat |
|
| Details | File | 38 | c:\dumpstack.log |
|
| Details | File | 1 | c:\windows\elambkup 2023-07-13 11:48 - 2023-05-07 08:41 - 000000000 ____d c:\users\fred\appdata\local\malwarebytes 2023-07-13 11:22 - 2023-05-18 14:07 - 000000000 ____d c:\program files\ccleaner 2023-07-13 11:18 - 2018-06-08 14:49 - 000000000 ____d c:\users\fred\appdata\local\d3dscache 2023-07-13 10:55 - 2020-07-10 21:58 - 000354520 _____ c:\windows\system32\fntcache.dat |
|
| Details | File | 54 | c:\windows\syswow64\printconfig.dll |
|
| Details | File | 59 | c:\windows\system32\mrt.exe |
|
| Details | File | 1 | c:\windows\livekernelreports 2023-07-08 08:21 - 2018-02-05 08:47 - 000000000 ____d c:\users\fred\desktop\asof02022018receiptcommander 2023-07-08 08:12 - 2022-09-07 17:05 - 000022440 _____ c:\users\fred\desktop\mortgageclosingcoststoaddtocostbasisasof09072022.xlsx |
|
| Details | File | 1 | c:\ta22upsw.exe |
|
| Details | File | 1 | mutualfunds.xlsx |
|
| Details | File | 1 | c:\programdata\win_mpwd_sys.dat |
|
| Details | File | 1 | c:\users\public\asr.dat |
|
| Details | File | 1 | c:\users\fred\appdata\roaming\act1920update5ss.exe |
|
| Details | File | 1 | c:\users\fred\appdata\roaming\actupdate.log |
|
| Details | File | 1 | c:\users\fred\appdata\roaming\ngen_applog_install.txt |
|
| Details | File | 1 | c:\users\fred\appdata\roaming\ngen_applog_uninstall.txt |
|
| Details | File | 1 | c:\users\fred\appdata\roaming\stocksticker.ini |
|
| Details | File | 1 | c:\users\fred\appdata\local\22102-81820-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22910-8322-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22910-8414-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22911-145134-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22912-104142-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22918-8144-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22919-10554-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22920-10463-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22921-9025-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22921-91855-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22921-92618-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22921-9723-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22924-101331-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22924-101614-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22924-102540-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22924-10424-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22924-11851-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22924-16654-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22924-95923-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22927-124219-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\22927-144637-clcsiwriter.txt |
|
| Details | File | 1 | c:\users\fred\appdata\local\infection.log |
|
| Details | File | 1 | c:\users\fred\appdata\local\systemfl7.dat |
|
| Details | File | 1 | c:\users\fred\appdata\local\uts.ini |
|
| Details | File | 1 | c:\users\fred\appdata\local\win_fldb_sys.dat |
|
| Details | File | 1 | c:\users\fred\appdata\local\win_flfiles_sys.dat |
|
| Details | File | 1 | c:\users\fred\appdata\local\win_stlthdb_sys.dat |
|
| Details | File | 86 | frst.txt |
|
| Details | File | 70 | onedrivesetup.exe |
|
| Details | File | 18 | c:\program files\windowsapps\microsoft.mpeg |
|
| Details | File | 8 | c:\program files\windowsapps\microsoft.bin |
|
| Details | File | 23 | c:\windows\system32\kernel32.dll |
|
| Details | File | 1 | c:\users\fred\appdata\local\gotomeeting\19950\g2moutlookaddin64.dll |
|
| Details | File | 1018 | rundll32.exe |
|
| Details | File | 1 | c:\windows\system32\syntpcpl.dll |
|
| Details | File | 38 | x64.dll |
|
| Details | File | 1 | tishell_24_8_38600.dll |
|
| Details | File | 9 | c:\windows\system32\igfxdtcm.dll |
|
| Details | File | 6 | c:\windows\system32\nvshext.dll |
|
| Details | File | 14 | c:\program files\internet explorer\iexplore.exe |
|
| Details | File | 3 | chrome_proxy.exe |
|
| Details | File | 1 | c:\users\fred\appdata\roaming\microsoft\windows\start menu\programs\chrome apps\commmedia.ps |
|
| Details | File | 2 | c:\program files\canon\canon mf network scan utility\cnmfsur6.dll |
|
| Details | File | 2 | c:\program files\canon\canon mf network scanner selector\cmfnss6.dll |
|
| Details | File | 1 | winfladrv.sys |
|
| Details | File | 1 | inforworks.rb |
|
| Details | File | 3 | c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\ochelper.dll |
|
| Details | File | 3 | c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll |
|
| Details | File | 8 | hpnetworkcheckpluginx64.dll |
|
| Details | File | 1 | internetexplorer.pl |
|
| Details | File | 1 | attachfile.dll |
|
| Details | File | 8 | hpnetworkcheckplugin.dll |
|
| Details | File | 3 | c:\program files\microsoft office 15\root\office15\msosb.dll |
|
| Details | File | 24 | c:\windows\web\wallpaper\windows\img0.jpg |
|
| Details | File | 1 | c:\users\fred\appdata\roaming\zoom\bin\airhost.exe |
|
| Details | File | 1 | c:\users\fred\appdata\roaming\zoom\bin\zoom.exe |
|
| Details | File | 6 | psiservice_2.exe |
|
| Details | File | 87 | skype.exe |
|
| Details | File | 2 | powerdvd.exe |
|
| Details | File | 2 | powerdvd12ml.exe |
|
| Details | File | 1 | clmsserverpdvd12.exe |
|
| Details | File | 2 | powerdvd12.exe |
|
| Details | File | 18 | mdnsresponder.exe |
|
| Details | File | 16 | c:\program files\bonjour\mdnsresponder.exe |
|
| Details | File | 17 | c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
|
| Details | File | 2 | c:\program files\intel\wifi\bin\pandhcpdns.exe |
|
| Details | File | 1 | actemail.exe |
|
| Details | File | 1 | act15.exe |
|
| Details | File | 1 | c:\users\fred\appdata\local\programs\vonage\vonage business.exe |
|
| Details | File | 1 | c:\users\fred\appdata\local\webex\webex\meetings\atmgr.exe |
|
| Details | File | 3 | trueimage.exe |
|
| Details | File | 3 | trueimagetools.exe |
|
| Details | File | 3 | trueimagehomeservice.exe |
|
| Details | File | 4 | mediabuilder.exe |
|
| Details | File | 4 | systemreport.exe |
|
| Details | File | 3 | acronis_drive.exe |
|
| Details | File | 4 | ga_service.exe |
|
| Details | File | 4 | licenseactivator.exe |
|
| Details | File | 4 | report_sender.exe |
|
| Details | File | 1 | c:\users\fred\desktop\mvp\mvpdriveranalyzer.exe |
|
| Details | File | 76 | msedgewebview2.exe |
|
| Details | File | 1 | c:\users\fred\appdata\local\logmein rescue applet\lmir09346001.tmp |
|
| Details | File | 1 | lmi_rescue_srv.exe |
|
| Details | File | 1 | c:\users\fred\appdata\local\logmein rescue applet\lmir0c872001.tmp |
|
| Details | File | 1 | c:\users\fred\appdata\local\logmein rescue applet\lmir0d7d1001.tmp |
|
| Details | File | 2 | vpnupdate.exe |
|
| Details | File | 1 | m4atag.dll |
|
| Details | File | 1 | m4a_converter.exe |
|
| Details | File | 8 | unins000.exe |
|
| Details | File | 1 | playerpage.exe |
|
| Details | File | 1 | c:\users\fred\desktop\fred\winzip\winzip160.exe |
|
| Details | File | 28 | mbamservice.exe |
|
| Details | File | 1 | cbfsshellhelper20.dll |
|
| Details | File | 6 | aepic.dll |
|
| Details | File | 13 | mbae64.dll |
|
| Details | File | 91 | addition.txt |
|
| Details | IPv4 | 1 | 22.15.1.8 |
|
| Details | IPv4 | 262 | 192.168.1.1 |
|
| Details | IPv4 | 2 | 2.4.3.237 |
|
| Details | IPv4 | 4 | 19.2.0.0 |
|
| Details | IPv4 | 1 | 12.1.7.157 |
|
| Details | IPv4 | 2 | 1.20.0.2 |
|
| Details | IPv4 | 2 | 5.4.0.1 |
|
| Details | IPv4 | 1 | 4.8.0.2 |
|
| Details | IPv4 | 2 | 3.9.0.0 |
|
| Details | IPv4 | 10 | 1.0.3.0 |
|
| Details | IPv4 | 4 | 1.1.6.0 |
|
| Details | IPv4 | 17 | 1.1.0.0 |
|
| Details | IPv4 | 2 | 7.1.15.1 |
|
| Details | IPv4 | 2 | 12.18.34.21 |
|
| Details | IPv4 | 2 | 12.19.53.13 |
|
| Details | IPv4 | 4 | 1.1.5.1 |
|
| Details | IPv4 | 2 | 10.1.1.8 |
|
| Details | IPv4 | 109 | 1.0.0.0 |
|
| Details | IPv4 | 24 | 1.0.1.0 |
|
| Details | IPv4 | 1 | 1.1.226.0 |
|
| Details | IPv4 | 1 | 5.1.28.0 |
|
| Details | IPv4 | 3 | 1.42.17.0 |
|
| Details | IPv4 | 12 | 3.72.0.0 |
|
| Details | IPv4 | 1 | 3.12.0.84 |
|
| Details | IPv4 | 1 | 19.10.0.2 |
|
| Details | IPv4 | 1 | 1.7.23.0 |
|
| Details | IPv4 | 4 | 12.0.0.1 |
|
| Details | IPv4 | 3 | 2.61.0.0 |
|
| Details | IPv4 | 1 | 2.0.0.63 |
|
| Details | IPv4 | 2 | 22.20.5.39 |
|
| Details | IPv4 | 3 | 192.168.137.1 |
|
| Details | IPv4 | 1 | 192.168.137.196 |
|
| Details | Microsoft Patch Numbers | 11 | KB4023057 |
|
| Details | Url | 25 | http://google.com |
|
| Details | Url | 54 | http://www.google.com |
|
| Details | Url | 60 | https://www.google.com |
|
| Details | Url | 1 | https://nortonsafe.search.ask.com/web?q={searchterms}&o=apn11908&prt=cr&chn=prev |
|
| Details | Url | 1 | https://ss-sym.search.ask.com/ss?q={searchterms}&li=ff |
|
| Details | Url | 1 | http://www.sidestep.com/desktop/?sbautoopen=1&sbloc=d |
|
| Details | Url | 1 | http://hp13.msn.com |
|
| Details | Url | 1 | http://inforworks.rbc.com |
|
| Details | Url | 1 | http://www.amazon.com/s/ref |
|
| Details | Url | 1 | https://searchsafe.norton.com/search?q={searchterms}&l=dis&prt=ngc&chn=1122&geo=us&ver=22.20.5.39 |
|
| Details | Url | 1 | https://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs |
|
| Details | Url | 1 | https://idp.stonex.com |
|
| Details | Url | 4 | http://webcompanion.com |
|
| Details | Url | 3 | https://go.microsoft.com/fwlink/?linkid=37020&name=puabundler:win32 |
|
| Details | Url | 1 | https://go.microsoft.com/fwlink/?linkid=37020&name=puadlmanager:win32 |
|
| Details | Url | 1 | https://go.microsoft.com/fwlink/?linkid=37020&name=pua:win32 |
|
| Details | Windows Registry Key | 68 | HKLM\...\Run |
|
| Details | Windows Registry Key | 50 | HKLM-x32\...\Run |
|
| Details | Windows Registry Key | 8 | HKLM\Software\Policies\...\system |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001\...\Run |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001\...\Policies\Explorer |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1004\...\Run |
|
| Details | Windows Registry Key | 15 | HKLM\...\Print\Monitors\Canon |
|
| Details | Windows Registry Key | 4 | HKLM\...\Print\Monitors\CPCA |
|
| Details | Windows Registry Key | 1 | HKLM\...\Print\Monitors\CUSTPDF |
|
| Details | Windows Registry Key | 10 | HKLM\...\Print\Monitors\HP |
|
| Details | Windows Registry Key | 59 | HKLM\Software\Microsoft\Active |
|
| Details | Windows Registry Key | 14 | HKLM\SOFTWARE\Policies\Microsoft\Edge |
|
| Details | Windows Registry Key | 19 | HKLM-x32\...\Edge\Extension |
|
| Details | Windows Registry Key | 19 | HKLM-x32\...\Firefox\Extensions |
|
| Details | Windows Registry Key | 4 | HKLM-x32\...\Thunderbird\Extensions |
|
| Details | Windows Registry Key | 18 | HKLM\...\Chrome\Extension |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension |
|
| Details | Windows Registry Key | 39 | HKLM-x32\...\Chrome\Extension |
|
| Details | Windows Registry Key | 77 | HKLM-x32 |
|
| Details | Windows Registry Key | 19 | HKLM-x32\...\InstallShield_ |
|
| Details | Windows Registry Key | 18 | HKLM-x32\...\Adobe |
|
| Details | Windows Registry Key | 3 | HKLM\...\Canon |
|
| Details | Windows Registry Key | 2 | HKLM-x32\...\Canon_MF_Scan_Utility |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001\...\ActiveTouchMeetingClient |
|
| Details | Windows Registry Key | 1 | HKLM-x32\...\Folder |
|
| Details | Windows Registry Key | 55 | HKLM-x32\...\Google |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001\...\GoToMeeting |
|
| Details | Windows Registry Key | 1 | HKLM\...\InsMark |
|
| Details | Windows Registry Key | 1 | HKLM-x32\...\lavfilters_is1 |
|
| Details | Windows Registry Key | 1 | HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b |
|
| Details | Windows Registry Key | 68 | HKLM-x32\...\Microsoft |
|
| Details | Windows Registry Key | 3 | HKLM\...\HomeStudentRetail |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001\...\OneDriveSetup.exe |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1004\...\OneDriveSetup.exe |
|
| Details | Windows Registry Key | 10 | HKLM\...\Microsoft |
|
| Details | Windows Registry Key | 41 | HKLM\...\MozillaMaintenanceService |
|
| Details | Windows Registry Key | 5 | HKLM-x32\...\Mozilla |
|
| Details | Windows Registry Key | 1 | HKLM-x32\...\TaxAct |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001\...\3141a5fb-cb88-5193-a8b8-5ff6d4dd79a9 |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001\...\ZoomUMX |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001_Classes\CLSID |
|
| Details | Windows Registry Key | 1 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys |
|
| Details | Windows Registry Key | 2 | HKU\.DEFAULT\Software\Microsoft\Internet |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001\Software\Microsoft\Internet |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001 |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001\...\localhost |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001\...\stonex.com |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001\...\webcompanion.com |
|
| Details | Windows Registry Key | 41 | HKLM\System\CurrentControlSet\Control\Session |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001\Control |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1004\Control |
|
| Details | Windows Registry Key | 98 | HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System |
|
| Details | Windows Registry Key | 42 | HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer |
|
| Details | Windows Registry Key | 8 | HKLM\...\StartupApproved\StartupFolder |
|
| Details | Windows Registry Key | 29 | HKLM\...\StartupApproved\Run |
|
| Details | Windows Registry Key | 30 | HKLM\...\StartupApproved\Run32 |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3459540368-3538598260-2677443921-1001\...\StartupApproved\Run |