I thought I saw cmd windows appearing and being suppressed-then I found trojans - Virus, Trojan, Spyware, and Malware Removal Help
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 5bde35ec-ab33-4cbb-935e-bfca1fcbf56e |
| Fingerprint | 3d98aa1873eeedd7 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | April 13, 2023, 2:52 a.m. |
| Added to db | April 13, 2023, 1:47 p.m. |
| Last updated | Nov. 17, 2024, 10:40 p.m. |
| Headline | I thought I saw cmd windows appearing and being suppressed-then I found trojans |
| Title | I thought I saw cmd windows appearing and being suppressed-then I found trojans - Virus, Trojan, Spyware, and Malware Removal Help |
| Detected Hints/Tags/Attributes | 84/3/283 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 163 | ✔ | — | https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | encdoc.as |
|
| Details | Domain | 7 | dell.dcf.ua |
|
| Details | Domain | 18 | gog.com |
|
| Details | Domain | 369 | microsoft.com |
|
| Details | Domain | 454 | www.google.com |
|
| Details | Domain | 1 | scithe.com |
|
| Details | Domain | 1 | e0wu4io68ooquok8.zip |
|
| Details | Domain | 1 | archivarix.cms.zip |
|
| Details | Domain | 87 | regid.1991-06.com.microsoft |
|
| Details | Domain | 50 | microsoft.photos |
|
| Details | Domain | 10 | mbam.zone |
|
| Details | 6 | webextension@metamask.io.xpi |
||
| Details | File | 1 | rkill.exe |
|
| Details | File | 8 | tdsskiller.exe |
|
| Details | File | 6 | adwcleaner.exe |
|
| Details | File | 5 | esetonlinescanner.exe |
|
| Details | File | 5 | msert.exe |
|
| Details | File | 86 | frst.txt |
|
| Details | File | 7 | subagent.exe |
|
| Details | File | 3 | usersessionagent.exe |
|
| Details | File | 7 | c:\program files\malwarebytes\anti-malware\mbambgnativemsg.exe |
|
| Details | File | 47 | c:\program files\mozilla firefox\firefox.exe |
|
| Details | File | 198 | msmpeng.exe |
|
| Details | File | 97 | mpcmdrun.exe |
|
| Details | File | 6 | techhub.dat |
|
| Details | File | 1260 | explorer.exe |
|
| Details | File | 3 | c:\program files\mozilla thunderbird\thunderbird.exe |
|
| Details | File | 271 | chrome.exe |
|
| Details | File | 35 | googlecrashhandler.exe |
|
| Details | File | 33 | googlecrashhandler64.exe |
|
| Details | File | 13 | iastoricon.exe |
|
| Details | File | 409 | c:\windows\system32\cmd.exe |
|
| Details | File | 306 | services.exe |
|
| Details | File | 5 | c:\program files\dell\delldatavault\ddvcollectorsvcapi.exe |
|
| Details | File | 5 | c:\program files\dell\delldatavault\ddvdatacollector.exe |
|
| Details | File | 5 | c:\program files\dell\delldatavault\ddvrulesprocessor.exe |
|
| Details | File | 6 | techhub.exe |
|
| Details | File | 11 | c:\program files\hpprintscandoctor\hpprintscandoctorservice.exe |
|
| Details | File | 9 | iastordatamgrsvc.exe |
|
| Details | File | 29 | c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe |
|
| Details | File | 5 | c:\windows\system32\credentialenrollmentmanager.exe |
|
| Details | File | 87 | nissrv.exe |
|
| Details | File | 35 | c:\windows\system32\driverstore\filerepository\realtekservice.inf |
|
| Details | File | 35 | rtkauduservice64.exe |
|
| Details | File | 3 | srservice.exe |
|
| Details | File | 2 | ssuservice.exe |
|
| Details | File | 1 | c:\program files\voodooshield\voodooshieldservice.exe |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 2 | spotifywidgetprovider.exe |
|
| Details | File | 27 | phoneexperiencehost.exe |
|
| Details | File | 17 | c:\program files\microsoft office\root\office16\sdxhelper.exe |
|
| Details | File | 14 | widgetservice.exe |
|
| Details | File | 49 | c:\windows\immersivecontrolpanel\systemsettings.exe |
|
| Details | File | 85 | c:\windows\system32\dllhost.exe |
|
| Details | File | 67 | c:\windows\system32\smartscreen.exe |
|
| Details | File | 3 | c:\windows\system32\driverstore\filerepository\wavesapo8de.inf |
|
| Details | File | 8 | wavessvc64.exe |
|
| Details | File | 2 | c:\program files\open-shell\startmenu.exe |
|
| Details | File | 7 | googledrivefs.exe |
|
| Details | File | 1 | c:\users\nerdi\appdata\local\discord\update.exe |
|
| Details | File | 99 | steam.exe |
|
| Details | File | 3 | galaxyclient.exe |
|
| Details | File | 1 | c:\users\nerdi\appdata\local\slack\slack.exe |
|
| Details | File | 2 | c:\windows\system32\lw400mon.dll |
|
| Details | File | 1 | h3blade.exe |
|
| Details | File | 1 | heroes3.exe |
|
| Details | File | 61 | chrmstp.exe |
|
| Details | File | 1 | c:\windows\system32\srcredentialprovider.dll |
|
| Details | File | 2 | intuitdataprotect.exe |
|
| Details | File | 1 | c:\program files\intuit\quickbooks 2022\qbw.exe |
|
| Details | File | 16 | c:\program files\microsoft office\root\vfs\programfilescommonx64\microsoft shared\office16\operfmon.exe |
|
| Details | File | 12 | c:\windows\system32\musnotification.exe |
|
| Details | File | 105 | googleupdate.exe |
|
| Details | File | 1 | c:\users\nerdi\appdata\local\microsoft\onedrive\onedrivestandaloneupdater.exe |
|
| Details | File | 9 | c:\program files\hpprintscandoctor\hpprinterhealthmonitor.exe |
|
| Details | File | 1 | c:\users\nerdi\appdata\local\eset\esetonlinescanner\esetonlinescanner.exe |
|
| Details | File | 1 | c:\users\nerdi\appdata\local\mozilla firefox\default-browser-agent.exe |
|
| Details | File | 29 | c:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe |
|
| Details | File | 7 | c:\windows\system32\mbaeparsertask.exe |
|
| Details | File | 38 | c:\program files\mozilla firefox\default-browser-agent.exe |
|
| Details | File | 18 | c:\program files\microsoft office\root\office16\npspwrap.dll |
|
| Details | File | 17 | c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\npspwrap.dll |
|
| Details | File | 5 | serviceshell.exe |
|
| Details | File | 3 | galaxyclientservice.exe |
|
| Details | File | 5 | galaxycommunication.exe |
|
| Details | File | 46 | c:\program files\malwarebytes\anti-malware\mbamservice.exe |
|
| Details | File | 2 | fcs.exe |
|
| Details | File | 12 | qbidpservice.exe |
|
| Details | File | 1 | webconnector.qbw |
|
| Details | File | 1 | cmonitor.exe |
|
| Details | File | 5 | c:\program files\dell\supportassistagent\bin\supportassistagent.exe |
|
| Details | File | 12 | c:\windows\system32\drivers\bthmodem.sys |
|
| Details | File | 5 | c:\windows\system32\drivers\dddriver64dcsa.sys |
|
| Details | File | 1 | c:\windows\system32\drivers\delldps.sys |
|
| Details | File | 6 | c:\windows\system32\drivers\dellinstrumentation.sys |
|
| Details | File | 4 | c:\windows\system32\drivers\googledrivefs31092.sys |
|
| Details | File | 38 | c:\windows\system32\drivers\mbamelam.sys |
|
| Details | File | 38 | c:\windows\system32\drivers\mbamswissarmy.sys |
|
| Details | File | 39 | mpksldrv.sys |
|
| Details | File | 1 | c:\windows\system32\drivers\vsscanner.sys |
|
| Details | File | 70 | c:\windows\system32\drivers\wd\wdboot.sys |
|
| Details | File | 70 | c:\windows\system32\drivers\wd\wdfilter.sys |
|
| Details | File | 70 | c:\windows\system32\drivers\wd\wdnisdrv.sys |
|
| Details | File | 13 | winsetupmon.sys |
|
| Details | File | 1 | c:\windows\system32\config\vsmidk 2023-04-11 12:52 - 2023-04-11 12:54 - 000061946 _____ c:\users\nerdi\downloads\addition.txt |
|
| Details | File | 1 | c:\users\nerdi\downloads\frst.txt |
|
| Details | File | 1 | 22_log.txt |
|
| Details | File | 1 | c:\users\nerdi\documents\roguekillerinstall.bmp |
|
| Details | File | 1 | c:\users\nerdi\downloads\frst64.exe |
|
| Details | File | 1 | c:\users\nerdi\downloads\esetonlinescanner.exe |
|
| Details | File | 1 | c:\users\nerdi\downloads\ckfiles.txt |
|
| Details | File | 1 | c:\users\nerdi\downloads\ckscanner.exe |
|
| Details | File | 1 | c:\programdata\malwarebytes 2023-04-10 13:50 - 2023-04-10 13:50 - 000000000 ____d c:\program files\malwarebytes 2023-04-10 13:40 - 2023-04-10 13:42 - 000000000 ____d c:\adwcleaner 2023-04-10 13:39 - 2023-04-12 12:35 - 000002072 _____ c:\users\nerdi\desktop\rkill.txt |
|
| Details | File | 1 | c:\users\nerdi\downloads\adwcleaner.exe |
|
| Details | File | 1 | c:\users\nerdi\downloads\rkill.exe |
|
| Details | File | 1 | 259.exe |
|
| Details | File | 1 | c:\users\nerdi\documents\new bitmap image2.bmp |
|
| Details | File | 1 | c:\users\nerdi\documents\new bitmap image.bmp |
|
| Details | File | 1 | 25_log.txt |
|
| Details | File | 1 | c:\users\nerdi\downloads\tdsskiller.exe |
|
| Details | File | 1 | c:\users\nerdi\downloads\accountdomainprint-2023-4-8.csv |
|
| Details | File | 1 | c:\users\nerdi\downloads\e0wu4io68ooquok8.zip |
|
| Details | File | 1 | cms.zip |
|
| Details | File | 1 | c:\users\nerdi\downloads\daazapplicationform.pdf |
|
| Details | File | 1 | c:\users\nerdi\downloads\cfdd026a-8665-47c6-8228-bcaad827c583.pdf |
|
| Details | File | 1 | c:\users\nerdi\downloads\taxes_2023-03-01_2023-03-31.csv |
|
| Details | File | 1 | c:\users\nerdi\downloads\90854643 2023-04-06 01:06 - 2023-04-06 01:06 - 000388360 _____ c:\users\nerdi\downloads\eeea60b6-b1fa-4f92-8989-6593bd9b22c4.pdf |
|
| Details | File | 1 | c:\users\nerdi\downloads\e545caa0-2167-4d7b-8b69-c3e4bab80dae.pdf |
|
| Details | File | 1 | c:\users\nerdi\documents\coreftpbackup 2023-04-05 15:33 - 2023-04-05 15:33 - 000000074 _____ c:\users\nerdi\downloads\impressions and clicks_2023-04-05_12_33_19.csv |
|
| Details | File | 1 | c:\users\nerdi\downloads\fsviewersetup77.exe |
|
| Details | File | 1 | c:\users\nerdi\downloads\fsresizersetup44.exe |
|
| Details | File | 1 | c:\users\nerdi\documents\when-italians-became-white_bisesi_thesis_final.pdf |
|
| Details | File | 1 | 5_x64.exe |
|
| Details | File | 1 | c:\program files\mozilla firefox 2023-03-20 23:40 - 2023-03-21 01:37 - 000001955 _____ c:\users\nerdi\documents\politics copypasta.txt |
|
| Details | File | 1 | c:\users\nerdi\downloads\118231223_600634133970021_1840723901629362803_n.xlsx |
|
| Details | File | 1 | c:\users\nerdi\downloads\products_export_1.csv |
|
| Details | File | 1 | c:\users\nerdi\downloads\inventory_export_1.csv |
|
| Details | File | 1 | c:\users\nerdi\downloads\orders_export_1.csv |
|
| Details | File | 1 | c:\users\nerdi\downloads\domainexport_20230314_538pm.csv |
|
| Details | File | 1 | c:\windows\system32\sleepstudy 2023-04-12 13:31 - 2022-02-15 14:56 - 000000000 ____d c:\programdata\mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-04-12 13:29 - 2021-09-17 20:06 - 000000728 _____ c:\users\nerdi\documents\wifi.txt |
|
| Details | File | 1 | c:\windows\system32\drivers\wd 2023-04-12 12:36 - 2021-10-27 22:35 - 000000000 ____d c:\users\nerdi\appdata\roaming\discord 2023-04-12 12:34 - 2023-01-26 17:14 - 000806780 _____ c:\windows\system32\perfstringbackup.ini |
|
| Details | File | 1 | c:\users\nerdi\appdata\local\discord 2023-04-12 12:29 - 2023-01-26 17:15 - 000000006 ____h c:\windows\tasks\sa.dat |
|
| Details | File | 1 | c:\windows\servicestate 2023-04-12 12:29 - 2022-05-07 01:17 - 000524288 _____ c:\windows\system32\config\bbi 2023-04-12 12:29 - 2021-09-02 16:33 - 000000000 __shd c:\users\nerdi\intelgraphicsprofiles 2023-04-12 12:29 - 2020-09-27 10:50 - 000012288 ___sh c:\dumpstack.log |
|
| Details | File | 1 | c:\users\nerdi\documents\business 2023-04-11 17:32 - 2019-09-19 09:05 - 000000000 ____d c:\programdata\dell 2023-04-11 17:14 - 2021-09-02 16:33 - 000000000 ____d c:\users\nerdi\appdata\local\packages 2023-04-11 17:03 - 2020-09-27 10:54 - 000000000 ____d c:\programdata\packages 2023-04-11 16:44 - 2023-01-26 17:10 - 000682720 _____ c:\windows\system32\fntcache.dat |
|
| Details | File | 54 | c:\windows\syswow64\printconfig.dll |
|
| Details | File | 59 | c:\windows\system32\mrt.exe |
|
| Details | File | 1 | c:\users\nerdi\documents\books 2023-03-17 07:55 - 2022-05-07 01:24 - 000000000 ____d c:\windows\syswow64\dism 2023-03-17 07:55 - 2022-05-07 01:24 - 000000000 ____d c:\windows\system32\es-mx 2023-03-17 07:55 - 2022-05-07 01:24 - 000000000 ____d c:\windows\system32\dism 2023-03-16 14:25 - 2021-09-20 16:20 - 000000593 _____ c:\users\nerdi\desktop\tempt.txt |
|
| Details | File | 1 | c:\users\nerdi\documents\music to get.txt |
|
| Details | File | 1 | c:\program files\common files\graphseriescol.dll |
|
| Details | File | 91 | addition.txt |
|
| Details | File | 18 | c:\program files\windowsapps\microsoft.mpeg |
|
| Details | File | 8 | c:\program files\windowsapps\microsoft.bin |
|
| Details | File | 4 | c:\program files\windowsapps\wavesaudio.max |
|
| Details | File | 2 | c:\program files\common files\intuit\quickbooks\qbobjproxy.dll |
|
| Details | File | 2 | c:\program files\common files\intuit\quickbooks\qbfinder.dll |
|
| Details | File | 2 | c:\program files\common files\intuit\quickbooks\comobjectfactory.dll |
|
| Details | File | 2 | c:\program files\common files\intuit\quickbooks\viewsrccolumns.dll |
|
| Details | File | 2 | c:\program files\common files\intuit\quickbooks\graphseriescol.dll |
|
| Details | File | 2 | c:\program files\common files\intuit\quickbooks\qbdtratios.dll |
|
| Details | File | 2 | c:\program files\common files\intuit\quickbooks\qfill.dll |
|
| Details | File | 2 | c:\program files\common files\intuit\quickbooks\qbctripmds2.dll |
|
| Details | File | 2 | c:\program files\common files\intuit\quickbooks\viewsource.dll |
|
| Details | File | 2 | c:\program files\common files\intuit\quickbooks\cominifile.dll |
|
| Details | File | 2 | c:\program files\common files\intuit\quickbooks\storageclasses.dll |
|
| Details | File | 6 | drivefsext.dll |
|
| Details | File | 3 | c:\program files\intel\optaneshellextensions\optaneshellext.dll |
|
| Details | File | 2 | c:\program files\open-shell\classicexplorer64.dll |
|
| Details | File | 7 | c:\program files\notepad++\nppshell_06.dll |
|
| Details | File | 35 | c:\program files\malwarebytes\anti-malware\mbshlext.dll |
|
| Details | File | 6 | c:\windows\system32\startmenuhelper64.dll |
|
| Details | File | 15 | c:\program files\common files\microsoft shared\clicktorun\appvisvsubsystems64.dll |
|
| Details | File | 15 | c:\program files\microsoft office\root\office16\appvisvsubsystems64.dll |
|
| Details | File | 15 | c:\program files\common files\microsoft shared\clicktorun\c2r64.dll |
|
| Details | File | 15 | c:\program files\microsoft office\root\office16\c2r64.dll |
|
| Details | File | 2 | c:\program files\open-shell\startmenudll.dll |
|
| Details | File | 25 | interop.dll |
|
| Details | File | 2 | c:\program files\open-shell\classiciedll_64.dll |
|
| Details | File | 20 | c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\ochelper.dll |
|
| Details | File | 2 | c:\program files\open-shell\classicexplorer32.dll |
|
| Details | File | 2 | c:\program files\open-shell\classiciedll_32.dll |
|
| Details | File | 1 | c:\program files\intuit\quickbooks 2022\helpasyncpluggableprotocol.dll |
|
| Details | File | 20 | c:\program files\microsoft office\root\office16\msosb.dll |
|
| Details | File | 20 | c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\msosb.dll |
|
| Details | File | 4 | c:\windows\syswow64\mscoree.dll |
|
| Details | File | 24 | c:\windows\web\wallpaper\windows\img0.jpg |
|
| Details | File | 1 | srmanager.exe |
|
| Details | File | 7 | browsersubprocess.exe |
|
| Details | File | 87 | skype.exe |
|
| Details | File | 1 | c:\users\nerdi\appdata\roaming\zoom\bin\airhost.exe |
|
| Details | File | 1 | c:\users\nerdi\appdata\roaming\zoom\bin\zoom.exe |
|
| Details | File | 1 | wot.exe |
|
| Details | File | 1 | bne_dx.exe |
|
| Details | File | 1 | bne.exe |
|
| Details | File | 1 | lomse.exe |
|
| Details | File | 22 | msteams.exe |
|
| Details | File | 35 | discord.exe |
|
| Details | File | 22 | c:\program files\microsoft office\root\office16\outlook.exe |
|
| Details | File | 18 | mdnsresponder.exe |
|
| Details | File | 16 | c:\program files\bonjour\mdnsresponder.exe |
|
| Details | File | 12 | c:\program files\qbittorrent\qbittorrent.exe |
|
| Details | File | 32 | steamwebhelper.exe |
|
| Details | File | 1 | lotr3launcher.exe |
|
| Details | File | 1 | lotr2launcher.exe |
|
| Details | File | 1 | lotr1launcher.exe |
|
| Details | File | 1 | lomlauncher.exe |
|
| Details | File | 1 | lords2.exe |
|
| Details | File | 35 | spotify.exe |
|
| Details | File | 76 | msedgewebview2.exe |
|
| Details | File | 1 | c:\users\nerdi\appdata\local\comms\unistore\data\7\m\8000000c000000073701.dat |
|
| Details | File | 1 | c:\users\nerdi\appdata\local\comms\unistore\data\7\i\b0000008000000073701.dat |
|
| Details | File | 17 | msoxmlmf.dll |
|
| Details | File | 5 | ehdrv.sys |
|
| Details | IPv4 | 2 | 1.3.36.202 |
|
| Details | IPv4 | 1 | 73.0.4.0 |
|
| Details | IPv4 | 1 | 68.105.28.13 |
|
| Details | IPv4 | 1 | 68.105.29.13 |
|
| Details | IPv4 | 1 | 68.105.28.14 |
|
| Details | IPv4 | 1 | 68.105.29.14 |
|
| Details | IPv4 | 3 | 3.0.0.10 |
|
| Details | IPv4 | 1 | 3.13.2.14 |
|
| Details | IPv4 | 1 | 2.0.60.2 |
|
| Details | IPv4 | 109 | 1.0.0.0 |
|
| Details | IPv4 | 1 | 1.52.230.1 |
|
| Details | IPv4 | 2 | 6.3.3.2 |
|
| Details | IPv4 | 7 | 5.69.0.0 |
|
| Details | IPv4 | 9 | 12.0.0.0 |
|
| Details | IPv4 | 1 | 8.1.9.3 |
|
| Details | IPv4 | 2 | 15.8.2.0 |
|
| Details | IPv4 | 1 | 1.5.6.19 |
|
| Details | IPv4 | 1 | 3.5.2.3 |
|
| Details | IPv4 | 34 | 2.10.91.91 |
|
| Details | IPv4 | 2 | 192.168.0.60 |
|
| Details | IPv6 | 1 | 2600:8807:c895:7d00:0000:0000:0000:e4be |
|
| Details | IPv6 | 1 | fe80:0000:0000:0000:51c9:c87d:2cb4:feb0 |
|
| Details | IPv6 | 1 | 2600:8807:c895:7d00:1df4:ffaf:7660:d376 |
|
| Details | IPv6 | 1 | 2600:8807:c895:7d00:284d:69d2:664f:bae2 |
|
| Details | Url | 1 | https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=trojandownloader:o97m/zloader.smz |
|
| Details | Url | 1 | https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=trojandownloader:o97m/encdoc.as |
|
| Details | Url | 1 | https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=trojan:html/phish.rk |
|
| Details | Url | 54 | http://www.google.com |
|
| Details | Url | 1 | https://go.microsoft.com/fwlink/?linkid=37020&name=trojan:html/phish.rk |
|
| Details | Url | 1 | https://go.microsoft.com/fwlink/?linkid=37020&name=trojandownloader:o97m/encdoc.as |
|
| Details | Windows Registry Key | 68 | HKLM\...\Run |
|
| Details | Windows Registry Key | 11 | HKU\S-1-5-19\...\Run |
|
| Details | Windows Registry Key | 11 | HKU\S-1-5-20\...\Run |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-437967225-2716218234-895602342-1002\...\Run |
|
| Details | Windows Registry Key | 9 | HKU\S-1-5-18\...\Run |
|
| Details | Windows Registry Key | 2 | HKLM\...\Print\Monitors\DYMO |
|
| Details | Windows Registry Key | 1 | HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe |
|
| Details | Windows Registry Key | 1 | HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe |
|
| Details | Windows Registry Key | 3 | HKLM\Software\...\AppCompatFlags\InstalledSDB |
|
| Details | Windows Registry Key | 59 | HKLM\Software\Microsoft\Active |
|
| Details | Windows Registry Key | 14 | HKLM\Software\...\Authentication\Credential |
|
| Details | Windows Registry Key | 14 | HKLM\SOFTWARE\Policies\Microsoft\Edge |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-437967225-2716218234-895602342-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension |
|
| Details | Windows Registry Key | 77 | HKLM-x32 |
|
| Details | Windows Registry Key | 1 | HKLM-x32\...\CoreFTP |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-437967225-2716218234-895602342-1002\...\Discord |
|
| Details | Windows Registry Key | 3 | HKLM-x32\...\FastStone |
|
| Details | Windows Registry Key | 6 | HKLM\...\GIMP-2_is1 |
|
| Details | Windows Registry Key | 55 | HKLM-x32\...\Google |
|
| Details | Windows Registry Key | 1 | HKLM-x32\...\1207658787_is1 |
|
| Details | Windows Registry Key | 3 | HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB |
|
| Details | Windows Registry Key | 12 | HKLM\...\O365HomePremRetail |
|
| Details | Windows Registry Key | 68 | HKLM-x32\...\Microsoft |
|
| Details | Windows Registry Key | 41 | HKLM\...\Mozilla |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-437967225-2716218234-895602342-1002\...\Mozilla |
|
| Details | Windows Registry Key | 41 | HKLM\...\MozillaMaintenanceService |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-437967225-2716218234-895602342-1002\...\Mudlet |
|
| Details | Windows Registry Key | 5 | HKLM\...\Notepad |
|
| Details | Windows Registry Key | 13 | HKLM-x32\...\qBittorrent |
|
| Details | Windows Registry Key | 6 | HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1 |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-437967225-2716218234-895602342-1002\...\slack |
|
| Details | Windows Registry Key | 1 | HKLM-x32\...\Splashtop |
|
| Details | Windows Registry Key | 34 | HKLM-x32\...\Steam |
|
| Details | Windows Registry Key | 1 | HKLM-x32\...\1418669891_is1 |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-437967225-2716218234-895602342-1002\...\ZoomUMX |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-437967225-2716218234-895602342-1002_Classes\CLSID |
|
| Details | Windows Registry Key | 32 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService |
|
| Details | Windows Registry Key | 32 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-437967225-2716218234-895602342-1002\Control |
|
| Details | Windows Registry Key | 98 | HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-437967225-2716218234-895602342-1002\...\StartupApproved\Run |