Rootkit? Fresh install on a new SSD no issues for ~2 months... it's back - Virus, Trojan, Spyware, and Malware Removal Help
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 7a9cfb92-0c90-47f6-b631-3857fcd199bc |
| Fingerprint | 3dab83905ed66f9d |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Dec. 2, 2022, 9:31 p.m. |
| Added to db | Dec. 3, 2022, 5:40 a.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | Rootkit? Fresh install on a new SSD no issues for ~2 months... it's back |
| Title | Rootkit? Fresh install on a new SSD no issues for ~2 months... it's back - Virus, Trojan, Spyware, and Malware Removal Help |
| Detected Hints/Tags/Attributes | 93/2/376 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 163 | ✔ | — | https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 7 | free.fr |
|
| Details | Domain | 1 | pooi.moe |
|
| Details | Domain | 4 | electron.app |
|
| Details | Domain | 22 | duckduckgo.com |
|
| Details | Domain | 37 | videolan.org |
|
| Details | Domain | 57 | adobe.com |
|
| Details | Domain | 454 | www.google.com |
|
| Details | Domain | 2 | raindrop.io |
|
| Details | Domain | 9 | insecure.com |
|
| Details | Domain | 30 | www.sysinternals.com |
|
| Details | Domain | 1 | liveenhancementsuiteportable-x64.zip |
|
| Details | Domain | 397 | asp.net |
|
| Details | Domain | 1 | 4-win64.zip |
|
| Details | Domain | 1 | beiramarliving-cycles.zip |
|
| Details | Domain | 1 | 82-windows.zip |
|
| Details | Domain | 1 | zeronet-win-dist-win64.zip |
|
| Details | Domain | 1 | hillside-contemporary.zip |
|
| Details | Domain | 1 | wxhexeditor-v0.24-win32.zip |
|
| Details | Domain | 1 | us-500.zip |
|
| Details | Domain | 1 | rootkitrevealer.zip |
|
| Details | Domain | 1 | abelhadigital.com |
|
| Details | Domain | 1 | ultimatetemplate-master.zip |
|
| Details | Domain | 1 | msiafterburnersetup.zip |
|
| Details | Domain | 1 | 96.zip |
|
| Details | Domain | 1 | 50.56.zip |
|
| Details | Domain | 1 | js.zip |
|
| Details | Domain | 1 | rkill64.com |
|
| Details | Domain | 1 | jackaudio.org |
|
| Details | Domain | 1 | 221027.zip |
|
| Details | Domain | 1 | shapez.io |
|
| Details | Domain | 8 | on2.com |
|
| Details | Domain | 21 | windows.management |
|
| Details | Domain | 87 | regid.1991-06.com.microsoft |
|
| Details | 4 | don.h@free.fr |
||
| Details | File | 7 | adobeipcbroker.exe |
|
| Details | File | 86 | service.exe |
|
| Details | File | 3 | c:\program files\common files\adobe\creative cloud libraries\cclibrary.exe |
|
| Details | File | 5 | coresync.exe |
|
| Details | File | 6 | c:\program files\adobe\adobe creative cloud experience\ccxprocess.exe |
|
| Details | File | 2 | c:\program files\adobe\adobe creative cloud\acc\creative cloud helper.exe |
|
| Details | File | 2 | displayfusion.exe |
|
| Details | File | 1 | displayfusionhookapp32.exe |
|
| Details | File | 1 | displayfusionhookapp64.exe |
|
| Details | File | 1 | old_overwolf.exe |
|
| Details | File | 2 | overwolfhelper.exe |
|
| Details | File | 2 | overwolfhelper64.exe |
|
| Details | File | 9 | overwolfbrowser.exe |
|
| Details | File | 1 | insightscapture.exe |
|
| Details | File | 3 | gg.exe |
|
| Details | File | 99 | steam.exe |
|
| Details | File | 32 | steamwebhelper.exe |
|
| Details | File | 674 | node.js |
|
| Details | File | 5 | c:\program files\adobe\adobe creative cloud experience\libs\node.exe |
|
| Details | File | 8 | c:\program files\adobe\adobe creative cloud\acc\creative cloud.exe |
|
| Details | File | 3 | c:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe |
|
| Details | File | 3 | c:\program files\common files\adobe\creative cloud libraries\libs\node.exe |
|
| Details | File | 52 | c:\program files\google\chrome\application\chrome.exe |
|
| Details | File | 1 | c:\program files\libreoffice\program\soffice.exe |
|
| Details | File | 2 | c:\program files\libreoffice\program\soffice.bin |
|
| Details | File | 1 | c:\program files\libreoffice\program\swriter.exe |
|
| Details | File | 46 | c:\program files\malwarebytes\anti-malware\mbamservice.exe |
|
| Details | File | 39 | c:\program files\malwarebytes\anti-malware\mbamtray.exe |
|
| Details | File | 1 | c:\program files\powertoys\powertoys.exe |
|
| Details | File | 1 | alwaysontop.exe |
|
| Details | File | 1 | colorpickerui.exe |
|
| Details | File | 1 | fancyzones.exe |
|
| Details | File | 2 | c:\program files\powertoys\modules\keyboardmanager\keyboardmanagerengine\powertoys.key |
|
| Details | File | 2 | boardmanagerengine.exe |
|
| Details | File | 2 | powerlauncher.exe |
|
| Details | File | 1 | powerocr.exe |
|
| Details | File | 27 | phoneexperiencehost.exe |
|
| Details | File | 3 | yourphoneappproxy.exe |
|
| Details | File | 1 | beta.exe |
|
| Details | File | 6 | index.exe |
|
| Details | File | 198 | msmpeng.exe |
|
| Details | File | 19 | mpcopyaccelerator.exe |
|
| Details | File | 1 | c:\riot games\league of legends\leagueclient.exe |
|
| Details | File | 1 | c:\riot games\league of legends\leagueclientux.exe |
|
| Details | File | 1 | c:\riot games\league of legends\leagueclientuxrender.exe |
|
| Details | File | 1 | c:\riot games\league of legends\leaguecrashhandler.exe |
|
| Details | File | 4 | c:\riot games\riot client\riotclientservices.exe |
|
| Details | File | 2 | c:\riot games\riot client\riotclientcrashhandler.exe |
|
| Details | File | 1 | c:\users\tatrii\appdata\local\programs\quicklook\quicklook.exe |
|
| Details | File | 1 | wow64hookhelper.exe |
|
| Details | File | 1 | splice.exe |
|
| Details | File | 31 | helper.exe |
|
| Details | File | 1260 | explorer.exe |
|
| Details | File | 1 | c:\users\tatrii\appdata\local\programs\bitwarden\bitwarden.exe |
|
| Details | File | 2 | voicemeeterpro.exe |
|
| Details | File | 1 | eartrumpet.exe |
|
| Details | File | 1 | c:\users\tatrii\desktop\les\live enhancement suite.exe |
|
| Details | File | 2 | c:\program files\maxon\tools\mxnotify.exe |
|
| Details | File | 1 | c:\program files\powershell\7\pwsh.exe |
|
| Details | File | 1 | c:\laragon\bin\notepad++\notepad++.exe |
|
| Details | File | 3 | c:\program files\sharex\sharex.exe |
|
| Details | File | 1 | c:\program files\loud technologies inc\mackie usb driver\w10_x64\mackie_cplapp.exe |
|
| Details | File | 1 | c:\program files\microsoft visual studio\2022\community\common7\ide\devenv.exe |
|
| Details | File | 1 | c:\users\tatrii\appdata\local\programs\microsoft vs code\code.exe |
|
| Details | File | 20 | c:\windows\syswow64\cmd.exe |
|
| Details | File | 306 | services.exe |
|
| Details | File | 2 | displayfusionservice.exe |
|
| Details | File | 2 | c:\program files\maxon\tools\mxredirect.exe |
|
| Details | File | 3 | c:\program files\red giant\services\red giant service.exe |
|
| Details | File | 3 | c:\program files\microsoft sql server\90\shared\sqlwriter.exe |
|
| Details | File | 87 | nissrv.exe |
|
| Details | File | 16 | steamservice.exe |
|
| Details | File | 2 | c:\program files\everything\everything.exe |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 5 | adobenotificationclient.exe |
|
| Details | File | 49 | c:\windows\immersivecontrolpanel\systemsettings.exe |
|
| Details | File | 5 | c:\windows\system32\dataexchangehost.exe |
|
| Details | File | 85 | c:\windows\system32\dllhost.exe |
|
| Details | File | 4 | c:\windows\system32\gamebarpresencewriter.exe |
|
| Details | File | 23 | c:\windows\system32\mousocoreworker.exe |
|
| Details | File | 1 | c:\program files\systeminformer\systeminformer.exe |
|
| Details | File | 4 | webcam.exe |
|
| Details | File | 5 | c:\windows\system32\logilda.dll |
|
| Details | File | 9 | ccxprocess.exe |
|
| Details | File | 50 | 3.exe |
|
| Details | File | 128 | msedge.exe |
|
| Details | File | 1 | c:\users\tatrii\appdata\local\discord\update.exe |
|
| Details | File | 1 | c:\users\tatrii\appdata\local\programs\mobalytics-desktop\mobalytics desktop.exe |
|
| Details | File | 6 | overwolflauncher.exe |
|
| Details | File | 1 | c:\program files\openvpn\bin\openvpn-gui.exe |
|
| Details | File | 1 | c:\program files\izotope\product portal\x64\izotope product portal.exe |
|
| Details | File | 1 | c:\users\tatrii\appdata\roaming\spotify\spotify.exe |
|
| Details | File | 11 | epicgameslauncher.exe |
|
| Details | File | 61 | chrmstp.exe |
|
| Details | File | 1 | c:\laragon\laragon.exe |
|
| Details | File | 1 | launchy.exe |
|
| Details | File | 97 | mpcmdrun.exe |
|
| Details | File | 10 | overwolfupdater.exe |
|
| Details | File | 105 | googleupdate.exe |
|
| Details | File | 99 | c:\windows\explorer.exe |
|
| Details | File | 1 | initialize.exe |
|
| Details | File | 8 | c:\program files\npcap\checkstatus.bat |
|
| Details | File | 12 | backgrounddownload.exe |
|
| Details | File | 5 | newtab.html |
|
| Details | File | 17 | c:\program files\videolan\vlc\npvlc.dll |
|
| Details | File | 13 | npadobeaamdetect64.dll |
|
| Details | File | 10 | npadobeaamdetect32.dll |
|
| Details | File | 11 | adobeupdateservice.exe |
|
| Details | File | 8 | c:\program files\electronic arts\ea desktop\ea desktop\eabackgroundservice.exe |
|
| Details | File | 18 | easyanticheat.exe |
|
| Details | File | 16 | epiconlineserviceshost.exe |
|
| Details | File | 3 | gubootservice.exe |
|
| Details | File | 3 | gupmservice.exe |
|
| Details | File | 4 | c:\windows\system32\lxss\wslclient.dll |
|
| Details | File | 1 | c:\program files\openvpn\bin\openvpnserv.exe |
|
| Details | File | 4 | gamemanagerservice.exe |
|
| Details | File | 4 | razercentralservice.exe |
|
| Details | File | 38 | c:\program files\windows defender advanced threat protection\mssense.exe |
|
| Details | File | 2 | teracopyservice.exe |
|
| Details | File | 3 | c:\program files\teracopy\teracopyservice.exe |
|
| Details | File | 1 | c:\program files\fing\resources\extraresources\fingagent.exe |
|
| Details | File | 1 | c:\windows\system32\driverstore\filerepository\nv_dispsig.inf |
|
| Details | File | 44 | container.exe |
|
| Details | File | 30 | containerlocalsystem.log |
|
| Details | File | 1 | %programfiles(x86)%\winpcap\rpcapd.exe |
|
| Details | File | 1 | %programfiles(x86)%\winpcap\rpcapd.ini |
|
| Details | File | 26 | c:\windows\system32\drivers\btha2dp.sys |
|
| Details | File | 22 | c:\windows\system32\drivers\bthhfenum.sys |
|
| Details | File | 3 | c:\windows\system32\drivers\gubootstartup.sys |
|
| Details | File | 1 | c:\program files\systeminformer\systeminformer.sys |
|
| Details | File | 1 | c:\windows\system32\drivers\loudusbaudio.sys |
|
| Details | File | 1 | c:\windows\system32\drivers\loudusbaudioks.sys |
|
| Details | File | 30 | c:\windows\system32\drivers\mbamchameleon.sys |
|
| Details | File | 38 | c:\windows\system32\drivers\mbamelam.sys |
|
| Details | File | 38 | c:\windows\system32\drivers\mbamswissarmy.sys |
|
| Details | File | 1 | c:\windows\system32\drivers\neo6_x64_vpn.sys |
|
| Details | File | 8 | c:\windows\system32\drivers\npcap.sys |
|
| Details | File | 2 | c:\windows\system32\drivers\npf.sys |
|
| Details | File | 3 | c:\windows\system32\drivers\procmon24.sys |
|
| Details | File | 50 | www.sys |
|
| Details | File | 2 | c:\windows\system32\drivers\rsplll64.sys |
|
| Details | File | 2 | c:\windows\system32\drivers\rspwhy64.sys |
|
| Details | File | 3 | c:\windows\system32\drivers\rzcommon.sys |
|
| Details | File | 1 | c:\windows\system32\drivers\rzdev_00b6.sys |
|
| Details | File | 1 | c:\windows\system32\drivers\rzdev_0226.sys |
|
| Details | File | 16 | c:\windows\system32\drivers\tap0901.sys |
|
| Details | File | 3 | c:\windows\system32\drivers\vbaudio_vmauxvaio64_win10.sys |
|
| Details | File | 5 | c:\windows\system32\drivers\vbaudio_vmvaio64_win10.sys |
|
| Details | File | 70 | c:\windows\system32\drivers\wd\wdboot.sys |
|
| Details | File | 70 | c:\windows\system32\drivers\wd\wdfilter.sys |
|
| Details | File | 70 | c:\windows\system32\drivers\wd\wdnisdrv.sys |
|
| Details | File | 11 | c:\windows\system32\drivers\wintun.sys |
|
| Details | File | 1 | c:\users\tatrii\desktop\new folder with items 1 2022-12-02 19:39 - 2022-12-02 19:59 - 000039732 _____ c:\users\tatrii\desktop\frst.txt |
|
| Details | File | 1 | c:\users\tatrii\desktop\frst64.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\mbsetup.exe |
|
| Details | File | 59 | 2.exe |
|
| Details | File | 1 | 4_win.zip |
|
| Details | File | 1 | c:\users\tatrii\downloads\laragon-wamp.exe |
|
| Details | File | 1 | c:\users\tatrii\desktop\les 2022-12-01 07:56 - 2022-12-01 07:56 - 001585631 _____ c:\users\tatrii\downloads\liveenhancementsuiteportable-x64.zip |
|
| Details | File | 1 | 3.url |
|
| Details | File | 1 | 1-f1f11d9fe38f46a3831acc47c7798339.msi |
|
| Details | File | 1 | c:\users\tatrii\downloads\izotope_vocalsynth_pro_v2_5_0.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\izotope_audiolens_v1_1_0.exe |
|
| Details | File | 1 | 4-win64.zip |
|
| Details | File | 1 | 2-windows-installer-x64.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\beiramarliving-cycles.zip |
|
| Details | File | 1 | 82-windows.zip |
|
| Details | File | 1 | c:\windows\syswow64\synsoemu.dll |
|
| Details | File | 1 | c:\programdata\obs-studio-hook 2022-11-28 03:50 - 2022-11-28 03:50 - 000000000 ____d c:\programdata\microsoft\windows\start menu\programs\obs studio 2022-11-28 03:50 - 2022-11-28 03:50 - 000000000 ____d c:\program files\obs-studio 2022-11-27 03:38 - 2022-11-27 03:38 - 000044206 _____ c:\users\tatrii\downloads\mainminmods.bin |
|
| Details | File | 1 | c:\users\tatrii\desktop\scripts 2022-11-26 04:41 - 2022-11-26 04:41 - 000000000 ____d c:\programdata\microsoft\windows\start menu\programs\node.js |
|
| Details | File | 1 | 1_setup.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\filejuggler.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\zeronet-win-dist-win64.zip |
|
| Details | File | 1 | c:\windows\system32\freeimage.dll |
|
| Details | File | 1 | c:\users\tatrii\appdata\roaming\microsoft\windows\start menu\programs\maxon app 2022-11-25 07:27 - 2022-11-25 07:27 - 000000000 ____d c:\programdata\microsoft\windows\start menu\programs\maxon app 2022-11-25 07:27 - 2022-11-25 07:27 - 000000000 ____d c:\program files\maxon 2022-11-25 03:29 - 2022-11-25 03:29 - 000000000 ____d c:\users\tatrii\desktop\hillside contemporary 2022-11-25 03:28 - 2022-11-25 03:28 - 028621536 _____ c:\users\tatrii\downloads\hillside-contemporary.zip |
|
| Details | File | 1 | 24-win32.zip |
|
| Details | File | 1 | c:\users\tatrii\downloads\sardu_420.zip |
|
| Details | File | 1 | c:\users\tatrii\downloads\hitmanpro_x64.exe |
|
| Details | File | 1 | 84-win64.msi |
|
| Details | File | 1 | c:\windows\syswow64\npcap 2022-11-23 03:05 - 2022-11-23 03:05 - 000000000 ____d c:\windows\system32\npcap 2022-11-23 03:05 - 2022-11-23 03:05 - 000000000 ____d c:\users\tatrii\appdata\roaming\fingagent 2022-11-23 03:05 - 2022-11-23 03:05 - 000000000 ____d c:\users\tatrii\appdata\local\fing-updater 2022-11-23 03:05 - 2022-11-23 03:05 - 000000000 ____d c:\programdata\fingagent 2022-11-23 03:05 - 2022-11-23 03:05 - 000000000 ____d c:\program files\npcap 2022-11-23 03:05 - 2022-11-23 03:05 - 000000000 ____d c:\program files\fing 2022-11-23 02:50 - 2022-11-23 02:50 - 000468618 _____ c:\users\tatrii\downloads\depends22_x64.zip |
|
| Details | File | 1 | c:\users\tatrii\downloads\fing.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\googleearthprosetup.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\installsplice.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\advisorinstaller.exe |
|
| Details | File | 1 | c:\users\tatrii\desktop\gps.csv |
|
| Details | File | 3 | c:\windows\syswow64\ff_vfw.dll |
|
| Details | File | 1 | c:\users\tatrii\downloads\ffdshow_rev4532_20140717_clsid.exe |
|
| Details | File | 1 | c:\users\tatrii\desktop\gps.txt |
|
| Details | File | 1 | c:\users\tatrii\downloads\matroskasplitter.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\gg011411.mp4 |
|
| Details | File | 1 | c:\users\tatrii\downloads\skrillex-gif-1.mp4 |
|
| Details | File | 1 | c:\users\tatrii\downloads\tumblr_mkzuekbssg1rjfqwso1_500.mp4 |
|
| Details | File | 1 | c:\users\tatrii\downloads\drrflmusl1ayltxi.mp4 |
|
| Details | File | 1 | c:\users\tatrii\downloads\us-500.csv |
|
| Details | File | 1 | c:\users\tatrii\downloads\us-500.zip |
|
| Details | File | 1 | c:\users\tatrii\downloads\mobalytics desktop - installer.exe |
|
| Details | File | 1 | c:\users\tatrii\desktop\rootkitrevealer 2022-11-21 09:12 - 2022-11-21 09:12 - 000231390 _____ c:\users\tatrii\downloads\rootkitrevealer.zip |
|
| Details | File | 1 | c:\users\tatrii\desktop\rootkitrevealer.zip |
|
| Details | File | 17 | 2.zip |
|
| Details | File | 1 | c:\users\tatrii\downloads\openhashtab_setup.exe |
|
| Details | File | 1 | 5527-setup.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\hello_p5_song_2022_11_20_11_29_17 2022-11-20 05:29 - 2022-11-20 05:29 - 004458926 _____ c:\users\tatrii\downloads\hello_p5_song_2022_11_20_11_29_17.zip |
|
| Details | File | 2 | c:\windows\acpimof.dll |
|
| Details | File | 45 | 1.zip |
|
| Details | File | 1 | 5-x86.iso |
|
| Details | File | 9 | 6.zip |
|
| Details | File | 1 | c:\users\tatrii\downloads\ultimatetemplate-master.zip |
|
| Details | File | 1 | 0_setup.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\deemix-gui setup.exe |
|
| Details | File | 1 | c:\windows\syswow64\directx 2022-11-18 02:45 - 2022-11-18 02:45 - 000000000 ____d c:\users\tatrii\appdata\roaming\microsoft\windows\start menu\programs\rivatuner statistics server 2022-11-18 02:45 - 2022-11-18 02:45 - 000000000 ____d c:\users\tatrii\appdata\roaming\microsoft\windows\start menu\programs\msi afterburner 2022-11-18 02:44 - 2022-11-18 02:44 - 055532428 _____ c:\users\tatrii\downloads\msiafterburnersetup.zip |
|
| Details | File | 1 | 96.zip |
|
| Details | File | 1 | 56.zip |
|
| Details | File | 4 | 2.msi |
|
| Details | File | 1 | 4_portable.zip |
|
| Details | File | 7 | 39-setup.exe |
|
| Details | File | 1 | c:\programdata\sectaskman 2022-11-15 07:22 - 2022-11-15 07:22 - 003029920 _____ c:\users\tatrii\downloads\securitytaskmanager_setup.exe |
|
| Details | File | 26 | 0.js |
|
| Details | File | 1 | c:\users\public\documents\adobeinstalledcodecstier2 2022-11-15 03:58 - 2022-11-15 03:58 - 000031286 _____ c:\users\tatrii\desktop\un_a.rar |
|
| Details | File | 1 | c:\users\tatrii\downloads\esetonlinescanner.exe |
|
| Details | File | 1 | c:\users\tatrii\appdata\local\eset 2022-11-15 03:45 - 2022-11-15 03:46 - 000001622 _____ c:\users\tatrii\desktop\rkill.txt |
|
| Details | File | 4 | c:\windows\system32\drivers\procexp152.sys |
|
| Details | File | 1 | 1806.msi |
|
| Details | File | 1 | c:\program files\jack2 2022-11-15 02:14 - 2022-04-15 20:37 - 000696832 _____ c:\windows\libjack.dll |
|
| Details | File | 1 | c:\windows\libjack64.dll |
|
| Details | File | 8 | 21.exe |
|
| Details | File | 1 | 0_windows-64.exe |
|
| Details | File | 1 | c:\users\tatrii\appdata\roaming\macromedia 2022-11-12 14:00 - 2022-11-12 14:01 - 000000000 ____d c:\users\tatrii\desktop\sdt 2022-11-12 13:59 - 2022-11-12 14:01 - 106554787 _____ c:\users\tatrii\downloads\sby_loader_pack_15_545d_hotfix1.zip |
|
| Details | File | 1 | 221027.zip |
|
| Details | File | 1 | c:\users\tatrii\downloads\izotope_rx_10_audio_editor_v10_2_0.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\izotope_ozone_advanced_v10_2_0.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\izotope_neutron_v4_2_0.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\izotope_nectar_pro_v3_8_0.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\izotope_product_portal_v1_4_6.exe |
|
| Details | File | 1 | c:\users\tatrii\downloads\whysoslowsetup.exe |
|
| Details | File | 1 | 5_qt6_x64_setup.exe |
|
| Details | File | 1 | 8-i601-amd64.msi |
|
| Details | File | 1 | 26-windows-x86_x64-intel.exe |
|
| Details | File | 1 | c:\windows\system32\vpncmd.exe |
|
| Details | File | 1 | c:\windows\system32\unitefx.dll |
|
| Details | File | 1 | 830-release.msi |
|
| Details | File | 1 | c:\windows\system32\wrap_oal.dll |
|
| Details | File | 1 | c:\windows\syswow64\wrap_oal.dll |
|
| Details | File | 1 | c:\windows\system32\openal32.dll |
|
| Details | File | 1 | c:\windows\syswow64\openal32.dll |
|
| Details | File | 1 | c:\users\tatrii\downloads\visualcppredist_aio_x86_x64.exe |
|
| Details | File | 7 | c:\windows\syswow64\vp6vfw.dll |
|
| Details | File | 16 | c:\windows\system32\drivers\mbae64.sys |
|
| Details | File | 1 | c:\programdata\iobit 2022-11-03 11:43 - 2022-11-03 11:44 - 000000000 ____d c:\users\tatrii\appdata\locallow\iobit 2022-11-03 11:42 - 2022-11-03 11:42 - 000000000 ____d c:\users\tatrii\appdata\local\elevateddiagnostics 2022-11-03 11:35 - 2022-11-03 13:43 - 000000000 ____d c:\users\tatrii\appdata\local\google 2022-11-03 11:13 - 2022-11-03 11:13 - 000688128 _____ c:\windows\system32\fsnvsdevicesource.dll |
|
| Details | File | 19 | inprocobjects.dll |
|
| Details | File | 6 | c:\windows\system32\nettraceex.dll |
|
| Details | File | 1 | c:\users\tatrii\downloads\kms_vl_all-48 2022-11-03 10:58 - 2022-11-03 10:58 - 000077968 _____ c:\users\tatrii\downloads\kms_vl_all-48.7z |
|
| Details | File | 1 | c:\users\tatrii\downloads\kms_vl_all_aio-48.7z |
|
| Details | File | 16 | c:\windows\system32\nvapi64.dll |
|
| Details | File | 8 | c:\windows\system32\drivers\nvhdap64.dll |
|
| Details | File | 11 | c:\windows\system32\vulkaninfo-1-999-0-0-0.exe |
|
| Details | File | 19 | c:\windows\system32\vulkaninfo.exe |
|
| Details | File | 19 | c:\windows\syswow64\vulkaninfo-1-999-0-0-0.exe |
|
| Details | File | 19 | c:\windows\syswow64\vulkaninfo.exe |
|
| Details | File | 22 | c:\windows\system32\opencl.dll |
|
| Details | File | 19 | c:\windows\system32\vulkan-1-999-0-0-0.dll |
|
| Details | File | 18 | c:\windows\system32\vulkan-1.dll |
|
| Details | File | 22 | c:\windows\syswow64\opencl.dll |
|
| Details | File | 19 | c:\windows\syswow64\vulkan-1-999-0-0-0.dll |
|
| Details | File | 19 | c:\windows\syswow64\vulkan-1.dll |
|
| Details | File | 17 | c:\windows\system32\nvifr64.dll |
|
| Details | File | 17 | c:\windows\syswow64\nvifr.dll |
|
| Details | File | 17 | c:\windows\system32\nvofapi64.dll |
|
| Details | File | 17 | c:\windows\system32\nvml.dll |
|
| Details | File | 17 | c:\windows\syswow64\nvofapi.dll |
|
| Details | File | 17 | c:\windows\system32\nvfbc64.dll |
|
| Details | File | 17 | c:\windows\syswow64\nvfbc.dll |
|
| Details | File | 17 | c:\windows\system32\nvencodeapi64.dll |
|
| Details | File | 17 | c:\windows\syswow64\nvencodeapi.dll |
|
| Details | File | 17 | c:\windows\system32\nvidia-smi.exe |
|
| Details | File | 17 | c:\windows\syswow64\nvcuvid.dll |
|
| Details | File | 17 | c:\windows\system32\nvcuvid.dll |
|
| Details | File | 13 | c:\windows\system32\nvcudadebugger.dll |
|
| Details | File | 17 | c:\windows\system32\nvcpl.dll |
|
| Details | File | 17 | c:\windows\syswow64\nvcuda.dll |
|
| Details | File | 17 | c:\windows\system32\nvcuda.dll |
|
| Details | File | 17 | c:\windows\system32\nvdebugdump.exe |
|
| Details | File | 17 | c:\windows\system32\mcu.exe |
|
| Details | File | 17 | c:\windows\syswow64\nvapi.dll |
|
| Details | File | 1 | c:\users\tatrii\appdata\local\displayfusion 2022-11-02 21:18 - 2022-11-02 21:18 - 000000000 ____d c:\programdata\binary fortress software 2022-11-02 21:17 - 2022-11-02 21:17 - 000000222 _____ c:\users\tatrii\desktop\displayfusion.url |
|
| Details | File | 1 | c:\users\tatrii\appdata\locallow\defaultcompany 2022-11-02 18:59 - 2022-12-01 05:32 - 000000000 ____d c:\users\tatrii\appdata\roaming\microsoft\windows\start menu\programs\steam 2022-11-02 18:59 - 2022-11-02 18:59 - 000000222 _____ c:\users\tatrii\desktop\wallpaper engine.url |
|
| Details | File | 1 | c:\programdata\microsoft\windows\start menu\programs\steam 2022-11-02 17:37 - 2022-11-02 17:37 - 000000000 ____d c:\program files\microsoft update health tools 2022-11-02 17:27 - 2022-11-29 20:34 - 000042966 _____ c:\users\tatrii\appdata\roaming\voicemeeterbananadefault.xml |
|
| Details | File | 1 | c:\users\tatrii\downloads\ableton_live_beta_112b12_64.zip |
|
| Details | File | 1 | c:\users\tatrii\appdata\roaming\microsoft\windows\start menu\programs\winrar 2022-11-02 05:45 - 2022-11-11 04:07 - 000000000 ____d c:\programdata\microsoft\windows\start menu\programs\winrar 2022-11-02 05:45 - 2022-11-02 05:45 - 000000000 ____d c:\users\tatrii\appdata\roaming\winrar 2022-11-02 05:45 - 2022-11-02 05:45 - 000000000 ____d c:\program files\winrar 2022-11-02 05:29 - 2022-11-02 14:04 - 000000000 ____d c:\users\tatrii\downloads\3d 2022-11-02 05:28 - 2022-11-02 05:28 - 000000000 ____d c:\users\tatrii\appdata\roaming\microsoft\windows\start menu\programs\blender 2022-11-02 05:28 - 2022-11-02 05:28 - 000000000 ____d c:\program files\blender foundation 2022-11-02 05:11 - 2022-11-02 05:11 - 000000000 ___rd c:\users\tatrii\onedrive 2022-11-02 05:11 - 2022-11-02 05:11 - 000000000 ____d c:\programdata\microsoft onedrive 2022-11-02 05:10 - 2022-12-01 06:37 - 000000000 ____d c:\users\tatrii\appdata\local\packages 2022-11-02 05:10 - 2022-11-29 20:41 - 000000000 ____d c:\programdata\packages 2022-11-02 05:10 - 2022-11-16 23:45 - 000000000 ____d c:\users\tatrii\appdata\local\virtualstore 2022-11-02 05:10 - 2022-11-15 06:40 - 000000000 ____d c:\users\tatrii\appdata\roaming\adobe 2022-11-02 05:10 - 2022-11-02 14:24 - 000000000 ____d c:\users\tatrii\appdata\local\connecteddevicesplatform 2022-11-02 05:10 - 2022-11-02 14:19 - 000000000 __rhd c:\users\public\accountpictures 2022-11-02 05:10 - 2022-11-02 05:10 - 000000000 ___rd c:\users\tatrii\3d objects 2022-11-02 05:10 - 2022-11-02 05:10 - 000000000 ____d c:\windows\csc 2022-11-02 05:10 - 2022-11-02 00:24 - 000000000 ____d c:\users\tatrii\appdata\local\publishers 2022-11-02 05:09 - 2022-12-01 16:18 - 000000000 ____d c:\users\tatrii 2022-11-02 05:09 - 2022-11-02 05:09 - 000000020 ___sh c:\users\tatrii\ntuser.ini |
|
| Details | File | 24 | c:\windows\system32\fntcache.dat |
|
| Details | File | 38 | c:\dumpstack.log |
|
| Details | File | 40 | c:\windows\tasks\sa.dat |
|
| Details | File | 1 | c:\programdata\riot games 2022-12-02 16:42 - 2022-11-01 22:15 - 000840878 _____ c:\windows\system32\perfstringbackup.ini |
|
| Details | File | 1 | c:\windows\syswow64\dpnet.dll |
|
| Details | File | 1 | c:\windows\syswow64\dplayx.dll |
|
| Details | File | 1 | c:\windows\syswow64\dpnathlp.dll |
|
| Details | File | 1 | c:\windows\syswow64\dpwsockx.dll |
|
| Details | File | 1 | c:\windows\syswow64\dpmodemx.dll |
|
| Details | File | 1 | c:\windows\syswow64\dpnsvr.exe |
|
| Details | File | 1 | c:\windows\syswow64\dplaysvr.exe |
|
| Details | File | 1 | c:\windows\syswow64\dpnhupnp.dll |
|
| Details | File | 1 | c:\windows\syswow64\dpnhpast.dll |
|
| Details | File | 1 | c:\windows\syswow64\dpnlobby.dll |
|
| Details | File | 1 | c:\windows\syswow64\dpnaddr.dll |
|
| Details | File | 1 | c:\windows\system32\dpnet.dll |
|
| Details | File | 1 | c:\windows\system32\dpnathlp.dll |
|
| Details | File | 1 | c:\windows\system32\dpnsvr.exe |
|
| Details | File | 1 | c:\windows\system32\dpnhupnp.dll |
|
| Details | File | 1 | c:\windows\system32\dpnhpast.dll |
|
| Details | File | 1 | c:\windows\system32\dpnlobby.dll |
|
| Details | File | 1 | c:\windows\system32\dpnaddr.dll |
|
| Details | File | 3 | c:\windows\system32\drivers\lxcore.sys |
|
| Details | File | 3 | c:\windows\system32\wslconfig.exe |
|
| Details | File | 3 | c:\windows\system32\bash.exe |
|
| Details | File | 3 | c:\windows\system32\drivers\lxss.sys |
|
| Details | File | 3 | c:\windows\system32\p9np.dll |
|
| Details | File | 3 | c:\windows\system32\drivers\p9rdr.sys |
|
| Details | File | 3 | c:\windows\syswow64\p9np.dll |
|
| Details | File | 59 | c:\windows\system32\mrt.exe |
|
| Details | File | 1 | c:\users\tatrii\appdata\roaming\uninst_94306.log |
|
| Details | File | 1 | c:\users\tatrii\appdata\roaming\voicemeeterbananadefault.xml |
|
| Details | File | 1 | c:\users\tatrii\appdata\local\uninst_95142.log |
|
| Details | File | 86 | frst.txt |
|
| Details | md5 | 1 | f1f11d9fe38f46a3831acc47c7798339 |
|
| Details | IPv4 | 2 | 0.208.1.4 |
|
| Details | IPv4 | 1441 | 127.0.0.1 |
|
| Details | IPv4 | 142 | 192.168.0.1 |
|
| Details | IPv4 | 1 | 192.168.193.96 |
|
| Details | IPv4 | 295 | 8.8.8.8 |
|
| Details | IPv4 | 63 | 8.8.4.4 |
|
| Details | IPv4 | 6 | 3.0.17.4 |
|
| Details | IPv4 | 1 | 0.99.6.4 |
|
| Details | IPv4 | 1 | 2.1.0.45 |
|
| Details | IPv4 | 1 | 24.3.0.84 |
|
| Details | Url | 3 | https://duckduckgo.com/?q={searchterms} |
|
| Details | Url | 1 | https://duckduckgo.com/chrome_newtab |
|
| Details | Url | 3 | https://duckduckgo.com/ac/?q={searchterms}&type=list |
|
| Details | Url | 54 | http://www.google.com |
|
| Details | Windows Registry Key | 68 | HKLM\...\Run |
|
| Details | Windows Registry Key | 50 | HKLM-x32\...\Run |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3004531056-1595194505-3402979578-1001\...\Run |
|
| Details | Windows Registry Key | 59 | HKLM\Software\Microsoft\Active |
|
| Details | Windows Registry Key | 188 | HKCU\Software\Microsoft\Windows\CurrentVersion\Run |