Paranoid about possible infection. Please help to find out for sure. - Virus, Trojan, Spyware, and Malware Removal Help
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 99b770c4-190d-4fba-b6a3-099ebd276891 |
| Fingerprint | 3d5b8b10daceee97 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Nov. 4, 2023, 8:41 a.m. |
| Added to db | Nov. 4, 2023, 5:29 p.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | Paranoid about possible infection. Please help to find out for sure. |
| Title | Paranoid about possible infection. Please help to find out for sure. - Virus, Trojan, Spyware, and Malware Removal Help |
| Detected Hints/Tags/Attributes | 67/2/238 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 163 | ✔ | — | https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 67 | microsoft.windows |
|
| Details | Domain | 2 | darkreader.org |
|
| Details | Domain | 3 | raymondhill.net |
|
| Details | Domain | 291 | raw.githubusercontent.com |
|
| Details | Domain | 6 | wellbia.com |
|
| Details | Domain | 87 | regid.1991-06.com.microsoft |
|
| Details | Domain | 2 | lavsplitter.ax |
|
| Details | 5 | addon@darkreader.org.xpi |
||
| Details | 17 | ublock0@raymondhill.net.xpi |
||
| Details | File | 1 | c:\users\george\desktop\new folder\frst64.exe |
|
| Details | File | 86 | service.exe |
|
| Details | File | 6 | cpuidremote64.exe |
|
| Details | File | 46 | c:\program files\malwarebytes\anti-malware\mbamservice.exe |
|
| Details | File | 39 | c:\program files\malwarebytes\anti-malware\mbamtray.exe |
|
| Details | File | 1260 | explorer.exe |
|
| Details | File | 17 | c:\windows\system32\taskmgr.exe |
|
| Details | File | 5 | c:\program files\nordvpn\nordvpn.exe |
|
| Details | File | 11 | c:\program files\realtek\audio\hda\ravcpl64.exe |
|
| Details | File | 1 | simplewall.exe |
|
| Details | File | 17 | microsoftedgeupdate.exe |
|
| Details | File | 47 | c:\program files\mozilla firefox\firefox.exe |
|
| Details | File | 306 | services.exe |
|
| Details | File | 1 | c:\program files\corsair\corsair icue5 software\corsaircpuidservice.exe |
|
| Details | File | 1 | iccproxy.exe |
|
| Details | File | 22 | c:\windows\system32\driverstore\filerepository\mewmiprov.inf |
|
| Details | File | 23 | wmiregistrationservice.exe |
|
| Details | File | 33 | c:\windows\system32\driverstore\filerepository\dal.inf |
|
| Details | File | 41 | jhi_service.exe |
|
| Details | File | 7 | c:\windows\system32\iprosetmonitor.exe |
|
| Details | File | 198 | msmpeng.exe |
|
| Details | File | 87 | nissrv.exe |
|
| Details | File | 5 | c:\program files\nordupdater\nordupdateservice.exe |
|
| Details | File | 5 | c:\program files\nordvpn\nordvpn-service.exe |
|
| Details | File | 6 | c:\windows\system32\driverstore\filerepository\nv_dispig.inf |
|
| Details | File | 44 | container.exe |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 2 | c:\program files\evga\precision x1\precisionx_x64.exe |
|
| Details | File | 85 | c:\windows\system32\dllhost.exe |
|
| Details | File | 67 | c:\windows\system32\smartscreen.exe |
|
| Details | File | 35 | c:\windows\system32\wlanext.exe |
|
| Details | File | 11 | chxsmartscreen.exe |
|
| Details | File | 6 | c:\program files\steelseries\gg\steelseriesgg.exe |
|
| Details | File | 13 | iastoricon.exe |
|
| Details | File | 1 | c:\program files\corsair\corsair icue5 software\icue launcher.exe |
|
| Details | File | 16 | c:\program files\ccleaner\ccleaner64.exe |
|
| Details | File | 17 | c:\program files\ccleaner\ccupdate.exe |
|
| Details | File | 14 | c:\program files\ccleaner\ccleanerbugreport.exe |
|
| Details | File | 15 | c:\program files\ccleaner\ccleaner.exe |
|
| Details | File | 2 | d:\msert.exe |
|
| Details | File | 9 | %systemroot%\system32\musnotification.exe |
|
| Details | File | 97 | mpcmdrun.exe |
|
| Details | File | 38 | c:\program files\mozilla firefox\default-browser-agent.exe |
|
| Details | File | 99 | c:\windows\explorer.exe |
|
| Details | File | 4 | updates.json |
|
| Details | File | 6 | c:\windows\system32\cloudrestorelauncher.dll |
|
| Details | File | 1 | c:\program files\corsair\corsair icue5 software\corsairdevicelisterservice.exe |
|
| Details | File | 1 | c:\program files\corsair\corsair icue5 software\icuedevicepluginhost.exe |
|
| Details | File | 1 | c:\program files\corsair\corsair icue5 software\icueupdateservice.exe |
|
| Details | File | 4 | c:\program files\nordvpn\nordsec threatprotection\nordsec-threatprotection-service.exe |
|
| Details | File | 5 | c:\program files\steelseries\gg\steelseriesupdateservice.exe |
|
| Details | File | 2 | %systemroot%\system32\browser.dll |
|
| Details | File | 2 | c:\windows\syswow64\drivers\asrdrv101.sys |
|
| Details | File | 5 | c:\windows\system32\drivers\corsairgamingaudio64.sys |
|
| Details | File | 1 | c:\windows\temp\cpuz157\cpuz157_x64.sys |
|
| Details | File | 4 | driver-x64.sys |
|
| Details | File | 30 | c:\windows\system32\drivers\mbamchameleon.sys |
|
| Details | File | 38 | c:\windows\system32\drivers\mbamelam.sys |
|
| Details | File | 38 | c:\windows\system32\drivers\mbamswissarmy.sys |
|
| Details | File | 39 | mpksldrv.sys |
|
| Details | File | 5 | ndivert.sys |
|
| Details | File | 5 | c:\windows\system32\drivers\nordlwf.sys |
|
| Details | File | 6 | c:\windows\system32\drivers\ssdevfactory.sys |
|
| Details | File | 5 | c:\windows\system32\drivers\sshid.sys |
|
| Details | File | 4 | c:\windows\system32\driverstore\filerepository\steelseries-sonar-vad.inf |
|
| Details | File | 4 | steelseries-sonar-vad.sys |
|
| Details | File | 8 | c:\windows\system32\drivers\tapnordvpn.sys |
|
| Details | File | 4 | c:\windows\system32\drivers\ucpd.sys |
|
| Details | File | 70 | c:\windows\system32\drivers\wd\wdboot.sys |
|
| Details | File | 70 | c:\windows\system32\drivers\wd\wdfilter.sys |
|
| Details | File | 70 | c:\windows\system32\drivers\wd\wdnisdrv.sys |
|
| Details | File | 9 | c:\windows\system32\drivers\wireguard.sys |
|
| Details | File | 5 | c:\windows\xhunter1.sys |
|
| Details | File | 1 | c:\frst 2023-11-04 07:57 - 2023-11-04 07:57 - 000000000 ____d c:\users\george\appdata\locallow\igdump 2023-11-04 07:52 - 2023-11-04 07:56 - 000000058 _____ c:\windows\ntbtlog.txt |
|
| Details | File | 1 | c:\users\george\appdata\roaming\nvidia 2023-11-02 19:01 - 2023-11-04 08:28 - 000000000 ____d c:\users\george\appdata\local\d3dscache 2023-11-02 19:00 - 2023-11-04 07:56 - 000000000 ____d c:\programdata\nvidia 2023-11-02 19:00 - 2023-11-03 07:54 - 000000000 ____d c:\programdata\nvidia corporation 2023-11-02 19:00 - 2023-11-02 19:00 - 000000000 ____d c:\windows\system32\drivers\nvidia corporation 2023-11-02 19:00 - 2023-11-02 19:00 - 000000000 ____d c:\windows\lastgood.tmp |
|
| Details | File | 1 | c:\program files\nvidia corporation 2023-11-02 18:50 - 2023-10-30 03:29 - 000850528 _____ c:\windows\system32\vulkaninfo-1-999-0-0-0.exe |
|
| Details | File | 19 | c:\windows\system32\vulkaninfo.exe |
|
| Details | File | 19 | c:\windows\syswow64\vulkaninfo-1-999-0-0-0.exe |
|
| Details | File | 19 | c:\windows\syswow64\vulkaninfo.exe |
|
| Details | File | 22 | c:\windows\system32\opencl.dll |
|
| Details | File | 19 | c:\windows\system32\vulkan-1-999-0-0-0.dll |
|
| Details | File | 18 | c:\windows\system32\vulkan-1.dll |
|
| Details | File | 19 | c:\windows\syswow64\vulkan-1-999-0-0-0.dll |
|
| Details | File | 19 | c:\windows\syswow64\vulkan-1.dll |
|
| Details | File | 22 | c:\windows\syswow64\opencl.dll |
|
| Details | File | 17 | c:\windows\system32\nvofapi64.dll |
|
| Details | File | 17 | c:\windows\syswow64\nvofapi.dll |
|
| Details | File | 17 | c:\windows\system32\nvifr64.dll |
|
| Details | File | 17 | c:\windows\syswow64\nvifr.dll |
|
| Details | File | 17 | c:\windows\system32\nvml.dll |
|
| Details | File | 17 | c:\windows\system32\nvidia-smi.exe |
|
| Details | File | 17 | c:\windows\system32\nvfbc64.dll |
|
| Details | File | 17 | c:\windows\syswow64\nvfbc.dll |
|
| Details | File | 17 | c:\windows\system32\nvencodeapi64.dll |
|
| Details | File | 17 | c:\windows\syswow64\nvencodeapi.dll |
|
| Details | File | 17 | c:\windows\syswow64\nvcuvid.dll |
|
| Details | File | 17 | c:\windows\system32\nvcuvid.dll |
|
| Details | File | 17 | c:\windows\syswow64\nvcuda.dll |
|
| Details | File | 13 | c:\windows\system32\nvcudadebugger.dll |
|
| Details | File | 17 | c:\windows\system32\nvcuda.dll |
|
| Details | File | 17 | c:\windows\system32\nvdebugdump.exe |
|
| Details | File | 17 | c:\windows\system32\nvcpl.dll |
|
| Details | File | 17 | c:\windows\system32\mcu.exe |
|
| Details | File | 16 | c:\windows\system32\nvapi64.dll |
|
| Details | File | 17 | c:\windows\syswow64\nvapi.dll |
|
| Details | File | 7 | v2.bin |
|
| Details | File | 1 | c:\windows\system32\tasks\ccleanercrashreporting 2023-11-02 10:32 - 2023-11-02 10:32 - 000003480 _____ c:\windows\system32\tasks\microsoftedgeupdatetaskmachineua 2023-11-02 10:32 - 2023-11-02 10:32 - 000003384 _____ c:\windows\system32\tasks\microsoftedgeupdatetaskmachinecore1da0d3544aa5f2 2023-11-02 02:32 - 2023-11-02 02:33 - 000000000 ____d c:\windows\system32\config\bbimigrate 2023-11-02 02:31 - 2023-11-02 02:32 - 000000000 ____d c:\windows\serviceprofiles 2023-11-02 02:31 - 2023-11-02 02:31 - 000008192 _____ c:\windows\system32\config\userdiff 2023-11-01 22:38 - 2023-11-04 08:01 - 000805456 _____ c:\windows\system32\perfstringbackup.ini |
|
| Details | File | 1 | c:\programdata\microsoft onedrive 2023-11-01 22:36 - 2023-11-04 08:02 - 000004210 _____ c:\windows\system32\tasks\ccleaner update 2023-11-01 22:36 - 2023-11-04 07:56 - 000000006 ____h c:\windows\tasks\sa.dat |
|
| Details | File | 3 | c:\windows\diagwrn.xml |
|
| Details | File | 9 | c:\windows\diagerr.xml |
|
| Details | File | 1 | c:\users\george\ntuser.ini |
|
| Details | File | 1 | c:\windows\system32\tasks\mozilla 2023-11-01 22:36 - 2023-11-01 22:36 - 000000000 ____d c:\windows\system32\tasks\event viewer tasks 2023-11-01 22:35 - 2023-11-01 22:35 - 000000000 ____d c:\users\george\appdata\roaming\microsoft\systemcertificates 2023-11-01 22:35 - 2023-11-01 22:35 - 000000000 ____d c:\users\george\appdata\roaming\microsoft\network 2023-11-01 22:35 - 2023-11-01 22:35 - 000000000 ____d c:\users\george\appdata\roaming\microsoft\crypto 2023-11-01 22:35 - 2023-11-01 22:35 - 000000000 ____d c:\users\default\appdata\roaming\microsoft\network 2023-11-01 22:34 - 2023-11-01 22:38 - 000000000 ____d c:\users\george\appdata\roaming\microsoft\windows 2023-11-01 22:34 - 2023-11-01 22:36 - 000000000 ____d c:\users\george\appdata\roaming\microsoft\spelling 2023-11-01 22:34 - 2023-11-01 22:36 - 000000000 ____d c:\users\george 2023-11-01 22:33 - 2023-11-03 13:45 - 000000000 ____d c:\windows\system32\sleepstudy 2023-11-01 22:33 - 2023-11-03 08:33 - 000295408 _____ c:\windows\system32\fntcache.dat |
|
| Details | File | 1 | c:\program files\ccleaner 2023-10-30 04:10 - 2023-11-02 02:33 - 000000000 ____d c:\programdata\microsoft\windows\start menu\programs\ccleaner 2023-10-30 04:10 - 2023-11-01 23:02 - 000039636 _____ c:\users\george\desktop\cc_20231030_041025.reg |
|
| Details | File | 1 | c:\programdata\hitmanpro 2023-10-27 06:21 - 2023-10-27 06:21 - 000000000 ____d c:\program files\hitmanpro 2023-10-27 06:20 - 2023-11-03 05:36 - 000001954 _____ c:\users\george\desktop\rkill.txt |
|
| Details | File | 1 | c:\windows\system32\spacebridge.dll |
|
| Details | File | 1 | c:\windows\syswow64\spacebridge.dll |
|
| Details | File | 3 | c:\windows\system32\waasmedicagent.exe |
|
| Details | File | 38 | c:\dumpstack.log |
|
| Details | File | 1 | c:\users\george\appdata\roaming\qbittorrent 2023-11-03 08:26 - 2022-09-12 03:46 - 000805456 _____ c:\windows\syswow64\perfstringbackup.ini |
|
| Details | File | 59 | c:\windows\system32\mrt.exe |
|
| Details | File | 86 | frst.txt |
|
| Details | File | 2 | microsoft.mpeg |
|
| Details | File | 18 | c:\program files\windowsapps\microsoft.mpeg |
|
| Details | File | 2 | handbrake.exe |
|
| Details | File | 19 | c:\program files\7-zip\7-zip.dll |
|
| Details | File | 35 | c:\program files\malwarebytes\anti-malware\mbshlext.dll |
|
| Details | File | 29 | nvshext.dll |
|
| Details | File | 2 | c:\program files\evga\precision x1\scanner.dll |
|
| Details | File | 6 | c:\windows\system32\ncs2setp.dll |
|
| Details | File | 12 | c:\program files\qbittorrent\qbittorrent.exe |
|
| Details | File | 1 | wtools.exe |
|
| Details | File | 82 | kernelbase.dll |
|
| Details | File | 20 | c:\windows\system32\kernelbase.dll |
|
| Details | File | 57 | system.dll |
|
| Details | File | 3 | nordvpn-service.exe |
|
| Details | File | 8 | ccleaner64.exe |
|
| Details | File | 18 | 3.zip |
|
| Details | File | 3 | iqvw64e.sys |
|
| Details | File | 4 | mdeserver.exe |
|
| Details | File | 1 | vsfilter.dll |
|
| Details | File | 91 | addition.txt |
|
| Details | Github username | 1 | gorhill |
|
| Details | sha1 | 2 | 14891d508d4bd0826a5f705dd55ebd8b76475b3d |
|
| Details | sha1 | 2 | a5a8069731a4d4c3b9754f06127adc3bbcea8eba |
|
| Details | sha1 | 2 | ce1a0607aec648a6928515bf92f30758d9b4a432 |
|
| Details | sha1 | 2 | 01939a641a1c41d0b8e959918d169d55be024e9e |
|
| Details | IPv4 | 198 | 1.1.1.1 |
|
| Details | IPv4 | 59 | 1.0.0.1 |
|
| Details | IPv4 | 3 | 192.168.40.1 |
|
| Details | IPv4 | 4 | 103.86.99.99 |
|
| Details | IPv4 | 4 | 103.86.96.96 |
|
| Details | IPv4 | 1 | 7.14.9.0 |
|
| Details | IPv4 | 109 | 1.0.0.0 |
|
| Details | IPv4 | 10 | 1.0.3.0 |
|
| Details | IPv4 | 4 | 1.3.7.0 |
|
| Details | IPv4 | 3 | 10.1.1.38 |
|
| Details | IPv4 | 3 | 21.1.29.0 |
|
| Details | IPv4 | 1 | 4.74.0.0 |
|
| Details | IPv4 | 1 | 1.4.0.132 |
|
| Details | IPv4 | 2 | 18.33.5.1 |
|
| Details | IPv4 | 2 | 15.18.0.1 |
|
| Details | IPv4 | 2 | 19.20.3.4 |
|
| Details | IPv4 | 2 | 1.0.2.4 |
|
| Details | IPv4 | 2 | 1.1.0.34 |
|
| Details | Url | 1 | https://raw.githubusercontent.com/gorhill/ublock/master/dist/firefox/updates.json |
|
| Details | Url | 2 | https://go.microsoft.com/fwlink/?linkid=37020&name=trojan:win32 |
|
| Details | Windows Registry Key | 68 | HKLM\...\Run |
|
| Details | Windows Registry Key | 4 | HKLM\...\Policies\Explorer |
|
| Details | Windows Registry Key | 19 | HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate |
|
| Details | Windows Registry Key | 8 | HKLM\Software\Policies\...\system |
|
| Details | Windows Registry Key | 2 | HKU\S-1-5-21-1797612658-979842438-1703979276-1000\...\Run |
|
| Details | Windows Registry Key | 2 | HKU\S-1-5-21-1797612658-979842438-1703979276-1000\...\Policies\Explorer |
|
| Details | Windows Registry Key | 14 | HKLM\SOFTWARE\Policies\Microsoft\Edge |
|
| Details | Windows Registry Key | 18 | HKLM\...\7-Zip |
|
| Details | Windows Registry Key | 16 | HKLM\...\CCleaner |
|
| Details | Windows Registry Key | 77 | HKLM-x32 |
|
| Details | Windows Registry Key | 4 | HKLM\...\EVGA |
|
| Details | Windows Registry Key | 9 | HKLM\...\PROSetDX |
|
| Details | Windows Registry Key | 6 | HKLM\...\IrfanView64 |
|
| Details | Windows Registry Key | 10 | HKLM-x32\...\KLiteCodecPack_is1 |
|
| Details | Windows Registry Key | 41 | HKLM\...\Mozilla |
|
| Details | Windows Registry Key | 41 | HKLM\...\MozillaMaintenanceService |
|
| Details | Windows Registry Key | 13 | HKLM-x32\...\qBittorrent |
|
| Details | Windows Registry Key | 6 | HKLM\...\SteelSeries |
|
| Details | Windows Registry Key | 2 | HKLM\...\14891D508D4BD0826A5F705DD55EBD8B76475B3D |
|
| Details | Windows Registry Key | 2 | HKLM\...\A5A8069731A4D4C3B9754F06127ADC3BBCEA8EBA |
|
| Details | Windows Registry Key | 2 | HKLM\...\CE1A0607AEC648A6928515BF92F30758D9B4A432 |
|
| Details | Windows Registry Key | 2 | HKLM\...\01939A641A1C41D0B8E959918D169D55BE024E9E |
|
| Details | Windows Registry Key | 2 | HKU\S-1-5-21-1797612658-979842438-1703979276-1000_Classes\CLSID |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss |
|
| Details | Windows Registry Key | 2 | HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService |
|
| Details | Windows Registry Key | 14 | HKLM\Software\Wow6432Node\Microsoft\Internet |
|
| Details | Windows Registry Key | 2 | HKU\S-1-5-21-1797612658-979842438-1703979276-1000\Control |
|
| Details | Windows Registry Key | 98 | HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System |
|
| Details | Windows Registry Key | 15 | HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost |
|
| Details | Windows Registry Key | 29 | HKLM\...\StartupApproved\Run |
|
| Details | Windows Registry Key | 30 | HKLM\...\StartupApproved\Run32 |
|
| Details | Windows Registry Key | 2 | HKU\S-1-5-21-1797612658-979842438-1703979276-1000\...\StartupApproved\Run |