Series of unfortunate events, looks like malware – Virus, Trojan, Spyware, and Malware Removal Help – BleepingComputer

Scan Outcomes of Farbar Restoration Scan System (FRST) (x86) Mannequin: 02-11-2021

Ran by Martin (advertministrator) on MARTIN-Laptop Pc (Dell Inc. OptiPlex 780) (02-11-2021 21:24:22)

Working from C:ClientsMartinAppKnowledgeNativeTempMicrosoftEdgeAcquiresb36f8270-7800-4adverte-b7e4-d36b1ee7fb19

Loadverted Professionalfiles: Martin

: House windows 7 Final Service Pack 1 (X86) Language: English (Usa)

Default browser: IE

Boot Mode: Professionaltected Mode (with Internetworking)

 

==================== Professionalcesses (Whitelisted) =================

 

(If an entry is included Inside the repairlist, The tactic Shall be closed. The file Will not be moved.)

 

(Look at Level Computer software Utilized sciences Ltd. -> Look at Level Computer software Utilized sciences Ltd.) C:Professionalgram InformationLook atLevelZoneAlarmvsmon.exe

(Microsoft Company -> Microsoft Company) C:Professionalgram InformationMicrosoft Safety ShopperMsMpEng.exe

(Microsoft Company -> Microsoft Company) C:Professionalgram InformationMicrosoftEdgeSoftwaremsedge.exe <30>

(Microsoft House windows -> Microsoft Company) C:House windowsSystem32dllhost.exe

(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:Professionalgram InformationSUPERAntiSpywareSASCore.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included Inside the repairlist, the registry merchandise Shall be restored to default or eliminated. The file Will not be moved.)

 

HKLM…Run: [MSC] => c:Professionalgram InformationMicrosoft Safety Shoppermsseces.exe [1002984 2016-11-14] (Microsoft Company -> Microsoft Company)

HKLM…Run: [ZoneAlarm] => C:Professionalgram InformationLook atLevelZoneAlarmzatray.exe [325856 2020-11-25] (Look at Level Computer software Utilized sciences Ltd. -> Look at Level Computer software Utilized sciences Ltd.)

HKLM…Run: [ZaAntiRansomware] => C:Professionalgram InformationLook atLevelFinishpoint SafetyTLaptop PcommonCipollaZAAR.exe [4231392 2021-04-19] (Look at Level Computer software Utilized sciences Ltd. -> Look at Level Computer software Utilized sciences Ltd.)

HKLM…Run: [Cobian Backup 11 interface] => C:Professionalgram InformationCobian Backup 11cbInterface.exe [4407808 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]

HKLM…Run: [Kernel and Hardware Abstraction Layer] => C:House windowsKHALMNPR.EXE [76304 2021-10-27] (Logitech -> Logitech, Inc.)

HKUS-1-5-21-1607088336-3642115660-196555633-1000…Run: [GUDelayStartup] => C:Professionalgram InformationGlary Utilities 5StartupSupervisor.exe [44416 2021-10-26] (Glarysoft LTD -> Glarysoft Ltd)

HKUS-1-5-21-1607088336-3642115660-196555633-1000…Run: [SUPERAntiSpyware] => C:Professionalgram InformationSUPERAntiSpywareSUPERAntiSpyware.exe [10079088 2021-08-19] (Assist.com Inc -> SUPERAntiSpyware)

HKUS-1-5-21-1607088336-3642115660-196555633-1000…Run: [CCleaner Smart Cleansing] => C:Professionalgram InformationCCleanerCCleaner.exe [29200512 2021-10-19] (Piriform Computer software Ltd -> Piriform Computer software Ltd)

HKUS-1-5-21-1607088336-3642115660-196555633-1000…Run: [Skype for Deskprime] => C:Professionalgram InformationMicrosoftSkype for DeskprimeSkype.exe [114000232 2021-10-11] (Skype Computer software Sarl -> Skype Utilized sciences S.A.)

HKUS-1-5-21-1607088336-3642115660-196555633-1000…Insurance coverage policiesExplorer: [NoInternetOpenWith] 1

HKUS-1-5-21-1607088336-3642115660-196555633-1000…Insurance coverage policiesExplorer: [NoInstrumentation] 1

HKUS-1-5-21-1607088336-3642115660-196555633-1000…MountLevels2: {f146d329-aebb-11eb-8693-f04da231a42d} – E:LaunchU3.exe -a

HKUS-1-5-21-1607088336-3642115660-196555633-1000Administration PanelDeskprime\SCRNSAVE.EXE -> C:House windowssystem32Mystify.scr [221184 2010-11-20] (Microsoft House windows -> Microsoft Company)

HKUS-1-5-21-1607088336-3642115660-196555633-1004…MountLevels2: {f146d329-aebb-11eb-8693…….

Source: https://www.bleepingcomputer.com/forums/t/760867/series-of-unfortunate-events-looks-like-malware/

Posted on

Leave a Reply

Your email address will not be published. Required fields are marked *