Good day.
I started to run into problems where time to time i was not able to open any .exe files Windows asking what to use to open them. So i decided to scan computer with malwarebytes full scan found arround 1000 infections but scary thing is that those exe files are known to me and i know they should be save as Chrome, Nvidia drivers, VCD ect . malwarebytes are asking to remove those if i will do so it will couse system failure so i am asking you what should i do now.
I will attach screenshot of fast scan results and logfile results of full scan.
--------------------------------------------------------------------------------------------------------------------------
327664A8A00736664F2DC150F5A6D1DA1ED801142274045AC01F66E1A0630B1A
{
"applicationVersion" : "4.0.4.49",
"clientID" : "MbamUI",
"clientType" : "fullUIScan",
"componentsUpdatePackageVersion" : "1.0.764",
"cpu" : "x64",
"dbSDKUpdatePackageVersion" : "1.0.19544",
"detectionDateTime" : "2020-02-21T09:55:54Z",
"fileSystem" : "NTFS",
"id" : "59697f10-5490-11ea-8bc1-e0d55ee1d14f",
"isUserAdmin" : true,
"licenseState" : "trial",
"linkagePhaseComplete" : true,
"loggedOnUserName" : "DESKTOP-8Q3PUCE\\Balozi",
"machineID" : "",
"os" : "Windows 10 (Build 17763.864)",
"schemaVersion" : 12,
"sourceDetails" : {
"aggressiveMode" : false,
"clientMetadata" : {
"jobId" : "",
"scheduleId" : "",
"scheduleTag" : ""
},
"filesScannedByIG" : 11,
"objectsScanned" : 296841,
"scanEndTime" : "2020-02-21T09:57:02Z",
"scanOnlineStatus" : "online",
"scanOptions" : {
"pumHandling" : "detect",
"pupHandling" : "detect",
"scanArchives" : true,
"scanFileSystem" : true,
"scanMemoryObjects" : true,
"scanPUMs" : true,
"scanPUPs" : true,
"scanRookits" : false,
"scanStartupAndRegistry" : true,
"scanType" : "threat",
"useHeuristics" : true
},
"scanResult" : "completed",
"scanStartTime" : "2020-02-21T09:55:54Z",
"scanState" : "completed",
"shurikenEnabled" : true,
"type" : "scan"
},
"threats" : [
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
{
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
"regValueDeleteData" : {
"valueData" : "C:\\PenTabletDriver\\TabletDriver.exe -hide",
"valueType" : 1
}
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "671372f6-5490-11ea-94f3-e0d55ee1d14f",
"isPEFile" : false,
"linkType" : "linkedTrace",
"objectMD5" : "",
"objectPath" : "HKLM\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN|TabletDriver",
"objectSha256" : "",
"objectType" : "regValue",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : false,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : true,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
{
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "67917610-5490-11ea-8d2f-e0d55ee1d14f",
"isPEFile" : false,
"linkType" : "linkedTrace",
"objectMD5" : "18031B24AA313C6571A458D0296A2115",
"objectPath" : "C:\\DOCUMENTS AND SETTINGS\\PUBLIC\\Desktop\\PenTabletDriver.lnk",
"objectSha256" : "676AB4E90DDEF6058DEB9BD1E27575BD95987E993B0A27EB6A72078B1DD4A190",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
{
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "679ac530-5490-11ea-a89d-e0d55ee1d14f",
"isPEFile" : false,
"linkType" : "linkedTrace",
"objectMD5" : "18031B24AA313C6571A458D0296A2115",
"objectPath" : "C:\\USERS\\PUBLIC\\Desktop\\PenTabletDriver.lnk",
"objectSha256" : "676AB4E90DDEF6058DEB9BD1E27575BD95987E993B0A27EB6A72078B1DD4A190",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
}
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "62ec2eb6-5490-11ea-b878-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "EC58F44AAE12495DAFF9A9A84F3D1A85",
"objectPath" : "C:\\PENTABLETDRIVER\\TABLETDRIVER.EXE",
"objectSha256" : "11A03F022181C2D3FDA006717F1D67778E2689C872C92A323C181B3E938DAF34",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "679b6184-5490-11ea-b5e0-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "78D713FDE94CEE0D72D2071520797922",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\LEGACYPM\\EAPROXYINSTALLER.EXE",
"objectSha256" : "7EC42788A17097CAAEA13CA3C0B912DCA288BA41EB12F0558782A26FA42BBE6A",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "67de57b4-5490-11ea-b00e-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "9AF36D7936E662031FF5D765A97CDFF7",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\GETGAMETOKEN64.EXE",
"objectSha256" : "D1267278BEA7C11558E8B5708236FB0F17DAFA6830BC10B361E46E2BB9A0721C",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "680dbacc-5490-11ea-90f4-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "11A41F9C7501A8113296B729F0298212",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\VCREDIST_X86_VS2010.EXE",
"objectSha256" : "A0F26EF647F333A58C5BF8BCA2D675EDD4BC27A620B1D9E70ED55AE3D97A9E52",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "694ae1bc-5490-11ea-b618-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "4632FD924C4EDDC29AD753BF17FF63A1",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\LEGACYPM\\EACORESERVER.EXE",
"objectSha256" : "6EBD803924654942F4C2D75512B91ECB6A363D5CD149810A4671F644ECF3A87C",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "6979ce5a-5490-11ea-a108-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "3F3B7CE3537F5BC67E7592FA62F8D5AE",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\LEGACYPM\\MESSAGEDLG.EXE",
"objectSha256" : "0FAE704145441429290D986D3A0561FDB8A2E4982093706CF4997C9240E7B5F8",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "6982f67e-5490-11ea-8e03-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "E50210B15109D1A2676DC62367C4E10B",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\LEGACYPM\\ORIGINUNINSTALL.EXE",
"objectSha256" : "20E038B33F7F27F212EEB9631A20275CA023E53EF7E5795234813A8C238F2531",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "69919d32-5490-11ea-8999-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "BC4D0CBF3ABBE0844334712FCECAC6DE",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\EAPROXYINSTALLER.EXE",
"objectSha256" : "25779AB5F9B4B958F4E4440BE5578020EE9E44165E7E4677DCF2F510F87BB39E",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "69f0dcfc-5490-11ea-9ac2-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "B50C9BD729BB7C7B6727DB007A2DF3EE",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\ORIGINCLIENTSERVICE.EXE",
"objectSha256" : "A67190DEECBA483C2C3E1D071BEA86316B7A0B4BEC8CF9F85A384AFE2A107784",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "6a1a86ec-5490-11ea-afbe-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "BD1BD46DFF9EF928F3BF2B8F4B34E904",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\ORIGINWEBHELPERSERVICE.EXE",
"objectSha256" : "CFC025DE660D48F383E22B3E71A6F76B46438D21C4491568AE5B6EB4B5E8A876",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "6b756cd2-5490-11ea-bab9-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "ED61ACB7DE3B530E5D6EFAF420342013",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\IGOPROXY64.EXE",
"objectSha256" : "62BEFB97B551841B7F31F90093AD9640A4E84DFB3B2655BF670802CD660D21C3",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "6b9f21da-5490-11ea-8c9d-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "40E4D53649125E31FDF3435B78E02A21",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\VCREDIST_X64.EXE",
"objectSha256" : "3019D250D1BAD9D7A1A6DC0EDED3D972E9A985B06D8065DE92C5CFED7B9DB56F",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "6c8fb762-5490-11ea-89bb-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "DD589DED4D3A00ED59236E9DF7C919AC",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\LEGACYPM\\PATCHPROGRESS.EXE",
"objectSha256" : "E2BE60C2DE304683DD83844F9AAA959965621C3BE5C7B94639D7C2C73F373E26",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "6cc741c8-5490-11ea-b3c4-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "6AC7A68883DFFFEBC465EB3CC1AA43E6",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\GETGAMETOKEN32.EXE",
"objectSha256" : "BF4EB09AFCB10C6B0832F2BB3563C9759C0F7465241092684F265F3D0AE1C29E",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "6d1824ee-5490-11ea-af54-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "ECEEBBD3579E76A689A2B342E652DF38",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\ORIGINCRASHREPORTER.EXE",
"objectSha256" : "F0AA38C6413910D42F9872D5430C025BCF12685C2D48166257C50A6AD12766D2",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "6e0c137e-5490-11ea-b864-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "1050E33DA64DA797F9C435C0B3F6386A",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\VCREDIST_X86.EXE",
"objectSha256" : "994F6133ACC8EA4B2D39F229638C981ADCD8B872A9C6C1CF64157BEE37ABC3C9",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "6f45d0c2-5490-11ea-8b15-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "A951E17D2E582C4AB3A6353ACCEEF165",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\LEGACYPM\\ORIGINLEGACYCLI.EXE",
"objectSha256" : "97FC64AAB1D487624FD14C03AE9861001D221F0C34B7A7318A97290723FB549B",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "6fdb8e46-5490-11ea-87e7-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "76CDB44D17859ACA9A455E31235CC6F7",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\ORIGINUNINSTALL.EXE",
"objectSha256" : "6917A4AC86DB6E5FCE7729C10CEA0CBC211E18B639D63BD43E98CF2CF78B9435",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "6feb32e2-5490-11ea-8053-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "B29D4BE790ED16F3A312DEB410D9F14E",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\VCREDIST_X64_VS2010.EXE",
"objectSha256" : "B1EEBF6DA233E3941A74AFDD7F048D7CFD20E70F17D99F3BCBF614FF4847EAE5",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "71a53f74-5490-11ea-be1f-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "CBB69787DEFE665C7A3337DC0ADF7B6E",
"objectPath" : "C:\\USERS\\BALOZI\\APPDATA\\ROAMING\\TELEGRAM DESKTOP\\TUPDATES\\TEMP\\UPDATER.EXE",
"objectSha256" : "75431EE7B6486C07084D4A71A9D6A1B96AF1FD3F20F3B988B24D893455C71553",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "726969ee-5490-11ea-9064-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "F9EBD11A6209330CB4B99ADB6878782E",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\LEGACYPM\\LOGIN.EXE",
"objectSha256" : "24DB5FC9B9AD7EC8A05643F46ABFD7A3B16B7A3C7DACA7E9DE25FEFD4E4B9FBC",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "7361a898-5490-11ea-9eaf-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "BA1137E69A07F468E78AE830003FEFAF",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\IGOPROXY.EXE",
"objectSha256" : "8E9F96AC26FF2FECB2765640D609D8CB35E0FB3D095024CD9F605C3729FAE27F",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "74d4e51e-5490-11ea-ac48-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "A2DD7DCA76B1D446B81D8BD6FEF14ACF",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\ORIGIN.EXE",
"objectSha256" : "841B1A4CC74290768E1B15985912B325345A14D698D3681B44370A5990A62F70",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "75499382-5490-11ea-9c63-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "A46A87EBE8C1218D6E0CEB44B46B6E05",
"objectPath" : "C:\\PROGRAMDATA\\ORIGIN\\SELFUPDATE\\STAGED\\UPDATETOOL.EXE",
"objectSha256" : "D6E335C1DEC10EED65D2D71C580C7B4120B047BA38B43531BB261F5567F2D25E",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "00599558",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "Minecarft Checker [v1.0]\\Minecarft Checker [v1.0].exe",
"archiveMemberMD5" : "59325E5DBCEBF58DD88B67DDAAAFAFBE",
"cleanAction" : "ignore",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "77651006-5490-11ea-bab9-e0d55ee1d14f",
"isPEFile" : false,
"linkType" : "none",
"objectMD5" : "81ED5029A9CC8D9DDB91CC2CD8132E87",
"objectPath" : "C:\\USERS\\BALOZI\\DOWNLOADS\\MINECARFT CHECKER [V1.0].RAR",
"objectSha256" : "7DBDBB0D16B0847E34247D3BC8A7782FD08392CF0ABBB7F7DF9DA2C5E82E499F",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : true,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : true,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 0,
"ruleString" : "6FAB0386B9056B90D7C84E75",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "dds",
"srcEngineThreatNames" : [
"Malware.Generic.3620228725"
],
"threatID" : 1000000,
"threatName" : "Malware.Generic.3620228725"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "79f52748-5490-11ea-b784-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "A3C28C7BBF596006069E8B00784DE2BB",
"objectPath" : "C:\\USERS\\BALOZI\\DOWNLOADS\\MBSETUP.EXE",
"objectSha256" : "A97FCD0F6914BA027EF339B23EF119724DE97E245D593414ED0A5114F8E8C50C",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "00599558",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "ignore",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "7c1dec8a-5490-11ea-820a-e0d55ee1d14f",
"isPEFile" : false,
"linkType" : "none",
"objectMD5" : "11A71A261490F83B2E6EB5EB4BEF72AD",
"objectPath" : "C:\\USERS\\BALOZI\\APPDATA\\LOCAL\\TEMP\\3582-490\\22173-MTRUENET-TITANFALL 2 TRAINER.EXE",
"objectSha256" : "9512E5D7BE24EA57174FD5827BC447B21337B19260A08F036E97A55823AADB84",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : true,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : true,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 0,
"ruleString" : "95EAB56A176AEBB691D612B8",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "dds",
"srcEngineThreatNames" : [
"Malware.Generic.2446725816",
"Malware.Malformed.8"
],
"threatID" : 1000000,
"threatName" : "Malware.Generic.2446725816"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "7c7ed590-5490-11ea-bd38-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "11A71A261490F83B2E6EB5EB4BEF72AD",
"objectPath" : "C:\\USERS\\BALOZI\\APPDATA\\LOCAL\\TEMP\\3582-490\\22173-MTRUENET-TITANFALL 2 TRAINER.EXE",
"objectSha256" : "9512E5D7BE24EA57174FD5827BC447B21337B19260A08F036E97A55823AADB84",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 392687,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "MachineLearning\/Anomalous.97%"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "7d920e8e-5490-11ea-b2ad-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "9E1571CA8C3D74A8DCD321F0BC884497",
"objectPath" : "C:\\USERS\\BALOZI\\DOWNLOADS\\JAVASETUP8U241.EXE",
"objectSha256" : "7C6C9084FCF3998C1003BF7B051AC8F7A63665355CC7F6E9B1F1CDF74F624216",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
{
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "825c1752-5490-11ea-a578-e0d55ee1d14f",
"isPEFile" : false,
"linkType" : "linkedTrace",
"objectMD5" : "4A42018A15DD0B1D5CCFF3614744C172",
"objectPath" : "C:\\USERS\\BALOZI\\APPDATA\\ROAMING\\Microsoft\\Windows\\Start Menu\\Programs\\CoSMOS.lnk",
"objectSha256" : "78843D5065AD6F35E087ED43B5C8E99C8937A49E250A7256199F2D2FD041A54F",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
}
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "notStarted",
"cleanResultErrorCode" : 0,
"cleanTime" : "",
"generatedByPostCleanupAction" : false,
"id" : "82137362-5490-11ea-a907-e0d55ee1d14f",
"isPEFile" : true,
"linkType" : "none",
"objectMD5" : "28EE6FBE95EE0173E2B6FBD40206A2FB",
"objectPath" : "C:\\COSMOS\\COSMOS.EXE",
"objectSha256" : "4B4EA1832A642E89B45984979D710165DDCB7DD37F2284C4DA81986CB8CF14CF",
"objectType" : "file",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"treatAsRootkit" : false,
"useDDA" : false
}
},
"ruleID" : 645219,
"ruleString" : "",
"rulesVersion" : "1.0.19544",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 7470,
"threatName" : "Virus.Neshta"
}
],
"threatsDetected" : 28
}
--------------------------------------------------------------------------------------------------------------------------------------------
