Jump to content

Recommended Posts

  • Staff

What is ePedia?

The Malwarebytes research team has determined that ePedia is a potentially unwanted program that behaves like adware. These adware applications display advertisements not originating from the sites you are browsing.

How do I know if my computer is affected by ePedia?

This is the main windows of the application:

main.png

You may have noticed these warnings during install:

warning0.png

warning1.png

warning2.png

and see this entry in your list of installed Programs:

warning4.png

How did ePedia get on my computer?

Potentially unwanted programs use different methods for distributing themselves. This particular one was downloaded from their website:

website.png

How do I remove ePedia?

Our program Malwarebytes can detect and remove this adware program.

  • Please download Malwarebytes for Windows to your desktop.
  • Double-click MBSetup.exe and follow the prompts to install the program.
  • When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen.
  • Click on the Get started button.
  • Click Scan to start a Threat Scan.
  • When the scan is finished click Quarantine to remove the found threats.
  • Reboot the system if prompted to complete the removal process.

Is there anything else I need to do to get rid of ePedia?

  • No, Malwarebytes removes ePedia completely.

How would the full version of Malwarebytes help protect me?

We hope our application and this guide have helped you eradicate this adware.

As you can see below Malwarebytes Browser Guard, as well as the full version of Malwarebytes would have protected you against the ePedia PUP. It would have blocked the installer before it became too late.


 

protection1.png

 

protection2.png

 

Technical details for experts

Possible signs in FRST logs:

 

(ePedia -> ePedia) [File not signed] C:\Users\{username}\AppData\Roaming\ePedia\ePedia.exe <5>
HKLM-x32\...\Run: [ePedia] => C:\Users\{username}\AppData\Roaming\ePedia\ePedia.exe [5321576 2021-04-22] (ePedia -> ePedia) [File not signed]
C:\Users\{username}\AppData\Local\ePedia
C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ePedia
C:\Users\{username}\AppData\Roaming\ePedia
(ePedia) C:\Users\{username}\Desktop\ePedia.17.2104.1ac.exe

ePedia - ePedia for Desktop (HKLM-x32\...\ePedia) (Version: 17.2104.1ac - ePedia)

Significant changes made by the installer:

File system details [View: All details] (Selection)
---------------------------------------------------
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data
       Adds the file BrowserMetrics-spare.pma"="4/23/2021 10:28 AM, 4194304 bytes, A
       Adds the file CrashpadMetrics-active.pma"="4/23/2021 10:26 AM, 1048576 bytes, A
       Adds the file First Run"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file Local State"="4/23/2021 10:27 AM, 3428 bytes, A
       Adds the file lockfile"="4/23/2021 10:26 AM, 0 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\BrowserMetrics
       Adds the file BrowserMetrics-608284B1-CE4.pma"="4/23/2021 10:26 AM, 4194304 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Crashpad
       Adds the file metadata"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file settings.dat"="4/23/2021 10:26 AM, 40 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Crashpad\reports
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file Cookies"="4/23/2021 10:27 AM, 32768 bytes, A
       Adds the file Cookies-journal"="4/23/2021 10:27 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file Favicons"="4/23/2021 10:26 AM, 20480 bytes, A
       Adds the file Favicons-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file Google Profile.ico"="4/23/2021 10:26 AM, 151668 bytes, A
       Adds the file History"="4/23/2021 10:26 AM, 118784 bytes, A
       Adds the file History-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file Login Data"="4/23/2021 10:26 AM, 18432 bytes, A
       Adds the file Login Data-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000002"="4/23/2021 10:26 AM, 50 bytes, A
       Adds the file Network Action Predictor"="4/23/2021 10:26 AM, 36864 bytes, A
       Adds the file Network Action Predictor-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file Network Persistent State"="4/23/2021 10:27 AM, 700 bytes, A
       Adds the file page_load_capping_opt_out.db"="4/23/2021 10:26 AM, 16384 bytes, A
       Adds the file page_load_capping_opt_out.db-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file Preferences"="4/23/2021 10:27 AM, 2439 bytes, A
       Adds the file previews_opt_out.db"="4/23/2021 10:26 AM, 16384 bytes, A
       Adds the file previews_opt_out.db-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file QuotaManager"="4/23/2021 10:26 AM, 53248 bytes, A
       Adds the file QuotaManager-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file README"="4/23/2021 10:26 AM, 162 bytes, A
       Adds the file Secure Preferences"="4/23/2021 10:26 AM, 4721 bytes, A
       Adds the file Top Sites"="4/23/2021 10:26 AM, 20480 bytes, A
       Adds the file Top Sites-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file TransportSecurity"="4/23/2021 10:27 AM, 2225 bytes, A
       Adds the file Visited Links"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file Web Data"="4/23/2021 10:26 AM, 65536 bytes, A
       Adds the file Web Data-journal"="4/23/2021 10:26 AM, 0 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Cache
       Adds the file data_0"="4/23/2021 10:26 AM, 45056 bytes, A
       Adds the file data_1"="4/23/2021 10:26 AM, 270336 bytes, A
       Adds the file data_2"="4/23/2021 10:26 AM, 1056768 bytes, A
       Adds the file data_3"="4/23/2021 10:26 AM, 4202496 bytes, A
       Adds the file f_000001"="4/23/2021 10:26 AM, 59432 bytes, A
       Adds the file f_000017"="4/23/2021 10:27 AM, 19658 bytes, A
       Adds the file index"="4/23/2021 10:26 AM, 262512 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\data_reduction_proxy_leveldb
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000002"="4/23/2021 10:26 AM, 50 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\databases
       Adds the file Databases.db"="4/23/2021 10:26 AM, 28672 bytes, A
       Adds the file Databases.db-journal"="4/23/2021 10:26 AM, 0 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\databases\chrome-extension_kgcdghlhmaciddfdhlacdgnonmchoeen_0
       Adds the file 1"="4/23/2021 10:26 AM, 16384 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Extension Rules
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Extension State
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\File System\000\t
       Adds the file .usage"="4/23/2021 10:26 AM, 24 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\File System\000\t\Paths
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\File System\001\t
       Adds the file .usage"="4/23/2021 10:26 AM, 24 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\File System\001\t\Paths
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\File System\Origins
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\GPUCache
       Adds the file data_0"="4/23/2021 10:26 AM, 8192 bytes, A
       Adds the file data_1"="4/23/2021 10:26 AM, 270336 bytes, A
       Adds the file data_2"="4/23/2021 10:26 AM, 8192 bytes, A
       Adds the file data_3"="4/23/2021 10:26 AM, 8192 bytes, A
       Adds the file index"="4/23/2021 10:26 AM, 262512 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Local Storage\leveldb
       Adds the file 000004.log"="4/23/2021 10:27 AM, 0 bytes, A
       Adds the file 000005.ldb"="4/23/2021 10:27 AM, 504591 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:27 AM, 176 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Session Storage
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Site Characteristics Database
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Sync Data\LevelDB
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Thumbnails
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Web Applications\_nwjs_kgcdghlhmaciddfdhlacdgnonmchoeen
       Adds the file ePedia.ico"="4/23/2021 10:26 AM, 189361 bytes, A
       Adds the file ePedia.ico.md5"="4/23/2021 10:26 AM, 16 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\ShaderCache\GPUCache
       Adds the file data_0"="4/23/2021 10:26 AM, 8192 bytes, A
       Adds the file data_1"="4/23/2021 10:26 AM, 270336 bytes, A
       Adds the file data_2"="4/23/2021 10:26 AM, 8192 bytes, A
       Adds the file data_3"="4/23/2021 10:26 AM, 8192 bytes, A
       Adds the file index"="4/23/2021 10:26 AM, 262512 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Stability
       Adds the file 3300-1619166383844550.pma"="4/23/2021 10:26 AM, 1048576 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\ePedia
       Adds the file d3dcompiler_47.dll"="4/22/2021 9:08 PM, 3710728 bytes, A
       Adds the file ePedia.exe"="4/22/2021 9:08 PM, 5321576 bytes, A
       Adds the file ffmpeg.dll"="4/22/2021 9:08 PM, 1488136 bytes, A
       Adds the file icudtl.dat"="2/22/2021 9:30 AM, 10245952 bytes, A
       Adds the file libEGL.dll"="4/22/2021 9:09 PM, 96520 bytes, A
       Adds the file libGLESv2.dll"="4/22/2021 9:09 PM, 4434696 bytes, A
       Adds the file natives_blob.bin"="2/22/2021 9:30 AM, 92247 bytes, A
       Adds the file node.dll"="4/22/2021 9:09 PM, 12371720 bytes, A
       Adds the file notification_helper.exe"="4/22/2021 9:08 PM, 493320 bytes, A
       Adds the file nw.dll"="4/22/2021 9:09 PM, 94750472 bytes, A
       Adds the file nw_100_percent.pak"="2/22/2021 9:30 AM, 1021430 bytes, A
       Adds the file nw_200_percent.pak"="2/22/2021 9:30 AM, 1341563 bytes, A
       Adds the file nw_elf.dll"="4/22/2021 9:09 PM, 493832 bytes, A
       Adds the file resources.pak"="2/22/2021 9:30 AM, 5550400 bytes, A
       Adds the file snapshot_blob.bin"="2/22/2021 9:30 AM, 1283220 bytes, A
       Adds the file storage.json"="4/23/2021 10:25 AM, 78 bytes, A
       Adds the file Uninstall.exe"="4/23/2021 10:25 AM, 472519 bytes, A
       Adds the file v8_context_snapshot.bin"="2/22/2021 9:30 AM, 1607648 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\ePedia\locales
    Adds the folder C:\Users\{username}\AppData\Roaming\ePedia\swiftshader
       Adds the file libEGL.dll"="2/22/2021 9:30 AM, 122368 bytes, A
       Adds the file libGLESv2.dll"="2/22/2021 9:30 AM, 2256896 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ePedia
       Adds the file ePedia.lnk"="4/23/2021 10:25 AM, 1805 bytes, A
       Adds the file Uninstall.lnk"="4/23/2021 10:25 AM, 1828 bytes, A

Registry details [View: All details] (Selection)
------------------------------------------------
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
       "ePedia"="REG_SZ", "C:\Users\{username}\AppData\Roaming\ePedia\ePedia.exe --su"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ePedia]
       "DisplayIcon"="REG_SZ", ""C:\Users\{username}\AppData\Roaming\ePedia\Uninstall.exe""
       "DisplayName"="REG_SZ", "ePedia - ePedia for Desktop"
       "DisplayVersion"="REG_SZ", "17.2104.1ac"
       "EstimatedSize"="REG_DWORD", 179813
       "Publisher"="REG_SZ", "ePedia"
       "UninstallString"="REG_SZ", ""C:\Users\{username}\AppData\Roaming\ePedia\Uninstall.exe""
    [HKEY_CURRENT_USER\Software\AppDataLow\Software\ePedia]
       "uid"="REG_SZ", "33D082B8-24A7-4321-A765-CB6468763577"
    [HKEY_CURRENT_USER\Software\nwjs]
       "FirstNotDefault"="REG_QWORD, .../
       "metricsid"="REG_SZ", "c79a3995-1bff-45f9-acce-88f4c1930efa"
       "metricsid_enableddate"="REG_SZ", "1619166385"
       "metricsid_installdate"="REG_SZ", "1619166385"
    [HKEY_CURRENT_USER\Software\nwjs\BLBeacon]
       "failed_count"="REG_DWORD", 0
       "state"="REG_DWORD", 1
       "version"="REG_SZ", "71.0.3578.98"
    [HKEY_CURRENT_USER\Software\nwjs\PreferenceMACs\Default]
       "browser.show_home_button"="REG_SZ", "D4AE6B748030C65B37203BF504F4BAB6B7189D30A8068E933D27D272B9825121"
       "default_search_provider_data.template_url_data"="REG_SZ", "577902E48778C2084EA38A666D6F118AC7A10E564E6D2C614157FE4553B1CDF1"
       "google.services.account_id"="REG_SZ", "6FD09700B4A149D948B55F3C0AB72673D5C367B9E751454C6202DC1D3DFA6802"
       "google.services.last_account_id"="REG_SZ", "6AF24852E27EDB5DFA7E36D3AC87D5EBDB6B1A2ACB4AF4E651C22798B2394A67"
       "google.services.last_username"="REG_SZ", "BF235C9F83153EC2D71D60021ED0AA56728D62A5264E811DCEBFF589EA33BE81"
       "google.services.username"="REG_SZ", "A70B5C736433139A005D3E49D73AB8574672434936A4FA21F55757B0E4882F3C"
       "homepage"="REG_SZ", "6BEC350ECF8125372A826D71D2DB258A636A08AF0C652D9E774072EFB372A346"
       "homepage_is_newtabpage"="REG_SZ", "71E415DF84698054516E68295FA7E443543243920785F715BF71F2641FD03239"
       "media.storage_id_salt"="REG_SZ", "7CB55C624C43F9AF857E83B87E0E531816C28E8B247C5FBF4E6515960AD67692"
       "pinned_tabs"="REG_SZ", "988BA7AF49CBEED46002524FB1DC5972CCCEE6DF03B77A755B3E322D74E33697"
       "prefs.preference_reset_time"="REG_SZ", "3BB6D1CF1E2266580804D7B343EB3D436157898CC157308C74F704B5D85BFEB3"
       "safebrowsing.incidents_sent"="REG_SZ", "749D4F2A5067553DBA6E47E7C37A086D83F1623F54420951FD2646E8E8E27C80"
       "search_provider_overrides"="REG_SZ", "D868509C983E4D4868450576F8A3D3E7E05C68568CF8D7DF91589972AEF37E93"
       "session.restore_on_startup"="REG_SZ", "43A753CE09B9BF0DC9660872B81B90FD2A0D9B708609FE84D2B964F6828053EA"
       "session.startup_urls"="REG_SZ", "5622145A2429114A31AC87D39A6757FFC8802A76D4158BC08DC268C76568D401"
       "settings_reset_prompt.last_triggered_for_default_search"="REG_SZ", "1B7549747E6FD7C37E6D498A93AB6980CF3A2002D339CFD5D09C6997B37FA7E3"
       "settings_reset_prompt.last_triggered_for_homepage"="REG_SZ", "3937DC165E7432A408A1AEAC832766F0C8D5A7C7ADB070399FE60CB887003332"
       "settings_reset_prompt.last_triggered_for_startup_urls"="REG_SZ", "9CA5289F21296A288C9A358716171FDF673C04D4A30D443BB97A408B83B08135"
       "settings_reset_prompt.prompt_wave"="REG_SZ", "8E49A1A3D2AA3456F777518FDCC2BA30722E089ECFD7B7265C2EE8BB90D3EF15"
       "software_reporter.prompt_seed"="REG_SZ", "CC15095EDB89D7530910B1296F1D27AF2AC038D4F6B627A0668381488E697535"
       "software_reporter.prompt_version"="REG_SZ", "04FFA133961EA613587BC3C40EBACF2A6F42BCECBCEAE1CE4312993E3A3E752E"
    [HKEY_CURRENT_USER\Software\nwjs\PreferenceMACs\Default\extensions.settings]
       "kgcdghlhmaciddfdhlacdgnonmchoeen"="REG_SZ", "AA84C13FE969DBAF19DCD8191411D88E1A3009D9905AE436213BCB5E0CD5FFDB"
       "mhjfbmdgcfjbbpaeojofohoefgiehjai"="REG_SZ", "0587C0D0BA0469EB273ACFC3E2D5EE454FD81895FB407821E25EEE6AA3EB053A"
    [HKEY_CURRENT_USER\Software\nwjs\StabilityMetrics]
       "user_experience_metrics.stability.exited_cleanly"="REG_DWORD", 0

Malwarebytes log:

File system details [View: All details] (Selection)
---------------------------------------------------
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data
       Adds the file BrowserMetrics-spare.pma"="4/23/2021 10:28 AM, 4194304 bytes, A
       Adds the file CrashpadMetrics-active.pma"="4/23/2021 10:26 AM, 1048576 bytes, A
       Adds the file First Run"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file Local State"="4/23/2021 10:27 AM, 3428 bytes, A
       Adds the file lockfile"="4/23/2021 10:26 AM, 0 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\BrowserMetrics
       Adds the file BrowserMetrics-608284B1-CE4.pma"="4/23/2021 10:26 AM, 4194304 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Crashpad
       Adds the file metadata"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file settings.dat"="4/23/2021 10:26 AM, 40 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Crashpad\reports
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file Cookies"="4/23/2021 10:27 AM, 32768 bytes, A
       Adds the file Cookies-journal"="4/23/2021 10:27 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file Favicons"="4/23/2021 10:26 AM, 20480 bytes, A
       Adds the file Favicons-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file Google Profile.ico"="4/23/2021 10:26 AM, 151668 bytes, A
       Adds the file History"="4/23/2021 10:26 AM, 118784 bytes, A
       Adds the file History-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file Login Data"="4/23/2021 10:26 AM, 18432 bytes, A
       Adds the file Login Data-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000002"="4/23/2021 10:26 AM, 50 bytes, A
       Adds the file Network Action Predictor"="4/23/2021 10:26 AM, 36864 bytes, A
       Adds the file Network Action Predictor-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file Network Persistent State"="4/23/2021 10:27 AM, 700 bytes, A
       Adds the file page_load_capping_opt_out.db"="4/23/2021 10:26 AM, 16384 bytes, A
       Adds the file page_load_capping_opt_out.db-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file Preferences"="4/23/2021 10:27 AM, 2439 bytes, A
       Adds the file previews_opt_out.db"="4/23/2021 10:26 AM, 16384 bytes, A
       Adds the file previews_opt_out.db-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file QuotaManager"="4/23/2021 10:26 AM, 53248 bytes, A
       Adds the file QuotaManager-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file README"="4/23/2021 10:26 AM, 162 bytes, A
       Adds the file Secure Preferences"="4/23/2021 10:26 AM, 4721 bytes, A
       Adds the file Top Sites"="4/23/2021 10:26 AM, 20480 bytes, A
       Adds the file Top Sites-journal"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file TransportSecurity"="4/23/2021 10:27 AM, 2225 bytes, A
       Adds the file Visited Links"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file Web Data"="4/23/2021 10:26 AM, 65536 bytes, A
       Adds the file Web Data-journal"="4/23/2021 10:26 AM, 0 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Cache
       Adds the file data_0"="4/23/2021 10:26 AM, 45056 bytes, A
       Adds the file data_1"="4/23/2021 10:26 AM, 270336 bytes, A
       Adds the file data_2"="4/23/2021 10:26 AM, 1056768 bytes, A
       Adds the file data_3"="4/23/2021 10:26 AM, 4202496 bytes, A
       Adds the file f_000001"="4/23/2021 10:26 AM, 59432 bytes, A
       Adds the file f_000017"="4/23/2021 10:27 AM, 19658 bytes, A
       Adds the file index"="4/23/2021 10:26 AM, 262512 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\data_reduction_proxy_leveldb
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000002"="4/23/2021 10:26 AM, 50 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\databases
       Adds the file Databases.db"="4/23/2021 10:26 AM, 28672 bytes, A
       Adds the file Databases.db-journal"="4/23/2021 10:26 AM, 0 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\databases\chrome-extension_kgcdghlhmaciddfdhlacdgnonmchoeen_0
       Adds the file 1"="4/23/2021 10:26 AM, 16384 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Extension Rules
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Extension State
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\File System\000\t
       Adds the file .usage"="4/23/2021 10:26 AM, 24 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\File System\000\t\Paths
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\File System\001\t
       Adds the file .usage"="4/23/2021 10:26 AM, 24 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\File System\001\t\Paths
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\File System\Origins
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\GPUCache
       Adds the file data_0"="4/23/2021 10:26 AM, 8192 bytes, A
       Adds the file data_1"="4/23/2021 10:26 AM, 270336 bytes, A
       Adds the file data_2"="4/23/2021 10:26 AM, 8192 bytes, A
       Adds the file data_3"="4/23/2021 10:26 AM, 8192 bytes, A
       Adds the file index"="4/23/2021 10:26 AM, 262512 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Local Storage\leveldb
       Adds the file 000004.log"="4/23/2021 10:27 AM, 0 bytes, A
       Adds the file 000005.ldb"="4/23/2021 10:27 AM, 504591 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:27 AM, 176 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Session Storage
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Site Characteristics Database
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Sync Data\LevelDB
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Thumbnails
       Adds the file 000003.log"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file CURRENT"="4/23/2021 10:26 AM, 16 bytes, A
       Adds the file LOCK"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file LOG"="4/23/2021 10:26 AM, 0 bytes, A
       Adds the file MANIFEST-000001"="4/23/2021 10:26 AM, 41 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Default\Web Applications\_nwjs_kgcdghlhmaciddfdhlacdgnonmchoeen
       Adds the file ePedia.ico"="4/23/2021 10:26 AM, 189361 bytes, A
       Adds the file ePedia.ico.md5"="4/23/2021 10:26 AM, 16 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\ShaderCache\GPUCache
       Adds the file data_0"="4/23/2021 10:26 AM, 8192 bytes, A
       Adds the file data_1"="4/23/2021 10:26 AM, 270336 bytes, A
       Adds the file data_2"="4/23/2021 10:26 AM, 8192 bytes, A
       Adds the file data_3"="4/23/2021 10:26 AM, 8192 bytes, A
       Adds the file index"="4/23/2021 10:26 AM, 262512 bytes, A
    Adds the folder C:\Users\{username}\AppData\Local\ePedia\User Data\Stability
       Adds the file 3300-1619166383844550.pma"="4/23/2021 10:26 AM, 1048576 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\ePedia
       Adds the file d3dcompiler_47.dll"="4/22/2021 9:08 PM, 3710728 bytes, A
       Adds the file ePedia.exe"="4/22/2021 9:08 PM, 5321576 bytes, A
       Adds the file ffmpeg.dll"="4/22/2021 9:08 PM, 1488136 bytes, A
       Adds the file icudtl.dat"="2/22/2021 9:30 AM, 10245952 bytes, A
       Adds the file libEGL.dll"="4/22/2021 9:09 PM, 96520 bytes, A
       Adds the file libGLESv2.dll"="4/22/2021 9:09 PM, 4434696 bytes, A
       Adds the file natives_blob.bin"="2/22/2021 9:30 AM, 92247 bytes, A
       Adds the file node.dll"="4/22/2021 9:09 PM, 12371720 bytes, A
       Adds the file notification_helper.exe"="4/22/2021 9:08 PM, 493320 bytes, A
       Adds the file nw.dll"="4/22/2021 9:09 PM, 94750472 bytes, A
       Adds the file nw_100_percent.pak"="2/22/2021 9:30 AM, 1021430 bytes, A
       Adds the file nw_200_percent.pak"="2/22/2021 9:30 AM, 1341563 bytes, A
       Adds the file nw_elf.dll"="4/22/2021 9:09 PM, 493832 bytes, A
       Adds the file resources.pak"="2/22/2021 9:30 AM, 5550400 bytes, A
       Adds the file snapshot_blob.bin"="2/22/2021 9:30 AM, 1283220 bytes, A
       Adds the file storage.json"="4/23/2021 10:25 AM, 78 bytes, A
       Adds the file Uninstall.exe"="4/23/2021 10:25 AM, 472519 bytes, A
       Adds the file v8_context_snapshot.bin"="2/22/2021 9:30 AM, 1607648 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\ePedia\locales
    Adds the folder C:\Users\{username}\AppData\Roaming\ePedia\swiftshader
       Adds the file libEGL.dll"="2/22/2021 9:30 AM, 122368 bytes, A
       Adds the file libGLESv2.dll"="2/22/2021 9:30 AM, 2256896 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ePedia
       Adds the file ePedia.lnk"="4/23/2021 10:25 AM, 1805 bytes, A
       Adds the file Uninstall.lnk"="4/23/2021 10:25 AM, 1828 bytes, A

Registry details [View: All details] (Selection)
------------------------------------------------
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
       "ePedia"="REG_SZ", "C:\Users\{username}\AppData\Roaming\ePedia\ePedia.exe --su"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ePedia]
       "DisplayIcon"="REG_SZ", ""C:\Users\{username}\AppData\Roaming\ePedia\Uninstall.exe""
       "DisplayName"="REG_SZ", "ePedia - ePedia for Desktop"
       "DisplayVersion"="REG_SZ", "17.2104.1ac"
       "EstimatedSize"="REG_DWORD", 179813
       "Publisher"="REG_SZ", "ePedia"
       "UninstallString"="REG_SZ", ""C:\Users\{username}\AppData\Roaming\ePedia\Uninstall.exe""
    [HKEY_CURRENT_USER\Software\AppDataLow\Software\ePedia]
       "uid"="REG_SZ", "33D082B8-24A7-4321-A765-CB6468763577"
    [HKEY_CURRENT_USER\Software\nwjs]
       "FirstNotDefault"="REG_QWORD, .../
       "metricsid"="REG_SZ", "c79a3995-1bff-45f9-acce-88f4c1930efa"
       "metricsid_enableddate"="REG_SZ", "1619166385"
       "metricsid_installdate"="REG_SZ", "1619166385"
    [HKEY_CURRENT_USER\Software\nwjs\BLBeacon]
       "failed_count"="REG_DWORD", 0
       "state"="REG_DWORD", 1
       "version"="REG_SZ", "71.0.3578.98"
    [HKEY_CURRENT_USER\Software\nwjs\PreferenceMACs\Default]
       "browser.show_home_button"="REG_SZ", "D4AE6B748030C65B37203BF504F4BAB6B7189D30A8068E933D27D272B9825121"
       "default_search_provider_data.template_url_data"="REG_SZ", "577902E48778C2084EA38A666D6F118AC7A10E564E6D2C614157FE4553B1CDF1"
       "google.services.account_id"="REG_SZ", "6FD09700B4A149D948B55F3C0AB72673D5C367B9E751454C6202DC1D3DFA6802"
       "google.services.last_account_id"="REG_SZ", "6AF24852E27EDB5DFA7E36D3AC87D5EBDB6B1A2ACB4AF4E651C22798B2394A67"
       "google.services.last_username"="REG_SZ", "BF235C9F83153EC2D71D60021ED0AA56728D62A5264E811DCEBFF589EA33BE81"
       "google.services.username"="REG_SZ", "A70B5C736433139A005D3E49D73AB8574672434936A4FA21F55757B0E4882F3C"
       "homepage"="REG_SZ", "6BEC350ECF8125372A826D71D2DB258A636A08AF0C652D9E774072EFB372A346"
       "homepage_is_newtabpage"="REG_SZ", "71E415DF84698054516E68295FA7E443543243920785F715BF71F2641FD03239"
       "media.storage_id_salt"="REG_SZ", "7CB55C624C43F9AF857E83B87E0E531816C28E8B247C5FBF4E6515960AD67692"
       "pinned_tabs"="REG_SZ", "988BA7AF49CBEED46002524FB1DC5972CCCEE6DF03B77A755B3E322D74E33697"
       "prefs.preference_reset_time"="REG_SZ", "3BB6D1CF1E2266580804D7B343EB3D436157898CC157308C74F704B5D85BFEB3"
       "safebrowsing.incidents_sent"="REG_SZ", "749D4F2A5067553DBA6E47E7C37A086D83F1623F54420951FD2646E8E8E27C80"
       "search_provider_overrides"="REG_SZ", "D868509C983E4D4868450576F8A3D3E7E05C68568CF8D7DF91589972AEF37E93"
       "session.restore_on_startup"="REG_SZ", "43A753CE09B9BF0DC9660872B81B90FD2A0D9B708609FE84D2B964F6828053EA"
       "session.startup_urls"="REG_SZ", "5622145A2429114A31AC87D39A6757FFC8802A76D4158BC08DC268C76568D401"
       "settings_reset_prompt.last_triggered_for_default_search"="REG_SZ", "1B7549747E6FD7C37E6D498A93AB6980CF3A2002D339CFD5D09C6997B37FA7E3"
       "settings_reset_prompt.last_triggered_for_homepage"="REG_SZ", "3937DC165E7432A408A1AEAC832766F0C8D5A7C7ADB070399FE60CB887003332"
       "settings_reset_prompt.last_triggered_for_startup_urls"="REG_SZ", "9CA5289F21296A288C9A358716171FDF673C04D4A30D443BB97A408B83B08135"
       "settings_reset_prompt.prompt_wave"="REG_SZ", "8E49A1A3D2AA3456F777518FDCC2BA30722E089ECFD7B7265C2EE8BB90D3EF15"
       "software_reporter.prompt_seed"="REG_SZ", "CC15095EDB89D7530910B1296F1D27AF2AC038D4F6B627A0668381488E697535"
       "software_reporter.prompt_version"="REG_SZ", "04FFA133961EA613587BC3C40EBACF2A6F42BCECBCEAE1CE4312993E3A3E752E"
    [HKEY_CURRENT_USER\Software\nwjs\PreferenceMACs\Default\extensions.settings]
       "kgcdghlhmaciddfdhlacdgnonmchoeen"="REG_SZ", "AA84C13FE969DBAF19DCD8191411D88E1A3009D9905AE436213BCB5E0CD5FFDB"
       "mhjfbmdgcfjbbpaeojofohoefgiehjai"="REG_SZ", "0587C0D0BA0469EB273ACFC3E2D5EE454FD81895FB407821E25EEE6AA3EB053A"
    [HKEY_CURRENT_USER\Software\nwjs\StabilityMetrics]
       "user_experience_metrics.stability.exited_cleanly"="REG_DWORD", 0

As mentioned before the full version of Malwarebytes could have protected your computer against this threat.
We use different ways of protecting your computer(s):

  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention

Save yourself the hassle and get protected.

Link to post
Share on other sites
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.