"GoodSync2Go-v10.exe" (Access type: "CREATE" Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES") "GoodSync2Go-v10.exe" (Access type: "CREATE" Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED") "GoodSync2Go-v10.exe" (Access type: "CREATE" Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\CA\CTLS") "GoodSync2Go-v10.exe" (Access type: "CREATE" Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\CA\CRLS") "GoodSync2Go-v10.exe" (Access type: "CREATE" Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\CA\CERTIFICATES") "GoodSync2Go-v10.exe" (Access type: "CREATE" Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\CA") "GoodSync2Go-v10.exe" (Access type: "CREATE" Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\CA\CTLS") "GoodSync2Go-v10.exe" (Access type: "CREATE" Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\CA\CRLS") "GoodSync2Go-v10.exe" (Access type: "CREATE" Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\CA\CERTIFICATES") "GoodSync2Go-v10.exe" (Access type: "CREATE" Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICATES\CA") "GsExplorer.exe" has type "PE32 executable (GUI) Intel 80386 for MS Windows"įound potential IP address in binary/memory "gsync-v10.exe" has type "PE32 executable (console) Intel 80386 for MS Windows" "GoodSync2Go-v10.exe" has type "PE32 executable (GUI) Intel 80386 for MS Windows" "LogView.exe" has type "PE32 executable (GUI) Intel 80386 for MS Windows" "dbghelp.dll" has type "PE32 executable (DLL) (console) Intel 80386 for MS Windows" "System.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" "GoodSync-inst.exe" has type "PE32 executable (GUI) Intel 80386 for MS Windows" "diff.exe" has type "PE32 executable (console) Intel 80386 for MS Windows" "LangDLL.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" "gscp.exe" has type "PE32 executable (console) Intel 80386 for MS Windows" "clout.exe" has type "PE32 executable (GUI) Intel 80386 for MS Windows" "nsDialogs.dll" has type "PE32 executable (DLL) (GUI) Intel 80386 for MS Windows" Malicious artifacts seen in the context of a contacted hostįound malicious artifacts related to "67.208.88.198" (ASN:, Owner: ). "GoodSync2Go-v10.exe" wrote 4 bytes to a remote process "%PROGRAMFILES%\Internet Explorer\iexplore.exe" (Handle: 696)
"GoodSync2Go-v10.exe" wrote 52 bytes to a remote process "%PROGRAMFILES%\Internet Explorer\iexplore.exe" (Handle: 696) "GoodSync2Go-v10.exe" wrote 32 bytes to a remote process "%PROGRAMFILES%\Internet Explorer\iexplore.exe" (Handle: 696) "" wrote 4 bytes to a remote process "C:\GoodSync\GoodSync2Go-v10.exe" (Handle: 416) "" wrote 52 bytes to a remote process "C:\GoodSync\GoodSync2Go-v10.exe" (Handle: 416) "" wrote 32 bytes to a remote process "C:\GoodSync\GoodSync2Go-v10.exe" (Handle: 416) "" wrote 4 bytes to a remote process "C:\GoodSync\GoodSync2Go-v10.exe" (Handle: 8) "" wrote 52 bytes to a remote process "C:\GoodSync\GoodSync2Go-v10.exe" (Handle: 8)
"" wrote 32 bytes to a remote process "C:\GoodSync\GoodSync2Go-v10.exe" (Handle: 8) "" wrote 4 bytes to a remote process "C:\GoodSync\GoodSync-inst.exe" (Handle: 416)
"" wrote 52 bytes to a remote process "C:\GoodSync\GoodSync-inst.exe" (Handle: 416) "" wrote 32 bytes to a remote process "C:\GoodSync\GoodSync-inst.exe" (Handle: 416)
0 kommentar(er)
