Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/7/21
Scan Time: 4:53 PM
Log File: 7be6177e-3fda-11ec-a79e-5c260a6f79c2.json

-Software Information-
Version: 4.4.10.144
Components Version: 1.0.1499
Update Package Version: 1.0.46924
License: Trial

-System Information-
OS: Windows 10 (Build 19043.1288)
CPU: x64
File System: NTFS
User: WIN10-PC\WIN10

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 422596
Threats Detected: 25
Threats Quarantined: 0
Time Elapsed: 20 min, 20 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 1
HackTool.KMSpico, C:\PROGRAM FILES\KMSPICO\SERVICE_KMS.EXE, No Action By User, 7008, 921564, , , , , 8D0C31D282CC9194791EA850041C6C45, 2B533757086499E224D5717F94A0F4C33E705398A7610219D82B9D3BC8763378

Module: 1
HackTool.KMSpico, C:\PROGRAM FILES\KMSPICO\SERVICE_KMS.EXE, No Action By User, 7008, 921564, , , , , 8D0C31D282CC9194791EA850041C6C45, 2B533757086499E224D5717F94A0F4C33E705398A7610219D82B9D3BC8763378

Registry Key: 6
HackTool.KMSpico, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Service KMSELDI, No Action By User, 7008, 921564, 1.0.46924, , ame, , , 
HackTool.KMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AutoPico Daily Restart, No Action By User, 1347, 769804, , , , , , 
HackTool.KMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{976ACAD6-9FB3-48E0-9EFB-4987EAA3BA70}, No Action By User, 1347, 769804, , , , , , 
HackTool.KMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{976ACAD6-9FB3-48E0-9EFB-4987EAA3BA70}, No Action By User, 1347, 769804, , , , , , 
MachineLearning/Anomalous.96%, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MOVIEMAKER.EXE, No Action By User, 0, 392687, , , , , , 
MachineLearning/Anomalous.96%, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MOVIEMAKER.EXE, No Action By User, 0, 392687, , , , , , 

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 2
HackTool.KMSpico, C:\PROGRAM FILES\KMSPICO, No Action By User, 7008, 921550, 1.0.46924, , ame, , , 
HackTool.KMSpico, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\KMSPICO, No Action By User, 7008, 921555, 1.0.46924, , ame, , , 

File: 15
PUP.Optional.ASK, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS\ASKSEARCH.JS, No Action By User, 276, 182871, 1.0.46924, , ame, , F7ABFDDD9FD82045F672A9F890AA6968, 6CEC76898238C4E7492AD0B6C80A45FEB7D7F5595E05B44046C8C811FCAD6138
HackTool.KMSpico, C:\PROGRAM FILES\KMSPICO\SERVICE_KMS.EXE, No Action By User, 7008, 921564, , , , , 8D0C31D282CC9194791EA850041C6C45, 2B533757086499E224D5717F94A0F4C33E705398A7610219D82B9D3BC8763378
HackTool.KMSpico, C:\PROGRAM FILES\KMSPICO\SERVICE_KMS.EXE, No Action By User, 7008, 921550, 1.0.46924, , ame, , 8D0C31D282CC9194791EA850041C6C45, 2B533757086499E224D5717F94A0F4C33E705398A7610219D82B9D3BC8763378
HackTool.KMS, C:\WINDOWS\SYSTEM32\TASKS\AutoPico Daily Restart, No Action By User, 1347, 769804, , , , , 1C8F27951FCDF4055F91154CA26E3197, 4CE202BB96E2DB51BEEA4DE328C6A5DD253137B37A268E6E49348C851F45C16E
HackTool.KMS, C:\PROGRAM FILES\KMSPICO\AUTOPICO.EXE, No Action By User, 1347, 769804, 1.0.46924, , ame, , CFE1C391464C446099A5EB33276F6D57, 4A714D98CE40F5F3577C306A66CB4A6B1FF3FD01047C7F4581F8558F0BCDF5FA
Generic.Malware/Suspicious, C:\PROGRAMDATA\ENATIV\SNT.EXE, No Action By User, 0, 392686, 1.0.46924, , shuriken, , B6501BABA5F0D3981BB1A017FE741BBD, 8A07EF757D75D88BC073D5868C4FED9986D5C30278D1476D4797A8B909186859
RiskWare.KMS, C:\USERS\WIN10\APPDATA\ROAMING\KMSPICO-SETUP.EXE, No Action By User, 905, 835829, 1.0.46924, E8EB30E324C9F784B397287A, dds, 01499884, A02164371A50C5FF9FA2870EF6E8CFA3, 64C731ADBE1B96CB5765203B1E215093DCF268D020B299445884A4AE62ED2D3A
HackTool.FilePatch, C:\USERS\WIN10\הורדות\IDM_639B2_AUTO.EXE, No Action By User, 7436, 281135, 1.0.46924, 64AD863563E740ACFDE0725F, dds, 01499884, C715A506A49AA1A8E0474E89EA11AB92, E3077B636FBFE7595E700CA403915C678CA6E5A8D56EEACD249BA3782FB895BE
Malware.AI.4269776871, C:\USERS\WIN10\DROPBOX\MY PC (WIN10-PC)\DESKTOP\תוכנות וכלים שימושיים\KEYGEN.ZIP, No Action By User, 1000000, 0, 1.0.46924, 656A59742160840AFE7F9FE7, dds, 01499884, ECD6AABD2A9F2C38C74D3E65A3E4F8B7, 2B72CC59749E9DBA226F57F7F7351E8DE881A55C9BE97F21001013BD0F3CA29A
Generic.Malware/Suspicious, C:\USERS\WIN10\DROPBOX\MY PC (WIN10-PC)\DESKTOP\תוכנות וכלים שימושיים\ממשק בעברית ל2020 אינדזיין.RAR, No Action By User, 0, 392686, 1.0.46924, , shuriken, , E8016D33365F25EAEB607311CC35951D, 27E4D9E8BF6377F086C62D09B933FCB3286675521C1B7A4D6E7B98CEDE8987A1
Generic.Malware/Suspicious, C:\USERS\WIN10\DROPBOX\MY PC (WIN10-PC)\DESKTOP\תוכנות וכלים שימושיים\הקלטה נתיב.EXE, No Action By User, 0, 392686, 1.0.46924, , shuriken, , B6501BABA5F0D3981BB1A017FE741BBD, 8A07EF757D75D88BC073D5868C4FED9986D5C30278D1476D4797A8B909186859
Malware.AI.4210873804, C:\USERS\WIN10\DROPBOX\MY PC (WIN10-PC)\DESKTOP\תוכנות וכלים שימושיים\השבתת אנטי וירוס של מיקוספט.EXE, No Action By User, 1000000, 0, 1.0.46924, 0659C84A77C02BEAFAFCD5CC, dds, 01499884, 4AC08924DD6649E0F36B3ADC40650358, FDA63C579B3C7560C3ACF95826E70D2A9EFB4B5CA704F20EFD907FE729C05804
MachineLearning/Anomalous.96%, C:\PROGRAM FILES\WINDOWS MOVIE MAKER\MOVIEMAKER.EXE, No Action By User, 0, 392687, 1.0.46924, , shuriken, , F58C19FB97FB23AD9CE888CA6D2AE0D8, 0E74CD853A3B1FCF68EF3D990D1CD91F5783A547C320B3BD588EA285793D5E34
PUP.Optional.4Dots, C:\PROGRAM FILES (X86)\4DOTS SOFTWARE\4DOTS FREE PDF COMPRESS\4DOTSLANGUAGEDOWNLOADER.EXE, No Action By User, 7964, 979675, 1.0.46924, , ame, , 9E8EAED103F4F30143437EEDAE20B177, E417E3DC5E37DD532111D3B759A2B6B7A69C347DC738F9AF5FE3AE76E588FB18
PUP.Optional.4Dots, C:\PROGRAM FILES (X86)\4DOTS SOFTWARE\FREE FILE UNLOCKER\4DOTSLANGUAGEDOWNLOADER.EXE, No Action By User, 7964, 979675, 1.0.46924, , ame, , 1841CFD3C26F5B425FD888B86BB593C6, 1B470E12989F9E4E8EBF6134B27540EFDFE2B08ED20162CA0A1260AA982BC005

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)