Windows 7 Enterprise Version 6.1 (Build 7601: Service Pack 1)
Running Sophos Virus Removal Tool currently.
Endpoint Type:ComputerOS:WindowsUser:Removed RemovedDevice:WLABADM5Ransomware:family_id: b19e9c08-4aeb-42ce-93c8-f9a48e6ea8c0mitigation: Intruderprocess_version: 90thumbprint: 288c28545c7167dc7eeefe5ba7d3d810ae6afd6eea54cf182c5be44cb1b269d6type: Intruderprocess_pid: 14180version: 3.8.1.504uid: bacce4c4-1054-f145-9c1b-162180bfe802app_name: Google Chromeprocess_alias_path: $programfiles\Google\Chrome\Application\chrome.exeprocess_name: Google Chromedetails: IntruderPlatform 6.1.7601/x64 v504 06_3aPID 14180Enabled 007D2A3C1DBF9004Silent 0020000000000100Application C:\Program Files (x86)\Google\Chrome\Application\chrome.exeCreated 2017-11-30T06:00:52Modified 2021-04-24T01:33:15Description Google Chrome 90Loaded Modules (128)-----------------------------------------------------------------------------00000000017C0000-00000000017D8000 C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\x64\nlutmgrhook_x64.dll (Nuance Communications, I),version: 12.51.217.10100000000017F0000-0000000001825000 C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\x64\dgniedct_x64.dll (Nuance Communications, I),version: 12.51.217.1010000000002A30000-0000000002A86000 C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\x64\dd10hook_x64.dll (Nuance Communications, I),version: 12.51.217.1010000000003B60000-0000000003C04000 C:\Program Files (x86)\Imprivata\OneSign Agent\x64\ISXCrypt64.dll (Imprivata, Inc.),version: 5,3,103,240000000004FF0000-0000000005024000 C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\x64\dd10axa_x64.dll (Nuance Communications, I),version: 12.51.217.101000000005FA20000-000000005FA27000 C:\Program Files (x86)\Imprivata\OneSign Agent\x64\ISXHookInit64.dll (Imprivata, Inc.),version: 5,3,103,240000000060620000-000000006069B000 C:\Program Files (x86)\Imprivata\OneSign Agent\x64\ISXComm64.dll (Imprivata, Inc.),version: 5,3,103,2400000000606A0000-000000006074C000 C:\Program Files (x86)\Imprivata\OneSign Agent\x64\ISXHook64.dll (Imprivata, Inc.),version: 5,3,103,240000000072350000-000000007238F000 C:\Program Files (x86)\Imprivata\OneSign Agent\x64\ISXSendKeys64.dll (Imprivata, Inc.),version: 5,3,103,240000000073C10000-0000000073CE2000 C:\WINDOWS\system32\MSVCR100.dll (Microsoft Corporation),version: 10.00.40219.3250000000073CF0000-0000000073D88000 C:\WINDOWS\system32\MSVCP100.dll (Microsoft Corporation),version: 10.00.40219.3250000000073D90000-0000000073F2C000 C:\Program Files (x86)\Imprivata\OneSign Agent\x64\ISXUtils64.dll (Imprivata, Inc.),version: 5,3,103,240000000074350000-0000000074356000 C:\WINDOWS\system32\ksuser.dll (Microsoft Corporation),version: 6.1.7601.19091 (win7sp1_gdr.151208-0600)0000000074360000-0000000074413000 C:\Program Files (x86)\Imprivata\OneSign Agent\x64\isxtrace_dll64.dll (Imprivata, Inc.),version: 5,3,103,240000000076D50000-0000000076E4A000 C:\WINDOWS\system32\USER32.dll (Microsoft Corporation),version: 6.1.7601.23594 (win7sp1_ldr.161110-0600)0000000076E50000-0000000076F6F000 C:\Windows\System32\kernel32.dll (Microsoft Corporation),version: 6.1.7601.24384 (win7sp1_ldr_escrow.190220000000076F70000-000000007710F000 C:\Windows\System32\ntdll.dll (Microsoft Corporation),version: 6.1.7601.24384 (win7sp1_ldr_escrow.190220000000077120000-0000000077127000 C:\WINDOWS\system32\PSAPI.DLL (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000000013FE40000-0000000140099000 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC),version: 90.0.4430.93000007FECC7B0000-000007FED6E4A000 C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\chrome.dll (Google LLC),version: 90.0.4430.93000007FED8C00000-000007FED902A000 C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_filter_64.dll (Sophos Limited),version: 3.8.2.21000007FED9550000-000007FED9941000 C:\WINDOWS\system32\mf.dll (Microsoft Corporation),version: 12.0.7601.24382 (win7sp1_ldr.190210-0600000007FED9EC0000-000007FED9F7A000 C:\WINDOWS\system32\UIAutomationCore.DLL (Microsoft Corporation),version: 7.0.0.0 (win7_rtm.090713-1255)000007FED9FB0000-000007FEDA114000 C:\WINDOWS\System32\Speech\Common\sapi.dll (Microsoft Corporation),version: 5.3.13120.00 (win7sp1_rtm.101119-1850)000007FEDA380000-000007FEDA4A8000 C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\chrome_elf.dll (Google LLC),version: 90.0.4430.93000007FEDA4F0000-000007FEDA532000 C:\WINDOWS\system32\mfreadwrite.dll (Microsoft Corporation),version: 12.0.7601.17514 (win7sp1_rtm.101119-1850000007FEDF5C0000-000007FEDF5E0000 C:\WINDOWS\system32\wlanapi.dll (Microsoft Corporation),version: 6.1.7601.23915 (win7sp1_ldr.170913-0600)000007FEDFB10000-000007FEDFBAC000 C:\WINDOWS\system32\mscms.dll (Microsoft Corporation),version: 6.1.7601.23971 (win7sp1_ldr.171205-0600)000007FEDFF00000-000007FEE0097000 C:\WINDOWS\system32\DWrite.dll (Microsoft Corporation),version: 6.2.9200.22164 (win8_ldr.170506-0600)000007FEE0690000-000007FEE0745000 C:\WINDOWS\system32\bthprops.cpl (Microsoft Corporation),version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)000007FEE6650000-000007FEE681B000 C:\WINDOWS\system32\explorerframe.dll (Microsoft Corporation),version: 6.1.7601.24234 (win7sp1_ldr.180813-0600)000007FEE8D80000-000007FEE8DEF000 C:\WINDOWS\System32\Wpc.dll (Microsoft Corporation),version: 1.0.0.1000007FEE9430000-000007FEE9514000 C:\WINDOWS\system32\spool\DRIVERS\x64\3\mxdwdrv.dll (Microsoft Corporation),version: 6.2.9200.20562 (win8_ldr.121114-1705)000007FEE9520000-000007FEE96F5000 C:\WINDOWS\system32\spool\DRIVERS\x64\3\hpb6sy2917_x64gui.dll (HP),version: 13.2.0.639000007FEEC130000-000007FEEC19D000 C:\WINDOWS\system32\MFPlat.DLL (Microsoft Corporation),version: 12.0.7601.24382 (win7sp1_ldr.190210-0600000007FEEC6F0000-000007FEEC6F7000 C:\WINDOWS\system32\wlanutil.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEEDBB0000-000007FEEDBF7000 C:\WINDOWS\System32\WDSCORE.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEF82E0000-000007FEF8405000 C:\WINDOWS\system32\dbghelp.dll (Microsoft Corporation),version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)000007FEF85A0000-000007FEF85A9000 C:\WINDOWS\system32\SensApi.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEF8660000-000007FEF8672000 C:\WINDOWS\system32\SPOOLSS.DLL (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEF8990000-000007FEF8A01000 C:\WINDOWS\system32\WINSPOOL.DRV (Microsoft Corporation),version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)000007FEF91D0000-000007FEF91F7000 C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation),version: 6.1.7601.24382 (win7sp1_ldr.190210-0600)000007FEF9B50000-000007FEF9B68000 C:\WINDOWS\system32\dhcpcsvc.DLL (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEF9BD0000-000007FEF9BE1000 C:\WINDOWS\system32\dhcpcsvc6.DLL (Microsoft Corporation),version: 6.1.7601.17970 (win7sp1_gdr.121009-0412)000007FEF9DA0000-000007FEF9DBD000 C:\WINDOWS\system32\SAMLIB.dll (Microsoft Corporation),version: 6.1.7601.23677 (win7sp1_ldr.170209-0600)000007FEF9FE0000-000007FEFA034000 C:\WINDOWS\system32\OLEACC.dll (Microsoft Corporation),version: 7.0.0.0 (win7sp1_gdr.110826-1504)000007FEFA040000-000007FEFA047000 C:\WINDOWS\system32\MSIMG32.dll (Microsoft Corporation),version: 6.1.7601.24356 (win7sp1_ldr_escrow.19011000007FEFA120000-000007FEFA134000 C:\WINDOWS\system32\SAMCLI.DLL (Microsoft Corporation),version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)000007FEFA140000-000007FEFA1A5000 C:\WINDOWS\system32\webio.dll (Microsoft Corporation),version: 6.1.7601.23375 (win7sp1_ldr.160309-0600)000007FEFA1B0000-000007FEFA221000 C:\WINDOWS\system32\WINHTTP.dll (Microsoft Corporation),version: 6.1.7601.24000 (win7sp1_ldr.171231-1547)000007FEFA290000-000007FEFA2C0000 C:\WINDOWS\System32\SensorsApi.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFA2C0000-000007FEFA2CF000 C:\Windows\system32\qmgrprxy.dll (Microsoft Corporation),version: 7.5.7600.16385 (win7_rtm.090713-1255)000007FEFA3B0000-000007FEFA3DA000 C:\WINDOWS\system32\t2embed.dll (Microsoft Corporation),version: 6.1.7601.24280 (win7sp1_ldr.181006-0600)000007FEFA410000-000007FEFA41D000 C:\WINDOWS\system32\msdmo.dll (Microsoft Corporation),version: 6.6.7601.17514 (win7sp1_rtm.101119-1850)000007FEFA6C0000-000007FEFA6D8000 C:\WINDOWS\system32\MSACM32.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFA6F0000-000007FEFA725000 C:\WINDOWS\system32\XmlLite.dll (Microsoft Corporation),version: 1.3.1001.0000007FEFA730000-000007FEFA748000 C:\WINDOWS\system32\dwmapi.dll (Microsoft Corporation),version: 6.1.7601.18917 (win7sp1_gdr.150709-0600)000007FEFA7A0000-000007FEFA7B1000 C:\WINDOWS\system32\WTSAPI32.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFA7D0000-000007FEFA7DB000 C:\WINDOWS\System32\slc.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFA8A0000-000007FEFA8B5000 C:\WINDOWS\system32\NLAapi.dll (Microsoft Corporation),version: 6.1.7601.24000 (win7sp1_ldr.171231-1547)000007FEFA8C0000-000007FEFA8FB000 C:\WINDOWS\system32\WINMM.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFA970000-000007FEFA985000 C:\WINDOWS\system32\wkscli.dll (Microsoft Corporation),version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)000007FEFA9A0000-000007FEFA9E3000 C:\WINDOWS\system32\DUser.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFAAC0000-000007FEFABB2000 C:\WINDOWS\system32\DUI70.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFABC0000-000007FEFABD6000 C:\WINDOWS\system32\NETAPI32.dll (Microsoft Corporation),version: 6.1.7601.17887 (win7sp1_gdr.120704-0720)000007FEFABE0000-000007FEFABF9000 C:\WINDOWS\system32\ATL.DLL (Microsoft Corporation),version: 3.05.2284000007FEFAC40000-000007FEFAE59000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.24356_none_145a86628b9132a0\gdiplus.dll (Microsoft Corporation),version: 6.1.7601.24356 (win7sp1_ldr_escrow.19011000007FEFAE60000-000007FEFAF8C000 C:\WINDOWS\System32\PROPSYS.dll (Microsoft Corporation),version: 7.00.7601.17514 (win7sp1_rtm.101119-1850000007FEFAF90000-000007FEFAFDB000 C:\WINDOWS\System32\MMDevApi.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFAFE0000-000007FEFAFE9000 C:\WINDOWS\system32\AVRT.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFB220000-000007FEFB276000 C:\WINDOWS\system32\uxtheme.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFB280000-000007FEFB474000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\Comctl32.dll (Microsoft Corporation),version: 6.10 (win7sp1_gdr.150424-0604)000007FEFB590000-000007FEFB5B7000 C:\WINDOWS\system32\IPHLPAPI.DLL (Microsoft Corporation),version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)000007FEFB940000-000007FEFB9FB000 C:\Windows\system32\FirewallAPI.dll (Microsoft Corporation),version: 6.1.7601.24231 (win7sp1_ldr.180810-0600)000007FEFBA00000-000007FEFBA07000 C:\WINDOWS\System32\wshtcpip.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFBA10000-000007FEFBA1B000 C:\WINDOWS\system32\WINNSI.DLL (Microsoft Corporation),version: 6.1.7601.23889 (win7sp1_ldr.170810-1615)000007FEFBA20000-000007FEFBA51000 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited),version: 3.8.2.21000007FEFBB10000-000007FEFBB3D000 C:\WINDOWS\system32\ntmarta.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFBBA0000-000007FEFBBAC000 C:\WINDOWS\system32\VERSION.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFBBB0000-000007FEFBBBD000 C:\WINDOWS\system32\pcwum.DLL (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFBBF0000-000007FEFBC0B000 C:\WINDOWS\system32\GPAPI.dll (Microsoft Corporation),version: 6.1.7601.23452 (win7sp1_ldr.160512-0600)000007FEFBD70000-000007FEFBD7C000 C:\WINDOWS\system32\netutils.dll (Microsoft Corporation),version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)000007FEFBDF0000-000007FEFBE37000 C:\WINDOWS\system32\rsaenh.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFC090000-000007FEFC0E5000 C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation),version: 6.1.7601.23451 (win7sp1_ldr.160511-0600)000007FEFC0F0000-000007FEFC108000 C:\WINDOWS\system32\CRYPTSP.dll (Microsoft Corporation),version: 6.1.7601.24382 (win7sp1_ldr.190210-0600)000007FEFC200000-000007FEFC24C000 C:\WINDOWS\system32\bcryptprimitives.dll (Microsoft Corporation),version: 6.1.7601.23451 (win7sp1_ldr.160511-0600)000007FEFC290000-000007FEFC2B2000 C:\WINDOWS\system32\bcrypt.dll (Microsoft Corporation),version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022000007FEFC2C0000-000007FEFC310000 C:\WINDOWS\system32\ncrypt.dll (Microsoft Corporation),version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022000007FEFC350000-000007FEFC3BD000 C:\WINDOWS\System32\wevtapi.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFC3E0000-000007FEFC403000 C:\WINDOWS\system32\srvcli.dll (Microsoft Corporation),version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)000007FEFC550000-000007FEFC55B000 C:\WINDOWS\system32\Secur32.dll (Microsoft Corporation),version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022000007FEFC720000-000007FEFC745000 C:\WINDOWS\system32\SSPICLI.DLL (Microsoft Corporation),version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022000007FEFC750000-000007FEFC75F000 C:\WINDOWS\system32\cryptbase.dll (Microsoft Corporation),version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022000007FEFC760000-000007FEFC7B7000 C:\WINDOWS\system32\apphelp.dll (Microsoft Corporation),version: 6.1.7601.19050 (win7sp1_gdr.151029-0600)000007FEFC7C0000-000007FEFC7D4000 C:\WINDOWS\system32\RpcRtRemote.dll (Microsoft Corporation),version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)000007FEFC7E0000-000007FEFC7E3000 C:\WINDOWS\system32\api-ms-win-core-synch-l1-2-0.DLL (Microsoft Corporation),version: 10.0.14393.2630 (rs1_release_1.181010-18000007FEFC7F0000-000007FEFC881000 C:\WINDOWS\system32\SXS.DLL (Microsoft Corporation),version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)000007FEFC890000-000007FEFC8CE000 C:\WINDOWS\system32\SophosAV\SOPHOS~1.DLL (Sophos Limited),version: 10.8.10.810000007FEFC8D0000-000007FEFC90D000 C:\WINDOWS\system32\WINSTA.dll (Microsoft Corporation),version: 6.1.7601.18540 (win7sp1_gdr.140716-1508)000007FEFC910000-000007FEFCA29000 C:\Windows\System32\hmpalert.dll (SurfRight B.V.),version: 3.8.1.496000007FEFCAC0000-000007FEFCACF000 C:\WINDOWS\system32\MSASN1.dll (Microsoft Corporation),version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)000007FEFCAD0000-000007FEFCADF000 C:\WINDOWS\system32\profapi.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFCAE0000-000007FEFCC4D000 C:\WINDOWS\system32\CRYPT32.dll (Microsoft Corporation),version: 6.1.7601.24382 (win7sp1_ldr.190210-0600)000007FEFCD00000-000007FEFCD6A000 C:\Windows\System32\KernelBase.dll (Microsoft Corporation),version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022000007FEFCD80000-000007FEFCD85000 C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll (Microsoft Corporation),version: 6.2.9200.16492 (win8_gdr_oobssr.130113-0000007FEFCD90000-000007FEFCDAE000 C:\WINDOWS\system32\USERENV.dll (Microsoft Corporation),version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)000007FEFCDE0000-000007FEFCE16000 C:\WINDOWS\system32\CFGMGR32.dll (Microsoft Corporation),version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)000007FEFCE20000-000007FEFCE3A000 C:\WINDOWS\system32\DEVOBJ.dll (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFCE40000-000007FEFCE7B000 C:\WINDOWS\system32\WINTRUST.dll (Microsoft Corporation),version: 6.1.7601.24382 (win7sp1_ldr.190210-0600)000007FEFCE80000-000007FEFCEAE000 C:\WINDOWS\system32\IMM32.DLL (Microsoft Corporation),version: 6.1.7600.16385 (win7_rtm.090713-1255)000007FEFCEB0000-000007FEFCF4F000 C:\WINDOWS\system32\msvcrt.dll (Microsoft Corporation),version: 7.0.7601.17744 (win7sp1_gdr.111215-1535)000007FEFCF50000-000007FEFD14F000 C:\WINDOWS\system32\ole32.dll (Microsoft Corporation),version: 6.1.7601.24335 (win7sp1_ldr_escrow.18122000007FEFD1D0000-000007FEFD1EF000 C:\WINDOWS\SYSTEM32\sechost.dll (Microsoft Corporation),version: 6.1.7601.18869 (win7sp1_gdr.150525-0603)000007FEFD650000-000007FEFD6C1000 C:\WINDOWS\system32\SHLWAPI.dll (Microsoft Corporation),version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)000007FEFDB80000-000007FEFDB88000 C:\WINDOWS\system32\NSI.dll (Microsoft Corporation),version: 6.1.7601.23889 (win7sp1_ldr.170810-1615)000007FEFDB90000-000007FEFDCBC000 C:\WINDOWS\system32\RPCRT4.dll (Microsoft Corporation),version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022000007FEFDCC0000-000007FEFDD27000 C:\WINDOWS\system32\GDI32.dll (Microsoft Corporation),version: 6.1.7601.24308 (win7sp1_ldr.181111-0600)000007FEFDD30000-000007FEFDDC9000 C:\WINDOWS\system32\CLBCatQ.DLL (Microsoft Corporation),version: 2001.12.8530.16385 (win7_rtm.090713-1255000007FEFDDD0000-000007FEFDE9B000 C:\WINDOWS\system32\USP10.dll (Microsoft Corporation),version: 1.0626.7601.23894 (win7sp1_ldr.170816-06000007FEFDEA0000-000007FEFDF7B000 C:\WINDOWS\system32\ADVAPI32.dll (Microsoft Corporation),version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022000007FEFDF80000-000007FEFDFCD000 C:\WINDOWS\system32\WS2_32.dll (Microsoft Corporation),version: 6.1.7601.23451 (win7sp1_ldr.160511-0600)000007FEFDFD0000-000007FEFE022000 C:\WINDOWS\system32\WLDAP32.dll (Microsoft Corporation),version: 6.1.7601.23889 (win7sp1_ldr.170810-1615)000007FEFE0D0000-000007FEFE0DE000 C:\WINDOWS\system32\LPK.dll (Microsoft Corporation),version: 6.1.7601.24280 (win7sp1_ldr.181006-0600)000007FEFE0E0000-000007FEFE1BA000 C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation),version: 6.1.7601.24335000007FEFE1C0000-000007FEFE2C9000 C:\WINDOWS\system32\MSCTF.dll (Microsoft Corporation),version: 6.1.7601.23915 (win7sp1_ldr.170913-0600)000007FEFE2D0000-000007FEFE4A7000 C:\WINDOWS\system32\SETUPAPI.dll (Microsoft Corporation),version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)000007FEFE4B0000-000007FEFE4C9000 C:\WINDOWS\system32\imagehlp.dll (Microsoft Corporation),version: 6.1.7601.18288 (win7sp1_gdr.131018-1533)000007FEFE4D0000-000007FEFF25A000 C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation),version: 6.1.7601.24234 (win7sp1_ldr.180813-0600)Thumbprint288c28545c7167dc7eeefe5ba7d3d810ae6afd6eea54cf182c5be44cb1b269d6Backwards compatible thumbprint (V1)b4fd4d7991604623ae55a0f5837048eaa437d3885b2817db82509fd34285e7a4Backwards compatible thumbprint (V2)288c28545c7167dc7eeefe5ba7d3d810ae6afd6eea54cf182c5be44cb1b269d6Backwards compatible thumbprint (V3)288c28545c7167dc7eeefe5ba7d3d810ae6afd6eea54cf182c5be44cb1b269d6process_path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
The removal tool and a full scan found nothing, can I safely place this device back on the domain?
Hi Drew Livengood,
Thanks for reaching out to us on Sophos Community. I had a few questions that would help me get a clearer picture as I can't make out much from the information you've posted. First, can you please confirm which Sophos product you’re using? Second, has this alert popped up again in your environment? Third, has the Windows 7 device been updated with the latest security patches?
Thank you for the reply. Our hospital uses Sophos Central, this PC is now Windows 7 (ver. 6.1 Build 7601 Service Pack 1) with the following Core Agent 2.18.2Sophos Intercept X 2.0.20Endpoint Protection 10.8.10.3
Patched as much as possible, we are struggling to get all PC's to Win 10.
No further alerts for this in Sophos Central or locally.
Thank you.