Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 8 subscribers
  • Views 13053 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Safe Browsing detected browser Google Chrome has been compromised

Drew Livengood

Windows 7 Enterprise Version 6.1 (Build 7601: Service Pack 1)

Running Sophos Virus Removal Tool currently.

Endpoint Type:

Computer

OS:

Windows

User:

Removed Removed

Device:

WLABADM5
Ransomware:

family_id: b19e9c08-4aeb-42ce-93c8-f9a48e6ea8c0
mitigation: Intruder
process_version: 90
thumbprint: 288c28545c7167dc7eeefe5ba7d3d810ae6afd6eea54cf182c5be44cb1b269d6
type: Intruder
process_pid: 14180
version: 3.8.1.504
uid: bacce4c4-1054-f145-9c1b-162180bfe802
app_name: Google Chrome
process_alias_path: $programfiles\Google\Chrome\Application\chrome.exe
process_name: Google Chrome
details: Intruder

Platform 6.1.7601/x64 v504 06_3a
PID 14180
Enabled 007D2A3C1DBF9004
Silent 0020000000000100
Application C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Created 2017-11-30T06:00:52
Modified 2021-04-24T01:33:15
Description Google Chrome 90


Loaded Modules (128)
-----------------------------------------------------------------------------
00000000017C0000-00000000017D8000 C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\x64\nlutmgrhook_x64.dll (Nuance Communications, I),
version: 12.51.217.101
00000000017F0000-0000000001825000 C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\x64\dgniedct_x64.dll (Nuance Communications, I),
version: 12.51.217.101
0000000002A30000-0000000002A86000 C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\x64\dd10hook_x64.dll (Nuance Communications, I),
version: 12.51.217.101
0000000003B60000-0000000003C04000 C:\Program Files (x86)\Imprivata\OneSign Agent\x64\ISXCrypt64.dll (Imprivata, Inc.),
version: 5,3,103,24
0000000004FF0000-0000000005024000 C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\x64\dd10axa_x64.dll (Nuance Communications, I),
version: 12.51.217.101
000000005FA20000-000000005FA27000 C:\Program Files (x86)\Imprivata\OneSign Agent\x64\ISXHookInit64.dll (Imprivata, Inc.),
version: 5,3,103,24
0000000060620000-000000006069B000 C:\Program Files (x86)\Imprivata\OneSign Agent\x64\ISXComm64.dll (Imprivata, Inc.),
version: 5,3,103,24
00000000606A0000-000000006074C000 C:\Program Files (x86)\Imprivata\OneSign Agent\x64\ISXHook64.dll (Imprivata, Inc.),
version: 5,3,103,24
0000000072350000-000000007238F000 C:\Program Files (x86)\Imprivata\OneSign Agent\x64\ISXSendKeys64.dll (Imprivata, Inc.),
version: 5,3,103,24
0000000073C10000-0000000073CE2000 C:\WINDOWS\system32\MSVCR100.dll (Microsoft Corporation),
version: 10.00.40219.325
0000000073CF0000-0000000073D88000 C:\WINDOWS\system32\MSVCP100.dll (Microsoft Corporation),
version: 10.00.40219.325
0000000073D90000-0000000073F2C000 C:\Program Files (x86)\Imprivata\OneSign Agent\x64\ISXUtils64.dll (Imprivata, Inc.),
version: 5,3,103,24
0000000074350000-0000000074356000 C:\WINDOWS\system32\ksuser.dll (Microsoft Corporation),
version: 6.1.7601.19091 (win7sp1_gdr.151208-0600)
0000000074360000-0000000074413000 C:\Program Files (x86)\Imprivata\OneSign Agent\x64\isxtrace_dll64.dll (Imprivata, Inc.),
version: 5,3,103,24
0000000076D50000-0000000076E4A000 C:\WINDOWS\system32\USER32.dll (Microsoft Corporation),
version: 6.1.7601.23594 (win7sp1_ldr.161110-0600)
0000000076E50000-0000000076F6F000 C:\Windows\System32\kernel32.dll (Microsoft Corporation),
version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022
0000000076F70000-000000007710F000 C:\Windows\System32\ntdll.dll (Microsoft Corporation),
version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022
0000000077120000-0000000077127000 C:\WINDOWS\system32\PSAPI.DLL (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000000013FE40000-0000000140099000 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC),
version: 90.0.4430.93
000007FECC7B0000-000007FED6E4A000 C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\chrome.dll (Google LLC),
version: 90.0.4430.93
000007FED8C00000-000007FED902A000 C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_filter_64.dll (Sophos Limited),
version: 3.8.2.21
000007FED9550000-000007FED9941000 C:\WINDOWS\system32\mf.dll (Microsoft Corporation),
version: 12.0.7601.24382 (win7sp1_ldr.190210-0600
000007FED9EC0000-000007FED9F7A000 C:\WINDOWS\system32\UIAutomationCore.DLL (Microsoft Corporation),
version: 7.0.0.0 (win7_rtm.090713-1255)
000007FED9FB0000-000007FEDA114000 C:\WINDOWS\System32\Speech\Common\sapi.dll (Microsoft Corporation),
version: 5.3.13120.00 (win7sp1_rtm.101119-1850)
000007FEDA380000-000007FEDA4A8000 C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\chrome_elf.dll (Google LLC),
version: 90.0.4430.93
000007FEDA4F0000-000007FEDA532000 C:\WINDOWS\system32\mfreadwrite.dll (Microsoft Corporation),
version: 12.0.7601.17514 (win7sp1_rtm.101119-1850
000007FEDF5C0000-000007FEDF5E0000 C:\WINDOWS\system32\wlanapi.dll (Microsoft Corporation),
version: 6.1.7601.23915 (win7sp1_ldr.170913-0600)
000007FEDFB10000-000007FEDFBAC000 C:\WINDOWS\system32\mscms.dll (Microsoft Corporation),
version: 6.1.7601.23971 (win7sp1_ldr.171205-0600)
000007FEDFF00000-000007FEE0097000 C:\WINDOWS\system32\DWrite.dll (Microsoft Corporation),
version: 6.2.9200.22164 (win8_ldr.170506-0600)
000007FEE0690000-000007FEE0745000 C:\WINDOWS\system32\bthprops.cpl (Microsoft Corporation),
version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
000007FEE6650000-000007FEE681B000 C:\WINDOWS\system32\explorerframe.dll (Microsoft Corporation),
version: 6.1.7601.24234 (win7sp1_ldr.180813-0600)
000007FEE8D80000-000007FEE8DEF000 C:\WINDOWS\System32\Wpc.dll (Microsoft Corporation),
version: 1.0.0.1
000007FEE9430000-000007FEE9514000 C:\WINDOWS\system32\spool\DRIVERS\x64\3\mxdwdrv.dll (Microsoft Corporation),
version: 6.2.9200.20562 (win8_ldr.121114-1705)
000007FEE9520000-000007FEE96F5000 C:\WINDOWS\system32\spool\DRIVERS\x64\3\hpb6sy2917_x64gui.dll (HP),
version: 13.2.0.639
000007FEEC130000-000007FEEC19D000 C:\WINDOWS\system32\MFPlat.DLL (Microsoft Corporation),
version: 12.0.7601.24382 (win7sp1_ldr.190210-0600
000007FEEC6F0000-000007FEEC6F7000 C:\WINDOWS\system32\wlanutil.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEEDBB0000-000007FEEDBF7000 C:\WINDOWS\System32\WDSCORE.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEF82E0000-000007FEF8405000 C:\WINDOWS\system32\dbghelp.dll (Microsoft Corporation),
version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
000007FEF85A0000-000007FEF85A9000 C:\WINDOWS\system32\SensApi.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEF8660000-000007FEF8672000 C:\WINDOWS\system32\SPOOLSS.DLL (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEF8990000-000007FEF8A01000 C:\WINDOWS\system32\WINSPOOL.DRV (Microsoft Corporation),
version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
000007FEF91D0000-000007FEF91F7000 C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation),
version: 6.1.7601.24382 (win7sp1_ldr.190210-0600)
000007FEF9B50000-000007FEF9B68000 C:\WINDOWS\system32\dhcpcsvc.DLL (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEF9BD0000-000007FEF9BE1000 C:\WINDOWS\system32\dhcpcsvc6.DLL (Microsoft Corporation),
version: 6.1.7601.17970 (win7sp1_gdr.121009-0412)
000007FEF9DA0000-000007FEF9DBD000 C:\WINDOWS\system32\SAMLIB.dll (Microsoft Corporation),
version: 6.1.7601.23677 (win7sp1_ldr.170209-0600)
000007FEF9FE0000-000007FEFA034000 C:\WINDOWS\system32\OLEACC.dll (Microsoft Corporation),
version: 7.0.0.0 (win7sp1_gdr.110826-1504)
000007FEFA040000-000007FEFA047000 C:\WINDOWS\system32\MSIMG32.dll (Microsoft Corporation),
version: 6.1.7601.24356 (win7sp1_ldr_escrow.19011
000007FEFA120000-000007FEFA134000 C:\WINDOWS\system32\SAMCLI.DLL (Microsoft Corporation),
version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
000007FEFA140000-000007FEFA1A5000 C:\WINDOWS\system32\webio.dll (Microsoft Corporation),
version: 6.1.7601.23375 (win7sp1_ldr.160309-0600)
000007FEFA1B0000-000007FEFA221000 C:\WINDOWS\system32\WINHTTP.dll (Microsoft Corporation),
version: 6.1.7601.24000 (win7sp1_ldr.171231-1547)
000007FEFA290000-000007FEFA2C0000 C:\WINDOWS\System32\SensorsApi.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFA2C0000-000007FEFA2CF000 C:\Windows\system32\qmgrprxy.dll (Microsoft Corporation),
version: 7.5.7600.16385 (win7_rtm.090713-1255)
000007FEFA3B0000-000007FEFA3DA000 C:\WINDOWS\system32\t2embed.dll (Microsoft Corporation),
version: 6.1.7601.24280 (win7sp1_ldr.181006-0600)
000007FEFA410000-000007FEFA41D000 C:\WINDOWS\system32\msdmo.dll (Microsoft Corporation),
version: 6.6.7601.17514 (win7sp1_rtm.101119-1850)
000007FEFA6C0000-000007FEFA6D8000 C:\WINDOWS\system32\MSACM32.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFA6F0000-000007FEFA725000 C:\WINDOWS\system32\XmlLite.dll (Microsoft Corporation),
version: 1.3.1001.0
000007FEFA730000-000007FEFA748000 C:\WINDOWS\system32\dwmapi.dll (Microsoft Corporation),
version: 6.1.7601.18917 (win7sp1_gdr.150709-0600)
000007FEFA7A0000-000007FEFA7B1000 C:\WINDOWS\system32\WTSAPI32.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFA7D0000-000007FEFA7DB000 C:\WINDOWS\System32\slc.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFA8A0000-000007FEFA8B5000 C:\WINDOWS\system32\NLAapi.dll (Microsoft Corporation),
version: 6.1.7601.24000 (win7sp1_ldr.171231-1547)
000007FEFA8C0000-000007FEFA8FB000 C:\WINDOWS\system32\WINMM.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFA970000-000007FEFA985000 C:\WINDOWS\system32\wkscli.dll (Microsoft Corporation),
version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
000007FEFA9A0000-000007FEFA9E3000 C:\WINDOWS\system32\DUser.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFAAC0000-000007FEFABB2000 C:\WINDOWS\system32\DUI70.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFABC0000-000007FEFABD6000 C:\WINDOWS\system32\NETAPI32.dll (Microsoft Corporation),
version: 6.1.7601.17887 (win7sp1_gdr.120704-0720)
000007FEFABE0000-000007FEFABF9000 C:\WINDOWS\system32\ATL.DLL (Microsoft Corporation),
version: 3.05.2284
000007FEFAC40000-000007FEFAE59000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.24356_none_145a86628b9132a0\gdiplus.dll (Microsoft Corporation),
version: 6.1.7601.24356 (win7sp1_ldr_escrow.19011
000007FEFAE60000-000007FEFAF8C000 C:\WINDOWS\System32\PROPSYS.dll (Microsoft Corporation),
version: 7.00.7601.17514 (win7sp1_rtm.101119-1850
000007FEFAF90000-000007FEFAFDB000 C:\WINDOWS\System32\MMDevApi.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFAFE0000-000007FEFAFE9000 C:\WINDOWS\system32\AVRT.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFB220000-000007FEFB276000 C:\WINDOWS\system32\uxtheme.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFB280000-000007FEFB474000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\Comctl32.dll (Microsoft Corporation),
version: 6.10 (win7sp1_gdr.150424-0604)
000007FEFB590000-000007FEFB5B7000 C:\WINDOWS\system32\IPHLPAPI.DLL (Microsoft Corporation),
version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
000007FEFB940000-000007FEFB9FB000 C:\Windows\system32\FirewallAPI.dll (Microsoft Corporation),
version: 6.1.7601.24231 (win7sp1_ldr.180810-0600)
000007FEFBA00000-000007FEFBA07000 C:\WINDOWS\System32\wshtcpip.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFBA10000-000007FEFBA1B000 C:\WINDOWS\system32\WINNSI.DLL (Microsoft Corporation),
version: 6.1.7601.23889 (win7sp1_ldr.170810-1615)
000007FEFBA20000-000007FEFBA51000 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (Sophos Limited),
version: 3.8.2.21
000007FEFBB10000-000007FEFBB3D000 C:\WINDOWS\system32\ntmarta.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFBBA0000-000007FEFBBAC000 C:\WINDOWS\system32\VERSION.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFBBB0000-000007FEFBBBD000 C:\WINDOWS\system32\pcwum.DLL (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFBBF0000-000007FEFBC0B000 C:\WINDOWS\system32\GPAPI.dll (Microsoft Corporation),
version: 6.1.7601.23452 (win7sp1_ldr.160512-0600)
000007FEFBD70000-000007FEFBD7C000 C:\WINDOWS\system32\netutils.dll (Microsoft Corporation),
version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
000007FEFBDF0000-000007FEFBE37000 C:\WINDOWS\system32\rsaenh.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFC090000-000007FEFC0E5000 C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation),
version: 6.1.7601.23451 (win7sp1_ldr.160511-0600)
000007FEFC0F0000-000007FEFC108000 C:\WINDOWS\system32\CRYPTSP.dll (Microsoft Corporation),
version: 6.1.7601.24382 (win7sp1_ldr.190210-0600)
000007FEFC200000-000007FEFC24C000 C:\WINDOWS\system32\bcryptprimitives.dll (Microsoft Corporation),
version: 6.1.7601.23451 (win7sp1_ldr.160511-0600)
000007FEFC290000-000007FEFC2B2000 C:\WINDOWS\system32\bcrypt.dll (Microsoft Corporation),
version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022
000007FEFC2C0000-000007FEFC310000 C:\WINDOWS\system32\ncrypt.dll (Microsoft Corporation),
version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022
000007FEFC350000-000007FEFC3BD000 C:\WINDOWS\System32\wevtapi.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFC3E0000-000007FEFC403000 C:\WINDOWS\system32\srvcli.dll (Microsoft Corporation),
version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
000007FEFC550000-000007FEFC55B000 C:\WINDOWS\system32\Secur32.dll (Microsoft Corporation),
version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022
000007FEFC720000-000007FEFC745000 C:\WINDOWS\system32\SSPICLI.DLL (Microsoft Corporation),
version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022
000007FEFC750000-000007FEFC75F000 C:\WINDOWS\system32\cryptbase.dll (Microsoft Corporation),
version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022
000007FEFC760000-000007FEFC7B7000 C:\WINDOWS\system32\apphelp.dll (Microsoft Corporation),
version: 6.1.7601.19050 (win7sp1_gdr.151029-0600)
000007FEFC7C0000-000007FEFC7D4000 C:\WINDOWS\system32\RpcRtRemote.dll (Microsoft Corporation),
version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
000007FEFC7E0000-000007FEFC7E3000 C:\WINDOWS\system32\api-ms-win-core-synch-l1-2-0.DLL (Microsoft Corporation),
version: 10.0.14393.2630 (rs1_release_1.181010-18
000007FEFC7F0000-000007FEFC881000 C:\WINDOWS\system32\SXS.DLL (Microsoft Corporation),
version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
000007FEFC890000-000007FEFC8CE000 C:\WINDOWS\system32\SophosAV\SOPHOS~1.DLL (Sophos Limited),
version: 10.8.10.810
000007FEFC8D0000-000007FEFC90D000 C:\WINDOWS\system32\WINSTA.dll (Microsoft Corporation),
version: 6.1.7601.18540 (win7sp1_gdr.140716-1508)
000007FEFC910000-000007FEFCA29000 C:\Windows\System32\hmpalert.dll (SurfRight B.V.),
version: 3.8.1.496
000007FEFCAC0000-000007FEFCACF000 C:\WINDOWS\system32\MSASN1.dll (Microsoft Corporation),
version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
000007FEFCAD0000-000007FEFCADF000 C:\WINDOWS\system32\profapi.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFCAE0000-000007FEFCC4D000 C:\WINDOWS\system32\CRYPT32.dll (Microsoft Corporation),
version: 6.1.7601.24382 (win7sp1_ldr.190210-0600)
000007FEFCD00000-000007FEFCD6A000 C:\Windows\System32\KernelBase.dll (Microsoft Corporation),
version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022
000007FEFCD80000-000007FEFCD85000 C:\WINDOWS\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll (Microsoft Corporation),
version: 6.2.9200.16492 (win8_gdr_oobssr.130113-0
000007FEFCD90000-000007FEFCDAE000 C:\WINDOWS\system32\USERENV.dll (Microsoft Corporation),
version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
000007FEFCDE0000-000007FEFCE16000 C:\WINDOWS\system32\CFGMGR32.dll (Microsoft Corporation),
version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
000007FEFCE20000-000007FEFCE3A000 C:\WINDOWS\system32\DEVOBJ.dll (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFCE40000-000007FEFCE7B000 C:\WINDOWS\system32\WINTRUST.dll (Microsoft Corporation),
version: 6.1.7601.24382 (win7sp1_ldr.190210-0600)
000007FEFCE80000-000007FEFCEAE000 C:\WINDOWS\system32\IMM32.DLL (Microsoft Corporation),
version: 6.1.7600.16385 (win7_rtm.090713-1255)
000007FEFCEB0000-000007FEFCF4F000 C:\WINDOWS\system32\msvcrt.dll (Microsoft Corporation),
version: 7.0.7601.17744 (win7sp1_gdr.111215-1535)
000007FEFCF50000-000007FEFD14F000 C:\WINDOWS\system32\ole32.dll (Microsoft Corporation),
version: 6.1.7601.24335 (win7sp1_ldr_escrow.18122
000007FEFD1D0000-000007FEFD1EF000 C:\WINDOWS\SYSTEM32\sechost.dll (Microsoft Corporation),
version: 6.1.7601.18869 (win7sp1_gdr.150525-0603)
000007FEFD650000-000007FEFD6C1000 C:\WINDOWS\system32\SHLWAPI.dll (Microsoft Corporation),
version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
000007FEFDB80000-000007FEFDB88000 C:\WINDOWS\system32\NSI.dll (Microsoft Corporation),
version: 6.1.7601.23889 (win7sp1_ldr.170810-1615)
000007FEFDB90000-000007FEFDCBC000 C:\WINDOWS\system32\RPCRT4.dll (Microsoft Corporation),
version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022
000007FEFDCC0000-000007FEFDD27000 C:\WINDOWS\system32\GDI32.dll (Microsoft Corporation),
version: 6.1.7601.24308 (win7sp1_ldr.181111-0600)
000007FEFDD30000-000007FEFDDC9000 C:\WINDOWS\system32\CLBCatQ.DLL (Microsoft Corporation),
version: 2001.12.8530.16385 (win7_rtm.090713-1255
000007FEFDDD0000-000007FEFDE9B000 C:\WINDOWS\system32\USP10.dll (Microsoft Corporation),
version: 1.0626.7601.23894 (win7sp1_ldr.170816-06
000007FEFDEA0000-000007FEFDF7B000 C:\WINDOWS\system32\ADVAPI32.dll (Microsoft Corporation),
version: 6.1.7601.24384 (win7sp1_ldr_escrow.19022
000007FEFDF80000-000007FEFDFCD000 C:\WINDOWS\system32\WS2_32.dll (Microsoft Corporation),
version: 6.1.7601.23451 (win7sp1_ldr.160511-0600)
000007FEFDFD0000-000007FEFE022000 C:\WINDOWS\system32\WLDAP32.dll (Microsoft Corporation),
version: 6.1.7601.23889 (win7sp1_ldr.170810-1615)
000007FEFE0D0000-000007FEFE0DE000 C:\WINDOWS\system32\LPK.dll (Microsoft Corporation),
version: 6.1.7601.24280 (win7sp1_ldr.181006-0600)
000007FEFE0E0000-000007FEFE1BA000 C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation),
version: 6.1.7601.24335
000007FEFE1C0000-000007FEFE2C9000 C:\WINDOWS\system32\MSCTF.dll (Microsoft Corporation),
version: 6.1.7601.23915 (win7sp1_ldr.170913-0600)
000007FEFE2D0000-000007FEFE4A7000 C:\WINDOWS\system32\SETUPAPI.dll (Microsoft Corporation),
version: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
000007FEFE4B0000-000007FEFE4C9000 C:\WINDOWS\system32\imagehlp.dll (Microsoft Corporation),
version: 6.1.7601.18288 (win7sp1_gdr.131018-1533)
000007FEFE4D0000-000007FEFF25A000 C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation),
version: 6.1.7601.24234 (win7sp1_ldr.180813-0600)

Thumbprint
288c28545c7167dc7eeefe5ba7d3d810ae6afd6eea54cf182c5be44cb1b269d6
Backwards compatible thumbprint (V1)
b4fd4d7991604623ae55a0f5837048eaa437d3885b2817db82509fd34285e7a4
Backwards compatible thumbprint (V2)
288c28545c7167dc7eeefe5ba7d3d810ae6afd6eea54cf182c5be44cb1b269d6
Backwards compatible thumbprint (V3)
288c28545c7167dc7eeefe5ba7d3d810ae6afd6eea54cf182c5be44cb1b269d6
process_path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to Yashraj S

    Thank you for the reply. Our hospital uses Sophos Central, this PC is now Windows 7 (ver. 6.1 Build 7601 Service Pack 1) with the following Core Agent 2.18.2
    Sophos Intercept X 2.0.20
    Endpoint Protection 10.8.10.3

    Patched as much as possible, we are struggling to get all PC's to Win 10.

    No further alerts for this in Sophos Central or locally.

    Thank you.

Children
No Data
Unfiltered HTML