Subject: Are there anything suspicious in my ClamAV Full Windows 11 Virus Scan
Log of 12 Mar 2026 Thursday?
Good day from Singapore,
Are there anything suspicious in my ClamAV Full Windows 11 Virus Scan Log of 12
Mar 2026 Thursday?
It appears that a Java Backdoor, PUA Win Trojans and Sanesecurity Malware were
detected.
Are they false positives??
--------------------------------------
/mnt/windows/Program Files/Common Files/Tracker
Software/Common/ABBYY/Bin64/LangInfoUnicode.dll: PUA.Win.Packer.LyWgkx-2 FOUND
/mnt/windows/Program Files/Common
Files/Adobe/Acrobat/Setup/{AC76BA86-1033-1033-7760-BC15014EA700}/Core.cab:
MiscreantPunch.EvilMacro.AOUEGTP.1.UNOFFICIAL FOUND
/mnt/windows/Program Files/Wireshark/multimedia/ffmpegmediaplugin.dll:
PUA.Win.Packer.InterplaysMveFi-1 FOUND
/mnt/windows/Program Files/NVIDIA
Corporation/Installer2/Display.PhysX.{66838DDA-3FD8-47A8-9B6A-6EBFDA1089F1}/files/Common/cudart64_65.dll:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Collect.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/CommandBar.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/Access2Base/CommandBarControl.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/DataDef.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Application.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Dialog.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Database.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Control.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Event.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Field.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/L10N.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Form.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/DoCmd.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/OptionGroup.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Methods.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Module.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/Access2Base/PropertiesSet.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Property.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Python.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/Access2Base/PropertiesGet.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Root_.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Test.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/TempVar.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Recordset.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Trace.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/_License.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/SubForm.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/Access2Base/UtilProperty.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/acConstants.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Access2Base/Utils.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Depot/CommonLang.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Depot/Currency.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Depot/Depot.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Depot/Lang_de.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Depot/Internet.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Depot/Lang_en.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Depot/Lang_es.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Depot/Lang_it.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Depot/Lang_ja.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Depot/Lang_fr.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Depot/Lang_ko.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Depot/Lang_sv.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Depot/Lang_tw.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Depot/Lang_zh.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Euro/AutoPilotRun.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Depot/tools.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Euro/Common.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Euro/ConvertRun.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Euro/Hard.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Euro/Protect.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Euro/Writer.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Euro/Soft.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/FormWizard/DBMeta.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/FormWizard/FormWizard.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Euro/Init.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/FormWizard/Layouter.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/FormWizard/Language.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Gimmicks/AutoText.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/FormWizard/develop.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/FormWizard/tools.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Gimmicks/ChangeAllChars.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Gimmicks/ReadDir.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Gimmicks/GetTexts.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Gimmicks/Userfields.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ImportWizard/API.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/ImportWizard/DialogModul.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ImportWizard/Language.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ImportWizard/Main.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ImportWizard/FilesModul.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/ScriptForge/SF_Dictionary.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ScriptForge/SF_L10N.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ScriptForge/SF_Platform.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/ScriptForge/SF_Exception.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/ScriptForge/SF_PythonHelper.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ScriptForge/SF_Root.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ScriptForge/SF_Array.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ScriptForge/SF_Services.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ScriptForge/SF_Region.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/ScriptForge/SF_TextStream.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/ScriptForge/SF_FileSystem.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ScriptForge/SF_Timer.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/ScriptForge/_CodingConventions.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ScriptForge/SF_Session.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ScriptForge/SF_UI.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/ScriptForge/_ModuleModel.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ScriptForge/__License.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ScriptForge/SF_Utils.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFDatabases/SF_Register.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/SFDatabases/SF_Datasheet.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/ScriptForge/SF_String.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFDatabases/__License.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFDatabases/SF_Database.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFDatabases/SF_Dataset.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFDialogs/__License.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/SFDialogs/SF_DialogListener.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFDialogs/SF_Dialog.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/SFDialogs/SF_DialogUtils.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFDialogs/SF_Register.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/SFDocuments/SF_DocumentListener.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/SFDialogs/SF_DialogControl.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFDocuments/SF_Chart.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFDocuments/SF_Base.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/SFDocuments/SF_FormDocument.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFDocuments/SF_Document.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFDocuments/SF_Register.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFDocuments/__License.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFDocuments/SF_Form.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFUnitTests/SF_Register.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFUnitTests/__License.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/SFDocuments/SF_FormControl.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFDocuments/SF_Writer.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFDocuments/SF_Calc.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/SFWidgets/SF_MenuListener.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFWidgets/SF_Register.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFUnitTests/SF_UnitTest.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/SFWidgets/SF_ContextMenu.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFWidgets/SF_Menu.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFWidgets/__License.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/SFWidgets/SF_ToolbarButton.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFWidgets/SF_Toolbar.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Template/Autotext.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/SFWidgets/SF_PopupMenu.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Template/Samples.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Template/Correspondence.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Template/ModuleAgenda.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Tools/Debug.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Tools/Listbox.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Tools/Strings.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Tools/Misc.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Tools/UCB.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Tools/ModuleControls.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Tutorials/RoadMap.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Tutorials/TutorialClose.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/Tutorials/ShowInfoDialog.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Tutorials/Functions.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/basic/Tutorials/TutorialCreator.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/share/basic/Tutorials/TutorialOpen.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program
Files/LibreOffice/share/extensions/wiki-publisher/WikiEditor/Module1.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/LibreOffice/presets/basic/Standard/Module1.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Program Files/VideoLAN/VLC/plugins/demux/libmod_plugin.dll:
PUA.Win.Packer.AsylumMusicFile-1 FOUND
/mnt/windows/Program Files/VideoLAN/VLC/plugins/codec/libavcodec_plugin.dll:
PUA.Win.Packer.InterplaysMveFi-1 FOUND
/mnt/windows/Program Files/obs-studio/bin/64bit/avformat-61.dll:
PUA.Win.Packer.InterplaysMveFi-1 FOUND
/mnt/windows/Program Files/MAGIX/Movie Studio 2023
Platinum/Online/DM/setup.exe: PUA.Win.Packer.GlbsInstallStub-1 FOUND
/mnt/windows/Program Files/Mozilla Thunderbird/omni.ja:
Sanesecurity.Foxhole.Zip_fs186.UNOFFICIAL FOUND
/mnt/windows/Program Files/Mozilla Thunderbird/updated/omni.ja:
Sanesecurity.Foxhole.Zip_fs186.UNOFFICIAL FOUND
/mnt/windows/Program Files/Mozilla Thunderbird/xul.dll:
PUA.Win.Packer.Pseudosigner-96 FOUND
/mnt/windows/Program Files/Mozilla Thunderbird/updated/xul.dll:
PUA.Win.Packer.Pseudosigner-96 FOUND
/mnt/windows/Program Files/Trend
Micro/AMSP/resource/engine/c2t1073741856l1p5889r1o1/3.0.1004/TmMsg.dll.old:
PUA.Win.Trojan.Winlock-6629293-0 FOUND
/mnt/windows/Program Files/Trend Micro/AMSP/dump/20260228_124214Full.dmp:
Sanesecurity.Malware.26198.JsHeur.UNOFFICIAL FOUND
/mnt/windows/Program Files/Trend
Micro/AMSP/module/20013/7.7.1052/5.01.1105/TmMsg.dll:
PUA.Win.Trojan.Winlock-6629293-0 FOUND
/mnt/windows/Program Files/Trend
Micro/AMSP/module/20013/7.7.1052/5.01.1105/TmMsg/TmMsg.dll:
PUA.Win.Trojan.Winlock-6629293-0 FOUND
/mnt/windows/Program Files/Trend
Micro/Titanium/plugin/TMAS/TMAS_OL/x86/Redemption.dll:
PUA.Win.Adware.Dealply-6619244-0 FOUND
/mnt/windows/Program Files/Adobe/Acrobat DC/Acrobat/Acrobat.dll:
MiscreantPunch.EvilMacro.AOUEGTP.1.UNOFFICIAL FOUND
/mnt/windows/Program Files/Mozilla Firefox/xul.dll:
PUA.Win.Packer.Pseudosigner-96 FOUND
/mnt/windows/Program Files (x86)/Common
Files/VMware/InstallerCache/{C2E57BCF-B487-459D-A805-64CE6A806791}.msi:
Sanesecurity.Badmacro.Xls.credriv.UNOFFICIAL FOUND
/mnt/windows/Program Files (x86)/Common
Files/Acronis/Infrastructure/mms_mini.exe:
Sanesecurity.Malware.30484.UNOFFICIAL FOUND
/mnt/windows/Program Files (x86)/VMware/VMware Workstation/mkisofs.exe:
PUA.Win.Packer.MingwGcc-3 FOUND
/mnt/windows/Program Files (x86)/VMware/VMware Workstation/windows.iso:
Sanesecurity.Malware.28377.BadIso.cmd.UNOFFICIAL FOUND
/mnt/windows/Program Files (x86)/VMware/VMware Workstation/x64/EFI20-32.ROM:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Program Files
(x86)/TunnelBear/lib/vlc/plugins/codec/libavcodec_plugin.dll:
PUA.Win.Packer.InterplaysMveFi-1 FOUND
/mnt/windows/Program Files (x86)/NVIDIA
Corporation/PhysX/Common/cudart64_65.dll: PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Program Files
(x86)/CheckPoint/SmartConsole/R81.20/81.20.9700.633/TopoCalc.dll:
PUA.Win.Packer.NspackDotnetNor-2 FOUND
/mnt/windows/Program Files
(x86)/CheckPoint/SmartConsole/R81.20/81.20.9700.663/TopoCalc.dll:
PUA.Win.Packer.NspackDotnetNor-2 FOUND
/mnt/windows/Program Files
(x86)/CheckPoint/SmartConsole/R81.20/81.20.9700.663/data/Preview/Preview.tgz:
Sanesecurity.Foxhole.Zip_fn37.UNOFFICIAL FOUND
/mnt/windows/Program Files (x86)/Syslogd/uninst-Syslogd.exe:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/ProgramData/Microsoft/Windows Defender/Definition
Updates/Backup/mpengine.lkg: PUA.Win.Packer.Lzexe-1 FOUND
/mnt/windows/ProgramData/Microsoft/Windows Defender/Definition
Updates/Backup/mpengine.dll: PUA.Win.Packer.Lzexe-1 FOUND
/mnt/windows/ProgramData/Microsoft/Windows Defender/Definition
Updates/StableEngineEtwLocation/mpengine_etw.dll: PUA.Win.Packer.Lzexe-1 FOUND
/mnt/windows/ProgramData/Microsoft/Windows Defender/Definition
Updates/{37EEEF5D-7B1B-4004-BEC7-69CC1F1212A9}/mpengine.dll:
PUA.Win.Packer.Lzexe-1 FOUND
/mnt/windows/ProgramData/Acronis/TrueImageHome/Logs/collect_system_information/collect_system_information.0.log.gz:
PUA.Win.Exploit.CVE_2012_1461-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/ESET/ESETOnlineScanner/Modules/em003_32/1585/em003_32.dll:
PUA.Win.Trojan.Agent-37077 FOUND
/mnt/windows/Users/teoen/AppData/Local/ESET/ESETOnlineScanner/Modules/em003_32/1587/em003_32.dll:
PUA.Win.Packer.Petite-29 FOUND
/mnt/windows/Users/teoen/AppData/Local/Visual Watermark/unins000.exe:
PUA.Win.Packer.PrivateEXEProtector4-6192998-2 FOUND
/mnt/windows/Users/teoen/AppData/Local/ESET/ESETOnlineScanner/OldModules/em003_32/1585/em003_32.dll:
PUA.Win.Trojan.Agent-37077 FOUND
/mnt/windows/Users/teoen/AppData/Local/ESET/ESETOnlineScanner/OldModules/em003_32/1585/00/em003_32.dll:
PUA.Win.Trojan.Agent-37077 FOUND
/mnt/windows/Users/teoen/AppData/Local/Microsoft/Edge/User
Data/Default/Cache/Cache_Data/f_000511: Sanesecurity.Foxhole.GZip_js.UNOFFICIAL
FOUND
/mnt/windows/Users/teoen/AppData/Local/Microsoft/Edge/User
Data/Default/Cache/Cache_Data/f_000510: Sanesecurity.Foxhole.GZip_js.UNOFFICIAL
FOUND
/mnt/windows/Users/teoen/AppData/Local/Microsoft/OneDrive/26.026.0209.0004_1/avformat-62.dll:
PUA.Win.Packer.InterplaysMveFi-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Microsoft/OneDrive/26.026.0209.0004_1/vcruntime140.dll:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Users/teoen/AppData/Local/Microsoft/OneDrive/26.026.0209.0004_1/OneDriveSetup.exe:
PUA.Win.Packer.InterplaysMveFi-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Temp/ca7556b8-b4b8-494e-92bb-fcd4afa60499.tmp:
PUA.Win.Exploit.CVE_2012_1461-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Temp/HCBackup/hcpackage64.exe:
Sanesecurity.Foxhole.JS_7z.UNOFFICIAL FOUND
/mnt/windows/Users/teoen/AppData/Local/Packages/Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe/LocalState/EBWebView/Subresource
Filter/Unindexed Rules/10.34.0.80/Part-FR:
sigs.InterServer.net.HEX.Topline.blacklisted.domain.alemoney.xyz.610.UNOFFICIAL
FOUND
/mnt/windows/Users/teoen/AppData/Local/Packages/Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe/LocalState/EBWebView/component_crx_cache/ndikpojcjlepofdkaaldkinkjbeeebkl_1.5110A67904F33F66A66CC9BE4DD3DA419A596DE32DAAE8F62BAA998D3BE5CA83:
sigs.InterServer.net.HEX.Topline.blacklisted.domain.alemoney.xyz.610.UNOFFICIAL
FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0004b6: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_00013c: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_000179: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_00007d: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_000083: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_000084: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_00016c: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0000a0: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_00009a: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_00012b: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0000dd: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_000382: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_00009b: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0000f6: Sanesecurity.Foxhole.GZip_js.UNOFFICIAL
FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0004a9: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0001b6: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_000101: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_00012d: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_00012e: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0001d9: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_00017c: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_00017e: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_00018b: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_00019b: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0001c1: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_00021f: PUA.Html.Exploit.CVE_2012_0469-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0004a7: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0004ae: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_000509:
Sanesecurity.Foxhole.JS_Zip_1.UNOFFICIAL FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_00050d: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0004f2: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0004af: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0004b2: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0004b1: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_00037c: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_000430: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0004ce: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0004d0: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_000432: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0004d5: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Google/Chrome/User
Data/Default/Cache/Cache_Data/f_0004d7: PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/MainWindow_75AD616BF1F04DA9878FF44DD080A108/20260212T123716-6e2637cc9f~en/EBWebView/Default/Cache/Cache_Data/f_000006:
Sanesecurity.Foxhole.GZip_js.UNOFFICIAL FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_00004a:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_000050:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_000052:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_000030:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_00003b:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_000032:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_000016:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_000043:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_000028:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_000045:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_00003d:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_00002a:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_000009:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_00000b:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_000018:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/TeamViewer/EdgeBrowserControl/Persistent/518004909B1945429DCFDF9727D8D545/EBWebView/Default/Cache/Cache_Data/f_00004c:
PUA.Win.Trojan.Xored-1 FOUND
/mnt/windows/Users/teoen/AppData/Local/Mozilla/Firefox/Profiles/ew071oje.default-release/cache2/entries/D89446062D97357BF716AEE8F79733472532141F:
Sanesecurity.Foxhole.JS_Zip_11.UNOFFICIAL FOUND
/mnt/windows/Users/teoen/AppData/Roaming/Microsoft/Windows/Start
Menu/Programs/Windows PowerShell/Windows PowerShell.lnk:
Sanesecurity.Malware.28759.LnkHeur.UNOFFICIAL FOUND
/mnt/windows/Users/teoen/AppData/Roaming/Microsoft/Crypto/RSA/S-1-5-21-2217620653-848323090-3166081093-1001/83aa4cc77f591dfc2374580bbd95f6ba_7549921a-95d8-4825-99bd-887eabec12fd:
{MD5}java.backdoor.anno.6.UNOFFICIAL FOUND
/mnt/windows/Users/teoen/AppData/Roaming/LibreOffice/4/user/basic/Standard/Module1.xba:
PUA.Doc.Tool.LibreOfficeMacro-2 FOUND
/mnt/windows/Users/teoen/AppData/Roaming/Any Video
Converter/com.anvsoft.avc/native/avformat-60.dll:
PUA.Win.Packer.InterplaysMveFi-1 FOUND
/mnt/windows/Users/teoen/AppData/Roaming/Any Video
Converter/com.anvsoft.avc/native/Qt6Core.dll: PUA.Win.Packer.Pseudosigner-96
FOUND
/mnt/windows/Users/teoen/AppData/Roaming/Any Video
Converter/com.anvsoft.avc/native/lib/qt6/multimedia/ffmpegmediaplugin.dll:
PUA.Win.Packer.InterplaysMveFi-1 FOUND
/mnt/windows/Users/teoen/AppData/Roaming/thunderbird/Profiles/60ssxnij.default-release/ImapMail/mail.teo-en-ming.com/spam:
Sanesecurity.Phishing.Fake.31636.UNOFFICIAL FOUND
/mnt/windows/Users/teoen/AppData/Roaming/Mozilla/Firefox/Profiles/ew071oje.default-release/extensions/[email protected]:
Sanesecurity.Foxhole.JS_Zip_11.UNOFFICIAL FOUND
/mnt/windows/Users/teoen/Downloads/Advanced_IP_Scanner_2.5.4594.1 (1).exe:
PUA.Win.Packer.LyWgkx-2 FOUND
/mnt/windows/Users/teoen/Downloads/avc-free.exe:
Sanesecurity.Malware.28885.BadCo.UNOFFICIAL FOUND
/mnt/windows/Users/teoen/Downloads/Thunderbird Setup 137.0.1.exe:
Sanesecurity.Foxhole.JS_7z.UNOFFICIAL FOUND
/mnt/windows/Users/teoen/Downloads/Advanced_IP_Scanner_2.5.4594.1.exe:
PUA.Win.Packer.LyWgkx-2 FOUND
/mnt/windows/Windows/IME/IMEJP/help/IMJPCLE.CHM:
YARA.MSIETabularActivex.UNOFFICIAL FOUND
/mnt/windows/Windows/IME/IMEJP/help/IMJPCL.CHM:
YARA.MSIETabularActivex.UNOFFICIAL FOUND
/mnt/windows/Windows/IME/IMEJP/help/IMJPDT.CHM:
YARA.MSIETabularActivex.UNOFFICIAL FOUND
/mnt/windows/Windows/IME/IMEJP/help/IMJPDTE.CHM:
YARA.MSIETabularActivex.UNOFFICIAL FOUND
/mnt/windows/Windows/IME/IMEJP/help/IMJPPD.CHM:
YARA.MSIETabularActivex.UNOFFICIAL FOUND
/mnt/windows/Windows/IME/IMEJP/help/JPNPADEN.CHM:
YARA.MSIETabularActivex.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/a5a1d75.msi:
Sanesecurity.Badmacro.Xls.credriv.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/32e2c8a7.msi:
Sanesecurity.Badmacro.Xls.credriv.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/1565266.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/1565326.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/1f97169b.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/32e2c8a0.msi:
Sanesecurity.Badmacro.Xls.credriv.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/d69a7.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/628b1.msi:
Sanesecurity.Badmacro.Xls.credriv.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/1f9715c3.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/d6a68.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/3756bb9.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/3756c68.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/1c957384.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/18829.msi:
Sanesecurity.Badmacro.Xls.credriv.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/46a444d0.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/b5056d4.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/b50579b.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/f9331f.msi:
Sanesecurity.Badmacro.Xls.credriv.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/349cc.msi:
Sanesecurity.Badmacro.Xls.credriv.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/339bae82.msi:
Sanesecurity.Badmacro.Xls.credriv.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/MSI49E.tmp:
Sanesecurity.Foxhole.Zip_exe.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/46a445bf.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/f11aafd.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/f11abbc.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/339bb055.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/2c5acab8.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/389ad283.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/318de54b.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/cd10289.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/389ad43d.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/167160.msi: PUA.Win.Packer.LyWgkx-2 FOUND
/mnt/windows/Windows/Installer/325ed1ad.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/325ed0e0.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/167287.msp:
Sanesecurity.Badmacro.XlsM.Urlmon1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/$PatchCache$/Managed/68AB67CA330133017706CB5110E47A00/21.1.20135/Acrobat.dll:
MiscreantPunch.EvilMacro.AOUEGTP.1.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/$PatchCache$/Managed/68AB67CA330133017706CB5110E47A00/21.1.20135/SingleClientServicesUpdater.exe:
Sanesecurity.Foxhole.JS_7z.UNOFFICIAL FOUND
/mnt/windows/Windows/Installer/$PatchCache$/Managed/68AB67CA330133017706CB5110E47A00/21.1.20135/libcef.dll:
PUA.Win.Packer.Pseudosigner-96 FOUND
/mnt/windows/Windows/System32/NlsLexicons0009.dll: PUA.Win.Packer.LyWgkx-2 FOUND
/mnt/windows/Windows/System32/getmac.exe: PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/System32/NL7Data0804.dll: PUA.Win.Packer.Pseudosigner-96
FOUND
/mnt/windows/Windows/System32/config/SOFTWARE:
YARA.MSIETabularActivex.UNOFFICIAL FOUND
/mnt/windows/Windows/System32/drivers/mssmbios.sys: PUA.Win.Packer.Pequake-4
FOUND
/mnt/windows/Windows/System32/drivers/npsvctrig.sys: PUA.Win.Packer.Pequake-4
FOUND
/mnt/windows/Windows/System32/drivers/AMDPCIDev.sys: PUA.Win.Packer.Pequake-4
FOUND
/mnt/windows/Windows/System32/drivers/EhStorClass.sys: PUA.Win.Packer.Pequake-4
FOUND
/mnt/windows/Windows/System32/DriverStore/FileRepository/genpass.inf_amd64_0c82d80c9252c9bd/genpass.sys:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/System32/DriverStore/FileRepository/mssmbios.inf_amd64_3b543e16c86a5331/mssmbios.sys:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/System32/DriverStore/FileRepository/npsvctrig.inf_amd64_d94cf1b3e0fa7b40/npsvctrig.sys:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/System32/DriverStore/FileRepository/umpass.inf_amd64_06e016c9ffecbf73/umpass.sys:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/System32/DriverStore/FileRepository/hdxgigabyte.inf_amd64_b3e38368040ef911/RTAIODAT.DAT:
PUA.Win.Packer.SiliconRealmsIn-2 FOUND
/mnt/windows/Windows/System32/DriverStore/FileRepository/nvmdsi.inf_amd64_549a2560cdb75bc2/Display.NvContainer/plugins/Session/wksServicePlugin.dll:
PUA.Win.Packer.NspackDotnetNor-2 FOUND
/mnt/windows/Windows/System32/DriverStore/FileRepository/amdpcidev.inf_amd64_07eabc68f3f8029e/AMDPCIDev.sys:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/System32/HealthAttestationClient/vcruntime140.dll:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/SysWOW64/html.iec: PUA.Win.Packer.BorlandDelphiKo-1 FOUND
/mnt/windows/Windows/SysWOW64/NL7Data0804.dll: PUA.Win.Packer.Pseudosigner-96
FOUND
/mnt/windows/Windows/WinSxS/amd64_dual_genpass.inf_31bf3856ad364e35_10.0.26100.1150_none_920869b2ca5ff0da/genpass.sys:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/WinSxS/amd64_dual_mssmbios.inf_31bf3856ad364e35_10.0.26100.1_none_8d21bf4089718c78/mssmbios.sys:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/WinSxS/amd64_dual_npsvctrig.inf_31bf3856ad364e35_10.0.26100.1150_none_1cab90dd9af9d563/npsvctrig.sys:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/WinSxS/amd64_dual_umpass.inf_31bf3856ad364e35_10.0.26100.1150_none_68f2c112fe9072ae/umpass.sys:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft-windows-d..s-ime-japanese-help_31bf3856ad364e35_10.0.26100.1_none_6efbcc9df47cfbae/IMJPDT.CHM:
YARA.MSIETabularActivex.UNOFFICIAL FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft-windows-d..s-ime-japanese-help_31bf3856ad364e35_10.0.26100.1_none_6efbcc9df47cfbae/IMJPDTE.CHM:
YARA.MSIETabularActivex.UNOFFICIAL FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft-windows-d..s-ime-japanese-help_31bf3856ad364e35_10.0.26100.1_none_6efbcc9df47cfbae/IMJPCLE.CHM:
YARA.MSIETabularActivex.UNOFFICIAL FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft-windows-d..s-ime-japanese-help_31bf3856ad364e35_10.0.26100.1_none_6efbcc9df47cfbae/IMJPCL.CHM:
YARA.MSIETabularActivex.UNOFFICIAL FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft-windows-d..s-ime-japanese-help_31bf3856ad364e35_10.0.26100.1_none_6efbcc9df47cfbae/JPNPADEN.CHM:
YARA.MSIETabularActivex.UNOFFICIAL FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft-windows-d..s-ime-japanese-help_31bf3856ad364e35_10.0.26100.1_none_6efbcc9df47cfbae/IMJPPD.CHM:
YARA.MSIETabularActivex.UNOFFICIAL FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft-windows-e..storage-classdriver_31bf3856ad364e35_10.0.26100.1150_none_f9d6e5ca1c6acbdf/EhStorClass.sys:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft-windows-getmac_31bf3856ad364e35_10.0.26100.1_none_08f23f1b0a87acee/getmac.exe:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft-windows-naturallanguage6-0009_31bf3856ad364e35_10.0.26100.1150_none_d9c82cac115976c0/NlsLexicons0009.dll:
PUA.Win.Packer.LyWgkx-2 FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft-windows-unix-socket-provider_31bf3856ad364e35_10.0.26100.1150_none_e99cd5218e65c513/afunix.sys:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft.windows.powershell.common_31bf3856ad364e35_10.0.26100.1_none_2dd2f8b883c5b765/Windows
PowerShell.lnk: Sanesecurity.Malware.28759.LnkHeur.UNOFFICIAL FOUND
/mnt/windows/Windows/WinSxS/amd64_windows-defender-am-engine_31bf3856ad364e35_10.0.26100.1_none_fc1f03fc1ecd9d6b/MpEngine.dll:
PUA.Win.Packer.Lzexe-1 FOUND
/mnt/windows/Windows/WinSxS/Backup/amd64_microsoft-windows-e..storage-classdriver_31bf3856ad364e35_10.0.26100.4484_none_f9b921761c80c9b0_ehstorclass.sys_e7c48eda:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/WinSxS/wow64_microsoft-windows-i..mlconverter-enduser_31bf3856ad364e35_10.0.26100.1_none_5c1a98715abdeb17/html.iec:
PUA.Win.Packer.BorlandDelphiKo-1 FOUND
/mnt/windows/Windows/WinSxS/wow64_microsoft-windows-i..mlconverter-enduser_31bf3856ad364e35_10.0.26100.1882_none_fac56461a2517bf3/html.iec:
PUA.Win.Packer.BorlandDelphiKo-1 FOUND
/mnt/windows/Windows/WinSxS/wow64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_10.0.26100.1_none_bf9ba9b8ca391b0e/mswsock.dll:
PUA.Win.File.Pemalform-9786668-0 FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft-windows-naturallanguage6-0009_31bf3856ad364e35_10.0.26100.3912_none_d96d8260119e1e7c/NlsLexicons0009.dll:
PUA.Win.Packer.LyWgkx-2 FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft-windows-e..storage-classdriver_31bf3856ad364e35_10.0.26100.4484_none_f9b921761c80c9b0/EhStorClass.sys:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft-windows-healthattestation-csp_31bf3856ad364e35_10.0.26100.7309_none_c6e5e09d6b555120/vcruntime140.dll:
PUA.Win.Packer.Pequake-4 FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft-windows-w..-chinese_simplified_31bf3856ad364e35_10.0.26100.7309_none_c7c9eae0fbdefde0/NL7Data0804.dll:
PUA.Win.Packer.Pseudosigner-96 FOUND
/mnt/windows/Windows/WinSxS/wow64_microsoft-windows-w..-chinese_simplified_31bf3856ad364e35_10.0.26100.7309_none_d21e9533303fbfdb/NL7Data0804.dll:
PUA.Win.Packer.Pseudosigner-96 FOUND
/mnt/windows/Windows/WinSxS/wow64_microsoft-windows-w..-chinese_simplified_31bf3856ad364e35_10.0.26100.1_none_3346500ae8cce31b/NL7Data0804.dll:
PUA.Win.Packer.Pseudosigner-96 FOUND
/mnt/windows/Windows/WinSxS/amd64_microsoft-windows-w..-chinese_simplified_31bf3856ad364e35_10.0.26100.1150_none_c7e54dcefbc96f1e/NL7Data0804.dll:
PUA.Win.Packer.Pseudosigner-96 FOUND
/mnt/windows/Windows/ServiceProfiles/NetworkService/AppData/Roaming/Microsoft/Windows/Start
Menu/Programs/Windows PowerShell/Windows PowerShell.lnk:
Sanesecurity.Malware.28759.LnkHeur.UNOFFICIAL FOUND
/mnt/windows/Windows/ServiceProfiles/LocalService/AppData/Roaming/Microsoft/Windows/Start
Menu/Programs/Windows PowerShell/Windows PowerShell.lnk:
Sanesecurity.Malware.28759.LnkHeur.UNOFFICIAL FOUND
----------- SCAN SUMMARY -----------
Infected files: 349
Time: 20237.374 sec (337 m 17 s)
Start Date: 2026:03:12 01:16:38
End Date: 2026:03:12 06:53:55
Looking forward to your advice.
Thank you.
Regards,
Mr. Turritopsis Dohrnii Teo En Ming
Extremely Democratic People's Republic of Singapore
12 Mar 2026 Thursday 3.06 pm Singapore Time
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
