Software: Microsoft-IIS/10.0. PHP/7.4.33 uname -a: Windows NT LAKE 10.0 build 20348 (Windows Server 2016) AMD64 IWPD_801(traduongco) Safe-mode: OFF (not secure) C:\ProgramData\Bitdefender\Endpoint Security\Logs\appctrl\ drwxrwxrwx | |
| Viewing file: Select action/file-type: ========================== EVENTS STARTED ==========================
{
"type": "inventory_started",
"details": 0,
"datetime": "2024\/11\/16 13:00:56"
}
{
"type": "inventory_finished",
"details": 0,
"datetime": "2024\/11\/16 13:00:56",
"elapsed": 1642,
"volumes": 3,
"total_files": 68226,
"pe_files": 11523,
"unique_pe_files": 10320,
"signed_pe_files": 8595,
"stopped": true
}
========================== EVENTS STARTED ==========================
{
"type": "app",
"details": 0,
"matched": false,
"category_id": 0,
"group_id": 0,
"rule_id": 0,
"inherited": false,
"action_result": "deny",
"status": "production",
"file_path": "Registry",
"cmd_line": "",
"pid": 216,
"parents":
[
],
"fingerprint": ""
}
{
"type": "app",
"details": 0,
"matched": false,
"category_id": 0,
"group_id": 0,
"rule_id": 0,
"inherited": false,
"action_result": "deny",
"status": "production",
"file_path": "C:\\Program Files (x86)\\Persits Software\\AspEmail\\Bin\\EmailAgent.exe",
"cmd_line": "\"C:\\Program Files (x86)\\Persits Software\\AspEmail\\Bin\\EmailAgent.exe\" \/run",
"pid": 3580,
"parents":
[
{
"path": "C:\\Windows\\System32\\services.exe",
"cmd_line": "C:\\WINDOWS\\system32\\services.exe",
"pid": 872,
"fingerprint": "E07F0B000000000058A3CEDA651E313390B8C3194E7AB35C7BA33126DDE9DEB4ACAE51A315BF5AA5",
"thumbprints":
[
"9CE005653E7DEA05CA7779EA36DF567B9E3769B716C91229BC553D9A66624FA0",
"AEC8B67481DFCD2B03398CF9C9439E80EF3E75D407FB0753F9E6C548BC3B5EFF"
]
},
{
"path": "C:\\Windows\\System32\\wininit.exe",
"cmd_line": "wininit.exe",
"pid": 964,
"fingerprint": "70A90800000000003F15B3F1835C3E8358140CF38E4D712D269C24388660BBF33BFE375EE82B6F5F",
"thumbprints":
[
"9CE005653E7DEA05CA7779EA36DF567B9E3769B716C91229BC553D9A66624FA0",
"AEC8B67481DFCD2B03398CF9C9439E80EF3E75D407FB0753F9E6C548BC3B5EFF"
]
}
],
"fingerprint": "00F0010000000000F698CE71BC390A07C8A86DD82E3C5F224BB53FB9D1781E3B86A9886A97FEEBDE"
}
{
"type": "updater",
"details": 2,
"category_id": 4000,
"group_id": 1,
"rule_id": 1,
"inherited": false,
"status": "production",
"file_path": "C:\\Program Files\\Bitdefender\\Endpoint Security\\installer\\installer.exe",
"cmd_line": "\"C:\\Program Files\\Bitdefender\\Endpoint Security\\installer\\installer.exe\" \/locations \"C:\\Program Files\\Bitdefender\\Endpoint Security\\update_components.xml\" \/scripts \/trace \/check_extra_scripts \/no_restart \/tracewslib",
"pid": 28612,
"parents":
[
],
"fingerprint": "F87E0A0000000000D94B86C29D3EBC60C5217845DDC093FB7A40C8AC2E27226C8652C7A43583F05F",
"thumbprints":
[
"266513A970F00CA04E6B2B1AA4B49CD6D5652C7F9830EA02FB9D0F211E700BAF"
],
"user_sid": "S-1-5-18",
"publisher": "Bitdefender",
"product_name": "Endpoint Security",
"product_version": "7.9.17.451",
"file_version": "4.0.24.207",
"file_size": 687864,
"file_description": "Endpoint Update Installer"
}
{
"type": "updater",
"details": 2,
"category_id": 4000,
"group_id": 1,
"rule_id": 1,
"inherited": false,
"status": "production",
"file_path": "C:\\Program Files\\Bitdefender\\Endpoint Security\\bdredline.exe",
"cmd_line": "\"C:\\Program Files\\Bitdefender\\Endpoint Security\\bdredline.exe\"",
"pid": 9836,
"parents":
[
{
"path": "C:\\Windows\\System32\\services.exe",
"cmd_line": "C:\\WINDOWS\\system32\\services.exe",
"pid": 872,
"fingerprint": "E07F0B000000000058A3CEDA651E313390B8C3194E7AB35C7BA33126DDE9DEB4ACAE51A315BF5AA5",
"thumbprints":
[
"9CE005653E7DEA05CA7779EA36DF567B9E3769B716C91229BC553D9A66624FA0",
"AEC8B67481DFCD2B03398CF9C9439E80EF3E75D407FB0753F9E6C548BC3B5EFF"
]
},
{
"path": "C:\\Windows\\System32\\wininit.exe",
"cmd_line": "wininit.exe",
"pid": 964,
"fingerprint": "70A90800000000003F15B3F1835C3E8358140CF38E4D712D269C24388660BBF33BFE375EE82B6F5F",
"thumbprints":
[
"9CE005653E7DEA05CA7779EA36DF567B9E3769B716C91229BC553D9A66624FA0",
"AEC8B67481DFCD2B03398CF9C9439E80EF3E75D407FB0753F9E6C548BC3B5EFF"
]
}
],
"fingerprint": "9843290000000000A540C90572EB2E4E5079732958DF04C20809AB94A462C6B5650876816DFC2FA8",
"thumbprints":
[
"266513A970F00CA04E6B2B1AA4B49CD6D5652C7F9830EA02FB9D0F211E700BAF"
],
"user_sid": "S-1-5-18",
"publisher": "Bitdefender",
"product_name": "Endpoint Security",
"product_version": "7.9.17.449",
"file_version": "1.0.1.130",
"file_size": 2704280,
"file_description": "Host for Endpoint Security"
}
{
"type": "updater",
"details": 2,
"category_id": 4000,
"group_id": 1,
"rule_id": 1,
"inherited": false,
"status": "production",
"file_path": "C:\\Program Files\\Bitdefender\\Endpoint Security\\redline_eps_64\\redpatch0.exe",
"cmd_line": "\"\\\\?\\C:\\Program Files\\Bitdefender\\Endpoint Security\\redline_eps_64\\redpatch0.exe\"",
"pid": 22188,
"parents":
[
{
"path": "C:\\Program Files\\Bitdefender\\Endpoint Security\\bdredline.exe",
"cmd_line": "\"C:\\Program Files\\Bitdefender\\Endpoint Security\\bdredline.exe\"",
"pid": 9836,
"fingerprint": "9843290000000000A540C90572EB2E4E5079732958DF04C20809AB94A462C6B5650876816DFC2FA8",
"thumbprints":
[
"266513A970F00CA04E6B2B1AA4B49CD6D5652C7F9830EA02FB9D0F211E700BAF"
]
},
{
"path": "C:\\Windows\\System32\\services.exe",
"cmd_line": "C:\\WINDOWS\\system32\\services.exe",
"pid": 872,
"fingerprint": "E07F0B000000000058A3CEDA651E313390B8C3194E7AB35C7BA33126DDE9DEB4ACAE51A315BF5AA5",
"thumbprints":
[
"9CE005653E7DEA05CA7779EA36DF567B9E3769B716C91229BC553D9A66624FA0",
"AEC8B67481DFCD2B03398CF9C9439E80EF3E75D407FB0753F9E6C548BC3B5EFF"
]
},
{
"path": "C:\\Windows\\System32\\wininit.exe",
"cmd_line": "wininit.exe",
"pid": 964,
"fingerprint": "70A90800000000003F15B3F1835C3E8358140CF38E4D712D269C24388660BBF33BFE375EE82B6F5F",
"thumbprints":
[
"9CE005653E7DEA05CA7779EA36DF567B9E3769B716C91229BC553D9A66624FA0",
"AEC8B67481DFCD2B03398CF9C9439E80EF3E75D407FB0753F9E6C548BC3B5EFF"
]
}
],
"fingerprint": "C0B010000000000099858AF2AB0061760D970532A387E2D00393CE6AA2EE21103D6E9AF877C6523C",
"thumbprints":
[
"266513A970F00CA04E6B2B1AA4B49CD6D5652C7F9830EA02FB9D0F211E700BAF"
],
"user_sid": "S-1-5-18",
"publisher": "Bitdefender",
"product_name": "Endpoint Security",
"product_version": "1.1.2.76",
"file_version": "1.1.2.76",
"file_size": 1093824,
"file_description": "redpatch0.exe"
}
{
"type": "updater",
"details": 2,
"category_id": 4000,
"group_id": 1,
"rule_id": 1,
"inherited": false,
"status": "production",
"file_path": "C:\\Program Files\\Bitdefender\\Endpoint Security\\EPConsole.exe",
"cmd_line": "\"C:\\Program Files\\Bitdefender\\Endpoint Security\\installer\\..\\EPConsole.exe\" \/hidden",
"pid": 18936,
"parents":
[
{
"path": "C:\\Program Files\\Bitdefender\\Endpoint Security\\installer\\installer.exe",
"cmd_line": "\"C:\\Program Files\\Bitdefender\\Endpoint Security\\installer\\installer.exe\" \/locations \"C:\\Program Files\\Bitdefender\\Endpoint Security\\update_components.xml\" \/scripts \/trace \/check_extra_scripts \/no_restart \/tracewslib",
"pid": 28612,
"fingerprint": "F87E0A0000000000D94B86C29D3EBC60C5217845DDC093FB7A40C8AC2E27226C8652C7A43583F05F",
"thumbprints":
[
"266513A970F00CA04E6B2B1AA4B49CD6D5652C7F9830EA02FB9D0F211E700BAF"
]
}
],
"fingerprint": "F0D20E0000000000CA187FE98A8079238A73F296A54B17BF1D43D3333D429D29715DFE962853FD2D",
"thumbprints":
[
"266513A970F00CA04E6B2B1AA4B49CD6D5652C7F9830EA02FB9D0F211E700BAF"
],
"user_sid": "S-1-5-18",
"publisher": "Bitdefender",
"product_name": "Endpoint Security",
"product_version": "7.9.17.449",
"file_version": "7.9.17.449",
"file_size": 971504,
"file_description": "Endpoint Security Console"
}
{
"type": "updater",
"details": 2,
"category_id": 4000,
"group_id": 1,
"rule_id": 1,
"inherited": false,
"status": "production",
"file_path": "C:\\Program Files\\Bitdefender\\Endpoint Security\\EPUpdateService.exe",
"cmd_line": "\"C:\\Program Files\\Bitdefender\\Endpoint Security\\EPUpdateService.exe\" \/service",
"pid": 24320,
"parents":
[
{
"path": "C:\\Windows\\System32\\services.exe",
"cmd_line": "C:\\WINDOWS\\system32\\services.exe",
"pid": 872,
"fingerprint": "E07F0B000000000058A3CEDA651E313390B8C3194E7AB35C7BA33126DDE9DEB4ACAE51A315BF5AA5",
"thumbprints":
[
"9CE005653E7DEA05CA7779EA36DF567B9E3769B716C91229BC553D9A66624FA0",
"AEC8B67481DFCD2B03398CF9C9439E80EF3E75D407FB0753F9E6C548BC3B5EFF"
]
},
{
"path": "C:\\Windows\\System32\\wininit.exe",
"cmd_line": "wininit.exe",
"pid": 964,
"fingerprint": "70A90800000000003F15B3F1835C3E8358140CF38E4D712D269C24388660BBF33BFE375EE82B6F5F",
"thumbprints":
[
"9CE005653E7DEA05CA7779EA36DF567B9E3769B716C91229BC553D9A66624FA0",
"AEC8B67481DFCD2B03398CF9C9439E80EF3E75D407FB0753F9E6C548BC3B5EFF"
]
}
],
"fingerprint": "30740200000000001AD286D1B3F2F52244C78B95A90428745320443ABBD8A85A77B43CA0CFB7F575",
"thumbprints":
[
"266513A970F00CA04E6B2B1AA4B49CD6D5652C7F9830EA02FB9D0F211E700BAF"
],
"user_sid": "S-1-5-18",
"publisher": "Bitdefender",
"product_name": "Endpoint Security",
"product_version": "7.9.14.426",
"file_version": "7.9.14.426",
"file_size": 160816,
"file_description": "Host for Endpoint Security"
}
{
"type": "updater",
"details": 2,
"category_id": 4000,
"group_id": 1,
"rule_id": 1,
"inherited": false,
"status": "production",
"file_path": "C:\\Program Files\\Bitdefender\\Endpoint Security\\EPProtectedService.exe",
"cmd_line": "\"C:\\Program Files\\Bitdefender\\Endpoint Security\\EPProtectedService.exe\" \/service",
"pid": 1568,
"parents":
[
{
"path": "C:\\Windows\\System32\\services.exe",
"cmd_line": "C:\\WINDOWS\\system32\\services.exe",
"pid": 872,
"fingerprint": "E07F0B000000000058A3CEDA651E313390B8C3194E7AB35C7BA33126DDE9DEB4ACAE51A315BF5AA5",
"thumbprints":
[
"9CE005653E7DEA05CA7779EA36DF567B9E3769B716C91229BC553D9A66624FA0",
"AEC8B67481DFCD2B03398CF9C9439E80EF3E75D407FB0753F9E6C548BC3B5EFF"
]
},
{
"path": "C:\\Windows\\System32\\wininit.exe",
"cmd_line": "wininit.exe",
"pid": 964,
"fingerprint": "70A90800000000003F15B3F1835C3E8358140CF38E4D712D269C24388660BBF33BFE375EE82B6F5F",
"thumbprints":
[
"9CE005653E7DEA05CA7779EA36DF567B9E3769B716C91229BC553D9A66624FA0",
"AEC8B67481DFCD2B03398CF9C9439E80EF3E75D407FB0753F9E6C548BC3B5EFF"
]
}
],
"fingerprint": "30740200000000001AD286D1B3F2F52244C78B95A90428745320443ABBD8A85A77B43CA0CFB7F575",
"thumbprints":
[
"266513A970F00CA04E6B2B1AA4B49CD6D5652C7F9830EA02FB9D0F211E700BAF"
],
"user_sid": "S-1-5-18",
"publisher": "Bitdefender",
"product_name": "Endpoint Security",
"product_version": "7.9.14.426",
"file_version": "7.9.14.426",
"file_size": 160816,
"file_description": "Host for Endpoint Security"
}
{
"type": "updater",
"details": 2,
"category_id": 4000,
"group_id": 1,
"rule_id": 1,
"inherited": false,
"status": "production",
"file_path": "C:\\Program Files\\Bitdefender\\Endpoint Security\\EPIntegrationService.exe",
"cmd_line": "\"C:\\Program Files\\Bitdefender\\Endpoint Security\\EPIntegrationService.exe\" \/service",
"pid": 5372,
"parents":
[
{
"path": "C:\\Windows\\System32\\services.exe",
"cmd_line": "C:\\WINDOWS\\system32\\services.exe",
"pid": 872,
"fingerprint": "E07F0B000000000058A3CEDA651E313390B8C3194E7AB35C7BA33126DDE9DEB4ACAE51A315BF5AA5",
"thumbprints":
[
"9CE005653E7DEA05CA7779EA36DF567B9E3769B716C91229BC553D9A66624FA0",
"AEC8B67481DFCD2B03398CF9C9439E80EF3E75D407FB0753F9E6C548BC3B5EFF"
]
},
{
"path": "C:\\Windows\\System32\\wininit.exe",
"cmd_line": "wininit.exe",
"pid": 964,
"fingerprint": "70A90800000000003F15B3F1835C3E8358140CF38E4D712D269C24388660BBF33BFE375EE82B6F5F",
"thumbprints":
[
"9CE005653E7DEA05CA7779EA36DF567B9E3769B716C91229BC553D9A66624FA0",
"AEC8B67481DFCD2B03398CF9C9439E80EF3E75D407FB0753F9E6C548BC3B5EFF"
]
}
],
"fingerprint": "30740200000000001AD286D1B3F2F52244C78B95A90428745320443ABBD8A85A77B43CA0CFB7F575",
"thumbprints":
[
"266513A970F00CA04E6B2B1AA4B49CD6D5652C7F9830EA02FB9D0F211E700BAF"
],
"user_sid": "S-1-5-18",
"publisher": "Bitdefender",
"product_name": "Endpoint Security",
"product_version": "7.9.14.426",
"file_version": "7.9.14.426",
"file_size": 160816,
"file_description": "Host for Endpoint Security"
}
|
:: Command execute :: | |
--[ c99shell v. 2.1 [PHP 8 Update] [02.02.2022] maintained byC99Shell Github | Generation time: 1.6229 ]-- |