Windows 10: Opened Website Seemingly Flagged as Malicious due to Process Injection on Phone- is my PC...

so I've opened articles from this tech blogging website called Medium.com in the past, and they have always turned up Clean on HybridAnalysis; however, today while on my iphone, I accidentally clicked enter on the autofill which brought me to the homepage of Medium.com which I clicked off quickly, just due to anxietyI then ran Medium.com through HybridAnalysis on both my phone and PC under a "Windows 10 scenario" I did not go to the website on my PC, I clicked the 3 dots on the search result and copied the link from there and it was flagged as Malicious, with 4 Malicious Indicators, despite

:)

 

OneDriveUpdateTask.exe being flagged as malicious

Hello, my PC is constantly executing the file "OneDriveUpdateTask.exe", which is creating temporary files that are being flagged as malicious by my antivirus software. I'm not sure if these are actually malicious or false flagged. Thank you for your time.

 

system32 DLLs flagged as malicious

I downloaded Autoruns to help me identify malware on my computer. My computer is experiencing incoming and outgoing connections to IPs that are flagged as malicious by Virustotal and/or AbuseIPDB. In addition to dropped connections.

Initially 14 microsoft files were flagged as malicious by Virustotal.

Msiexec.exe. Trojan.generic.c1.70. sangfor engine zero.

ipsecsvc.dll.malicious

Rasmans.dll. malicious. SecureAge

Scardsvr.dll. malicious

Schedsvc.dll.malicious

Sessenv.dll. malicious

umrdp.dll. malicious

Workfoldersshell.dll. malicious

gatherNetworkInfo.vbs. McAfee-GW-edition. BehavesLike.VBS.backdoor.mp.

Appxdeploymentservrr.dll. malicious

Bcastdvruserservice.dll. malicious

dcsvc.dll. malicious

ngccredprov.dll. malicious

Updatepolicy.dll. malicious

Here is the interesting part. I did a reformat and windows 10 pro 21H2 install. 9 of the above had no detections post install. gathernetworkinfo.vbc, ipsecsvc.dll, ngccredprov.dll were malicious. Three new dlls were flagged: installservicetasks.fll, smsroutersvc.dll, & xblauthmanager.dll. dcsvc.dll disappeared. I forgot to check updatepolicy.dll. I thought this is great progress. I discovered 21H2 19044.1288 was

not the latest so I upgraded in place to 22H2. I thought after this upgrade there would be no more detections.

After updates my current version is 22H2 19045.3208. Here is the bad news. 9 dlls that had no detections now have detections. Sessenv.dll still has no detection. Smsroutersvc.dll, xblauthmanager.dll, and installservicetasks.dll no longer have any detections. Updatepolicy.dll has no detection. Gathernetworkinfo.vbs , ipsecsvc.dll, and ngccredprov.dll still have detections. These results seem to rule out false positive.

I need clean versions of the dlls. There may be more dlls that are malicious.

I downloaded from www.microsoft.com/en-us/software-download/windows10

Thanks

 

Supported phones for Windows 10 Mobile Insider Preview Mobile

Your list confirms my phone is eligible, Lumia 521. The windows Insider App fails after ~ 15 seconds, restores data and gives me error 80073cf9. I trouble shot this and went thru all the steps mentioned on several websites including MS without any luck. Short of a hard reset, this is where I am now. Suggestions appreciated.