16.05.2013, 20:24
Fakeav_System Care Antivirus
należący do rodziny WinWebSec
należący do rodziny WinWebSec
Treść widoczna jedynie dla zarejestrowanych użytkowników
[Aby zobaczyć linki, zarejestruj się tutaj]
Kod:
Defined file type created: C:\ProgramData\3868341E525B886100003867FBBF919C\3868341E525B886100003867FBBF919C.exe\0b0a6e1fd95da6f03a650dfb889cbc62.exe
Defined registry AutoStart location created or modified: machine\System\CurrentControlSet\Services\luafv\Start = 00000004
Defined registry AutoStart location created or modified: machine\System\CurrentControlSet\Services\wuauserv\Start = 00000004
Defined registry AutoStart location created or modified: user\current\software\Microsoft\Windows\CurrentVersion\RunOnce\3868341E525B886100003867
Security Center settings change: machine\software\microsoft\security center\antivirusdisablenotify = 00000001
Security Center settings change: machine\software\microsoft\security center\antivirusoverride = 00000001
Security Center settings change: machine\software\microsoft\security center\firewalldisablenotify = 00000001
Security Center settings change: machine\software\microsoft\security center\firewalloverride = 00000001
Security Center settings change: machine\software\microsoft\security center\svc\antivirusdisablenotify = 00000001
Security Center settings change: machine\software\microsoft\security center\svc\antivirusoverride = 00000001
Security Center settings change: machine\software\microsoft\security center\svc\firewalldisablenotify = 00000001
Security Center settings change: machine\software\microsoft\security center\svc\firewalloverride = 00000001
Security Center settings change: machine\software\microsoft\security center\svc\updatesdisablenotify = 00000001
Security Center settings change: machine\software\microsoft\security center\updatesdisablenotify = 00000001
Slept over 2 minutes
System Restore change: machine\software\microsoft\windows nt\currentversion\systemrestore\rpsessioninterval = empty value key
Internet connection: C:\Users\tachion\Desktop\0b0a6e1fd95da6f03a650dfb889cbc62.exe Connects to "175.41.29.181" on port 80 (TCP - HTTP)