Opens the Kernel Security Device Driver (KsecDD) of Windows "" (Access type: "SETVAL", Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS", Key: "PROXYOVERRIDE", Value: "") "" (Access type: "SETVAL", Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS", Key: "PROXYENABLE", Value: "01000000") "" (Access type: "DELETEVAL", Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS", Key: "PROXYOVERRIDE") "" (Access type: "DELETEVAL", Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS", Key: "PROXYSERVER") "" (Access type: "SETVAL", Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS", Key: "PROXYENABLE", Value: "00000000") "" (Access type: "DELETEVAL", Path: "HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP", Key: "PROXYBYPASS") "" (Access type: "DELETEVAL", Path: "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP", Key: "PROXYBYPASS") "" created file "C:\Windows\System32\en-US\"
"" created file "C:\Windows\system32\tzres.dll" "" created file "C:\Windows\System32\mshtml.tlb" "" created file "C:\Windows\system32\en-US\" "" created file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QA0UPEJW\icomoon" "" created file "C:\Windows\system32\rsaenh.dll" "" created file "C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S9Y0GKU4\main" "" created file "%LOCALAPPDATA%\Microsoft\Windows\History\History.IE5\index.dat" "" created file "%APPDATA%\Microsoft\Windows\Cookies\index.dat"
"" created file "%APPDATA%\Microsoft\Windows\Cookies" "" created file "C:\Windows\Globalization\Sorting\s" "" created file "C:\Windows\system32\OLEACCRC.DLL" Found malicious artifacts related to "109.228.19.44" (ASN: 15418, Owner: Fasthosts Internet Ltd.
0 kommentar(er)
