Tuesday 27 October 2009

Active Security rogue

Another rogue, dubbed Active Security:



Here's a FreeFixer log of the infected system. Malware files appear in red:
FreeFixer v0.48 log
http://www.freefixer.com/
Operating system: Windows XP Service Pack 2
Log dated 2009-10-27 17:57


Registry Startups (3 whitelisted)
HKCU\..\Run, wow64main.exe = C:\DOCUME~1\roger\LOCALS~1\Temp\wow64main.exe
HKCU\..\Run, Active Security = "C:\Program Files\Active Security\asecurity.exe" -noscan

Processes (23 whitelisted)
C:\Program Files\FreeFixer\freefixer.exe
C:\DOCUME~1\roger\LOCALS~1\Temp\wow64main.exe
C:\DOCUME~1\roger\LOCALS~1\Temp\wscsvc32.exe
C:\Program Files\Active Security\asecurity.exe

..

No comments:

Post a Comment