Wednesday, 28 October 2009

Windows Police Pro

Another day, another rogue. This one is called Windows Police Pro:



Here's a FreeFixer log from the infected computer. Malware files appear in red:
FreeFixer v0.48 log
http://www.freefixer.com/
Operating system: Windows XP Service Pack 2
Log dated 2009-10-27 18:28


Registry Startups (3 whitelisted)
HKCU\..\Run, inixs = C:\WINDOWS\system32\minix32.exe

Processes (18 whitelisted)
C:\WINDOWS\system32\minix32.exe
C:\Program Files\FreeFixer\freefixer.exe

Recently created/modified files (18 whitelisted)
2 minutes, c:\WINDOWS\system32\pump.exe
3 minutes, c:\WINDOWS\svchast.exe
3 minutes, c:\WINDOWS\system32\plugie.dll
3 minutes, c:\Program Files\Windows Police Pro\Windows Police Pro.exe
3 minutes, c:\Program Files\Windows Police Pro\msvcr80.dll
3 minutes, c:\Program Files\Windows Police Pro\msvcp80.dll
3 minutes, c:\Program Files\Windows Police Pro\msvcm80.dll
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)