Antivirus Security Pro

Aprende y comparte como combatir objetos maliciosos en computacion.
Avatar de Usuario
LeThe
Site Admin
Mensajes: 7046
Registrado: Vie Jun 15, 2007 5:11 pm
Ubicación: Florida, Estados Unidos
Contactar:

Antivirus Security Pro

Mensaje por LeThe »

Otra infeccion...log de Malwarebytes abajo:

Imagen


Registry Keys Detected: 2
HKLM\SYSTEM\CurrentControlSet\Services\‮etadpug (Trojan.Zaccess) Delete on reboot.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GOOGLEUPDATE.EXE (Trojan.Zaccess)

Registry Values Detected: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|AS2014 (Trojan.FakeAlert.RRE) Data: C:\ProgramData\ag37nhV3\ag37nhV3.exe
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|AS2014 (Trojan.FakeAlert.RRE) Data: C:\ProgramData\ag37nhV3\ag37nhV3.exe

Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) Bad: (1) Good: (0)
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) Bad: (1) Good: (0)
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) Bad: (1) Good: (0)

Folders Detected: 3
C:\Users\NLiwski\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy)
C:\Users\NLiwski\AppData\Roaming\OpenCandy\0A8DAE3B3CF84BCBA425F06C15EA2B56 (PUP.Optional.OpenCandy)
C:\Users\NLiwski\AppData\Roaming\OpenCandy\1208230EAA864CD68826D92E244576F4 (PUP.Optional.OpenCandy)

Files Detected: 19
C:\ProgramData\ag37nhV3\ag37nhV3.exe (Trojan.FakeAlert.RRE)
C:\ProgramData\ag37nhV3\1898317926637210375.exe (Trojan.Agent.RRE)
C:\Windows\Temp\167482.exe (Trojan.FakeAlert.RRE)
C:\Users\Administrator\Desktop\Antivirus Security Pro.lnk (Rogue.AntiVirusSecurity)
C:\Users\dpierson\Desktop\Antivirus Security Pro.lnk (Rogue.AntiVirusSecurity)
C:\Users\FaithFormation\Desktop\Antivirus Security Pro.lnk (Rogue.AntiVirusSecurity)
C:\Users\olmcadmin\Desktop\Antivirus Security Pro.lnk (Rogue.AntiVirusSecurity)
C:\Users\Owner\Desktop\Antivirus Security Pro.lnk (Rogue.AntiVirusSecurity)
C:\Users\Reception\Desktop\Antivirus Security Pro.lnk (Rogue.AntiVirusSecurity)
C:\Users\sysadmin\Desktop\Antivirus Security Pro.lnk (Rogue.AntiVirusSecurity)
C:\Windows\System32\config\systemprofile\Desktop\Antivirus Security Pro support.url (Rogue.AntiVirusSecurity)
C:\Windows\System32\config\systemprofile\Desktop\Antivirus Security Pro.lnk (Rogue.AntiVirusSecurity)
c:\program files\google\desktop\install\{7f00a8a8-8873-45ba-ec52-2ce0d74e2a53}\ \...\‮ﯹ๛\{7f00a8a8-8873-45ba-ec52-2ce0d74e2a53}\googleupdate.exe (Trojan.Zaccess)
Ing. Joshua Marius
Windows 10 Pro x64 20H2
Intel Core i7-3770K, 4.5 Ghz
ASUS P8Z68-V LX
Disco 1: Samsung SSD 850 EVO 500 GB
RAID 1: Seagate ST3000DM001 3TB
CORSAIR Vengeance 16 GB DDR3 1600
NVIDIA GeForce GTX 1060
Responder

Volver a “Infecciones y Soluciones - Virus, Trojanos, Spyware, Rogue, Malware, etc.”