|
file
|
04/27 16:18:58
|
C:\Program Files\Internet Explorer\IEXPLORE.EXE
|
C:\WINDOWS\Temp\ynymj.exe
|
-
|
|
|
file
|
04/27 16:18:58
|
C:\WINDOWS\Temp\ynymj.exe
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
-
|
|
|
process
|
04/27 16:18:59
|
UNKNOWN
|
C:\WINDOWS\Temp\ynymj.exe
|
-
|
|
|
process
|
04/27 16:19:02
|
C:\WINDOWS\Temp\ynymj.exe
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
-
|
|
|
file
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
C:\Documents and Settings\******\Local Settings\Application Data\OjQ4u1Yj
|
-
|
|
|
file
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
C:\Documents and Settings\All Users\Application Data\OjQ4u1Yj
|
-
|
|
|
file
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
C:\WINDOWS\Temp\OjQ4u1Yj
|
-
|
|
|
file
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
C:\Documents and Settings\******\Templates\OjQ4u1Yj
|
-
|
|
|
file
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
C:\WINDOWS\Temp\ynymj.exe
|
-
|
|
|
file
|
04/27 16:19:00
|
C:\Program Files\Internet Explorer\IEXPLORE.EXE
|
C:\WINDOWS\Temp\pvwyf.exe
|
-
|
|
|
process
|
04/27 16:18:58
|
C:\Program Files\Internet Explorer\IEXPLORE.EXE
|
C:\WINDOWS\Temp\ynymj.exe
|
-
|
|
|
process
|
04/27 16:19:04
|
UNKNOWN
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
-
|
|
|
file
|
04/27 16:19:00
|
System
|
C:\WINDOWS\Temp\pvwyf.exe
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\WINDOWS\Temp\ynymj.exe
|
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Local AppData
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\WINDOWS\Temp\ynymj.exe
|
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common AppData
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\WINDOWS\Temp\ynymj.exe
|
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Templates
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Local AppData
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common AppData
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Templates
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\EnableFirewall
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\DoNotAllowExceptions
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\DisableNotifications
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\EnableFirewall
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\DoNotAllowExceptions
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\DisableNotifications
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Start
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SOFTWARE\Microsoft\Security Center\AntiVirusOverride
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SOFTWARE\Microsoft\Security Center\FirewallOverride
|
-
|
|
|
registry
|
04/27 16:18:58
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\Content Type
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\DefaultIcon
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\shell\open\command
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\shell\open\command\IsolatedCommand
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\shell\runas\command
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\shell\runas\command\IsolatedCommand
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\shell\start\command
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\shell\start\command\IsolatedCommand
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\Content Type
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\DefaultIcon
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\shell\open\command
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\shell\open\command\IsolatedCommand
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\shell\runas\command
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\shell\runas\command\IsolatedCommand
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\shell\start\command
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\shell\start\command\IsolatedCommand
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\Content Type
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\DefaultIcon
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\shell\open\command
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\shell\open\command\IsolatedCommand
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\shell\runas\command
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\shell\runas\command\IsolatedCommand
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\shell\start\command
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\.exe\shell\start\command\IsolatedCommand
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\Content Type
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\DefaultIcon
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\shell\open\command
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\shell\open\command\IsolatedCommand
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\shell\runas\command
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\shell\runas\command\IsolatedCommand
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\shell\start\command
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCR\secfile\shell\start\command\IsolatedCommand
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SOFTWARE\Clients\StartMenuInternet
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
|
-
|
|
|
registry
|
04/27 16:18:59
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCU\Software\Microsoft\Windows\Identity
|
-
|
|
|
registry
|
04/27 16:19:00
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Local AppData
|
-
|
|
|
registry
|
04/27 16:19:00
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common AppData
|
-
|
|
|
registry
|
04/27 16:19:00
|
C:\Documents and Settings\******\Local Settings\Application Data\ave.exe
|
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Templates
|
-
|
|
