SafeSearch

Categoria: Adware e PUA Opzioni di protezione ora disponibili:28 lug 2011 06:18:22 (GMT)
Tipo: Adware Ultimo aggiornamento:06 giu 2014 23:11:19 (GMT)

Download Scaricate il nostro Virus Removal Tool: è gratis! - Scoprite le minacce che sono sfuggite al vostro antivirus

Examples of SafeSearch include:

Example 1

File Information

Size
1.3M
SHA-1
0083624767c778d135f44634a4a9e57b1d950caa
MD5
1ba2e6dd2f619c41beaea37a15ba1699
CRC-32
1df87057
File type
Windows executable
First seen
2014-05-25

Runtime Analysis

Dropped Files
  • C:\Program Files\pcreg\install_service.xml
  • C:\Program Files\pcreg\install64.xml
  • C:\Program Files\pcreg\msvcr100.dll
  • C:\Program Files\pcreg\installXP.xml
  • C:\Program Files\pcreg\pcreg.exe
    Size
    244K
    SHA-1
    7746f71bc2693a155ee7a70884bb251f2d1dd142
    MD5
    684b125e93e95c66f406ff016dd6763b
    CRC-32
    bd5db238
    File type
    Windows executable
    First seen
    2014-05-25
  • C:\Program Files\pcreg\service.exe
    Size
    79K
    SHA-1
    ab7d3974ab76d0a14ce792a396ad78209060504a
    MD5
    356fdf2ed5f70f15e9b9ff0e8eaeebf5
    CRC-32
    2d3a6ee9
    File type
    Windows executable
    First seen
    2014-05-25
  • C:\Program Files\pcreg\install32.xml
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
    HideZoneInfoOnProperties
    0x00000001
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations
    LowRiskFileTypes
    .zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.log;
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
    HideSCAHealth
    0x00000001
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
    EnableLUA
    0x00000000
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
    HideSCAHealth
    0x00000001
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments
    HideZoneInfoOnProperties
    0x00000001
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
    LowRiskFileTypes
    .zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.log;

Example 2

File Information

Size
1.3M
SHA-1
012b4ff71b2f770b3da8cebff420a8455a9602ae
MD5
b7564b77e2f339c9cc3aaed2e3ddf56c
CRC-32
bd23e27c
File type
Windows executable
First seen
2014-05-25

Runtime Analysis

Dropped Files
  • C:\Program Files\pcmax\msvcr100.dll
  • C:\Program Files\pcmax\install64.xml
    Size
    3.6K
    SHA-1
    3ad4a68c5bea04259ec9bbb8e7fb271a79e4d078
    MD5
    65fbeddfc99d26edefe25ddcb30a48a4
    CRC-32
    e0e7108f
    File type
    UTF-16/UCS-2 16-bit Unicode Transformation Format
    First seen
    2014-05-26
  • C:\Program Files\pcmax\install_service.xml
    Size
    3.6K
    SHA-1
    95498fac506514a404955a21ecea27c4eb6ee0a0
    MD5
    092dd4ab3224d6930a13b6f49da795e1
    CRC-32
    ff2cccfe
    File type
    UTF-16/UCS-2 16-bit Unicode Transformation Format
    First seen
    2014-05-26
  • C:\Program Files\pcmax\installXP.xml
    Size
    2.6K
    SHA-1
    b7fea20d0a07d2d800d4dee39c2c81691f622075
    MD5
    b3c879415ec3a650db1f5df56181f04d
    CRC-32
    807a144f
    File type
    application/octet-stream
    First seen
    2014-05-26
  • C:\Program Files\pcmax\pcmax.exe
    Size
    244K
    SHA-1
    51c60efe8a7ed12098976cd828233ee9ad6c3eb0
    MD5
    14b25870e526a083f056a1c68a4a8e04
    CRC-32
    bdd50aa8
    File type
    Windows executable
    First seen
    2014-05-25
  • C:\Program Files\pcmax\service.exe
    Size
    78K
    SHA-1
    f2e136f7188c9013124297b81c929d335e70c130
    MD5
    d128703a1f2fc9f702c18b97eb9fcfac
    CRC-32
    0942d367
    File type
    Windows executable
    First seen
    2014-05-25
  • C:\Program Files\pcmax\install32.xml
    Size
    3.5K
    SHA-1
    fc0d2fa06e6a9afa87b5695ffa5bcf9e10e90bd0
    MD5
    40133da6714aff21338c42fb317907a1
    CRC-32
    283e6ebf
    File type
    UTF-16/UCS-2 16-bit Unicode Transformation Format
    First seen
    2014-05-26
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations
    LowRiskFileTypes
    .zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.log;
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments
    HideZoneInfoOnProperties
    0x00000001
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
    HideSCAHealth
    0x00000001
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
    HideSCAHealth
    0x00000001
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
    EnableLUA
    0x00000000
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
    HideZoneInfoOnProperties
    0x00000001
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
    LowRiskFileTypes
    .zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.log;

Example 3

File Information

Size
1.4M
SHA-1
0481e6b7072595f23416ff214e717483928163a0
MD5
c8b92f3d4afefbabf1edf80a41e675eb
CRC-32
6443e931
File type
application/x-ms-dos-executable
First seen
2014-04-23

Runtime Analysis

Dropped Files
  • C:\Program Files\pcreg\service.exe
    Size
    88K
    SHA-1
    d6e6f3ac3dc576022116da022e7d34e712fef1b0
    MD5
    ea989bb3a5e69f0dcad9864e54eb1e87
    CRC-32
    25d064e8
    File type
    Windows executable
    First seen
    2014-04-24
  • C:\Program Files\pcreg\pcreg.exe
    Size
    244K
    SHA-1
    f73a989d387d314786c495c7b4e6a430b13f335b
    MD5
    3fa8842bdec6f65da0c6c6c2b384b7c4
    CRC-32
    f0f4937d
    File type
    Windows executable
    First seen
    2014-04-24
  • C:\Program Files\pcreg\installXP.xml
  • C:\Program Files\pcreg\install32.xml
  • C:\Program Files\pcreg\install_service.xml
  • c:\Documents and Settings\test user\Local Settings\Temp\nso3.tmp\nsProcess.dll
  • C:\Program Files\pcreg\install64.xml
  • C:\Program Files\pcreg\msvcr100.dll
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
    HideSCAHealth
    0x00000001
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
    HideSCAHealth
    0x00000001
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments
    HideZoneInfoOnProperties
    0x00000001
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations
    LowRiskFileTypes
    .zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.log;
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
    EnableLUA
    0x00000000
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
    HideZoneInfoOnProperties
    0x00000001
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
    LowRiskFileTypes
    .zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.log;
Processes Created
  • c:\windows\explorer.exe

scarica Prova gratuita dei prodotti Sophos
Scarica subito