Bilginin Adresi Ana Sayfa
Forum Anasayfası Forum Anasayfası > Bilgisayar Güvenliği / Computer Security > Güvenlik / Security Makaleleri > Exe & DLL Arşivi
  Aktif Konular Aktif Konular RSS - lastdefender.exe
  SSS SSS  Forumu Ara   Events   Kayıt Ol Kayıt Ol  GiriÅŸ GiriÅŸ

lastdefender.exe

 Yanıt Yaz Yanıt Yaz
Yazar
Mesaj
invertor Açılır Kutu Gör
Security Professional
Security Professional
Simge
İnventor

Kayıt Tarihi: 18-01-2008
Status: Aktif DeÄŸil
Points: 3365
Mesaj Seçenekleri Mesaj Seçenekleri   Thanks (0) Thanks(0)   Alıntı invertor Alıntı  Yanıt YazCevapla Mesajın Direkt Linki Konu: lastdefender.exe
    Gönderim Zamanı: 01-09-2008 Saat 17:47
Türü : Zararlı

Zararlı İsmi : LastDefender

Konum :
C:\Program Files\The Last Defender\lastdefender.exe
C:\Documents and Settings\Admin\Local Settings\temp\lastdefender_setup.exe
install_tld.exe


URL :
zscanner.lastdefender.net
thelastdefender.com

Ek Bilgiler : Rogue Security Program(Sahte Güvenlik Programı)

Kayıt defterine hijackthis logunda da görülebilen aşağıdaki girdiyi ekler.
O4 - HKLM\..\Run: [TheLastDefender] C:\Program Files\The Last Defender\LastDefender.exe

Temizleme Yöntemi : Anti-Malware programları ile rahatlıkla kaldırılabilir.
 
Malwarebytes'Anti Malware ile LastDefender'a ait kaldırılabilen girdiler


[/url]




Registry Keys :
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Feat ures\fe514520c4ef11a4faaba0543d8d4499 (Rogue.TheLastDefender)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Prod ucts\fe514520c4ef11a4faaba0543d8d4499 (Rogue.TheLastDefender)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Installer\UserData\S-1-5-18\Products\fe514520c4ef11a4faaba0543d8d4499 (Rogue.TheLastDefender)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Upgr adeCodes\27887b4741919924c8a3066cc9c94949 (Rogue.TheLastDefender)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Installer\UpgradeCodes\27887b4741919924 c8a3066cc9c94949 (Rogue.TheLastDefender)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Installer\UserData\S-1-5-18\Components\3e21e72712c6e804c81ad944b1b390d5 (Rogue.TheLastDefender)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Installer\UserData\S-1-5-18\Components\84d5692624bdc8f4cbe7bbcc6eed1add (Rogue.TheLastDefender)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Installer\UserData\S-1-5-18\Components\cf18f2d7fc44ed2469ca29cea2e81717 (Rogue.TheLastDefender)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\{025415ef-fe4c-4a11-afba-0a45d3d84499} (Rogue.TheLastDefender)

Registry Values :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\TheLastDefender (Rogue.TheLastDefender)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Installer\Folders\C:\Program Files\The Last Defender\ (Rogue.TheLastDefender)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Installer\Folders\C:\Documents and Settings\All Users\Start Menu\Programlar\The Last Defender\ (Rogue.TheLastDefender)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Installer\Folders\C:\WINDOWS\Installer\ {025415EF-FE4C-4A11-AFBA-0A45D3D84499}\ (Rogue.TheLastDefender)



Folders :
C:\Program Files\The Last Defender (Rogue.TheLastDefender)
C:\WINDOWS\Installer\{025415EF-FE4C-4A11-AFBA-0A45D3D84499} (Rogue.TheLastDefender)

Files :
c:\program files\the last defender\lastdefender.exe (Rogue.TheLastDefender)
C:\Documents and Settings\Kullanıcı Adı\Desktop\install_tld.exe (Rogue.TheLastDefender)
C:\Documents and Settings\Kullanıcı Adı\Local Settings\Temp\lastdefender_setup.exe (Rogue.TheLastDefender)
C:\Documents and Settings\Kullanıcı Adı\Local Settings\Temporary internet Files\Content.IE5\E5SYFUC5\Installer[1].exe (Rogue.WinReanimator)
C:\Documents and Settings\Kullanıcı Adı\Local Settings\Temporary Internet Files\Content.IE5\ROX2LCKZ\lastdefender_setup[1].exe (Rogue.TheLastDefender)
C:\WINDOWS\Installer\{025415EF-FE4C-4A11-AFBA-0A45D3D84499}\NewShortcut1_025415EFFE4C4A11AFBA0A4 5D3D84499_2.exe (Rogue.TheLastDefender)
C:\WINDOWS\Installer\{025415EF-FE4C-4A11-AFBA-0A45D3D84499}\NewShortcut4_025415EFFE4C4A11AFBA0A4 5D3D84499.exe (Rogue.TheLastDefender) -
C:\Program Files\The Last Defender\cur.ver (Rogue.TheLastDefender)
C:\Program Files\The Last Defender\The Last Defender Help.url (Rogue.TheLastDefender)
C:\Program Files\The Last Defender\vir1.db (Rogue.TheLastDefender)
C:\Program Files\The Last Defender\vir2.db (Rogue.TheLastDefender)
C:\Documents and Settings\All Users\Desktop\The Last Defender.lnk (Rogue.TheLastDefender)
Yukarı Dön
 Yanıt Yaz Yanıt Yaz

Forum Atla Forum İzinleri Açılır Kutu Gör



Bu Sayfa 0.207 Saniyede Yüklendi.