ActiveSecurity

ActiveSecurity

Found: 
2009-10-20
Known system changes: 

Created Files

  • c:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\Quick Launch\Active Security.lnk
  • c:\Documents and Settings\All Users\Desktop\Active Security Support.lnk
  • c:\Documents and Settings\All Users\Desktop\Active Security.lnk
  • %CommonDesktop%\nudetube.com.lnk
  • %CommonDesktop%\pornotube.com.lnk
  • %CommonDesktop%\youporn.com.lnk

Created Folders

  • %CommonStartMenu%\Programs\Active Security
  • %ProgramFiles%\Active Security

Registry Entries

  • Key: HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Active Security
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Active Security
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: Active Security
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
  • Value: {5E2121EE-0300-11D4-8D3B-444553540000}
  • Key: HKEY_CURRENT_USER\Software
  • Value: eee0bd2f-ff2e-46ef-83fb-d4fda84462a3
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: wow64main.exe