Results 1 to 12 of 12

Thread:

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Registered User
    Join Date: Mar:2009
    Location: d town
    Posts: 36

    . . .. Spybot IRC Double click . Spybot. . . .
    .

    .

  2. #2
    S.T.A.R.S. James0888's Avatar
    Join Date: Jan:2004
    Location:
    Posts: 3,073
    . Hiren boot CD - . .
    My last Tower: [24/7] [PXP35] [E6500@4026MHz] [ST@1500rpm] [Corsair 8GB DDR2] [GTX280 1GB OC] [Black Diamond 850W] [VelociRaptor 600GB]
    ITX rig 10 years later: [24/7] [B450M ITX] [Ryzen 5 3600@4400MHz] [Corsair 32GB 3600MHz] [KFA2 RTX3060Ti 8GB] [Corsair CX550SF] [1TB WD Black SN850]

  3. #3
    Registered User shado's Avatar
    Join Date: Jan:2009
    Location:
    Posts: 61
    . .

  4. #4
    Registered User
    Join Date: Mar:2009
    Location: d town
    Posts: 36
    .

    ---------- 09:32 ---------- 17:22 ----------

    . .

  5. #5
    Registered User shado's Avatar
    Join Date: Jan:2009
    Location:
    Posts: 61
    ? .

  6. #6
    Registered User
    Join Date: Mar:2009
    Location: d town
    Posts: 36
    . Device manager .
    :

    Malwarebytes' Anti-Malware 1.25
    Database version: 1103
    Windows 5.1.2600 Service Pack 2

    23:23:27 26.3.2009 .
    mbam-log-03-26-2009 (23-23-27).txt

    Scan type: Full Scan (C:\|E:\|)
    Objects scanned: 181802
    Time elapsed: 1 hour(s), 5 minute(s), 19 second(s)

    Memory Processes Infected: 1
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 1
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 2

    Memory Processes Infected:
    C:\WINDOWS\system32\sysmgr.exe (Trojan.Agent) -> Unloaded process successfully.

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wi ndows\CurrentVersion\Run\Microsoft(R) System Manager (Backdoor.Bot) -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\WINDOWS\system32\sysmgr.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\msvcrt2.dll (Trojan.Agent) -> Quarantined and deleted successfully.

  7. #7
    presola's Avatar
    Join Date: Jul:2006
    Location: /
    Posts: 15,440
    , .

    .
    , => (DCOM, ) - .
    - \Windows\System msile.exe; msddl.exe ( Hidden System, ), System32 - .scr , - 11.scr, 17.scr, 21.scr ..
    imweasel: , .
    B4K Reloaded , userstyles.org.

    #makeHWBGgreatagain

  8. #8
    Registered User
    Join Date: Mar:2009
    Location: d town
    Posts: 36
    . ??? . ???

  9. #9
    presola's Avatar
    Join Date: Jul:2006
    Location: /
    Posts: 15,440
    , - ? ?
    imweasel: , .
    B4K Reloaded , userstyles.org.

    #makeHWBGgreatagain

  10. #10
    Registered User
    Join Date: Mar:2009
    Location: d town
    Posts: 36

  11. #11
    presola's Avatar
    Join Date: Jul:2006
    Location: /
    Posts: 15,440
    ... , ... :

    :
    KillBox
    Kaspersky AVPTool
    ATF Cleaner

    System Restore, , ATF Cleaner .
    Safe Mode ( ) AVPTool, - .
    , . - .scr , .
    System 2 .exe- - msile.exe / msddl.exe ( ), KillBox Auto End Task , .exe-.
    ... .
    - System32, ... , .

    ,

    Edit: , - System Restore.
    Last edited by presola; 27th March 2009 at 01:24.
    imweasel: , .
    B4K Reloaded , userstyles.org.

    #makeHWBGgreatagain

  12. #12
    Registered User DjiN's Avatar
    Join Date: Mar:2007
    Location: UK
    Posts: 851
    -! . -, - - . , , " " !

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Copyright © 1999-2011 . .
iskamPC.com | mobility.BG | Bloody's Techblog | | 3D Vision Blog |