Results 1 to 16 of 16

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Bitov Corporation pippo's Avatar
    Join Date: Dec:2004
    Location:
    Posts: 2,548

    - BackDoor.Generic_r.GL / SHeur2.AEDK

    ,
    .
    XP SP2, AVG 8.5 Free.
    - SHeur2.AEDK BackDoor.Generic_r.GL , 23.scr, 24.scr, 25.scr .. system32.
    AVG , , . , explorer.exe. svchost.exe. svchost.exe.
    . SuperAntiSpyware Free Malwarebytes save mode, , .
    , , , , 5 .
    , . Norton Ghost, quick format . , , . , . . , skype, . , , skype qip.
    , .
    HiJackThis
    Attached Files
    Last edited by pippo; 12th May 2009 at 10:20.

  2. #2
    Registered User
    Join Date: Dec:2005
    Location: yvr
    Posts: 5,167
    Quote Originally Posted by pippo View Post
    ... Norton Ghost, quick format . , , . , . . , skype, ...
    autorun , D .
    , , autorun , , - .

  3. #3
    Bitov Corporation pippo's Avatar
    Join Date: Dec:2004
    Location:
    Posts: 2,548
    autorun. . . , , rdp. SP3 fireware, . , , firefox.

  4. #4
    Registered User SFisher's Avatar
    Join Date: Nov:2007
    Location:
    Posts: 1,482
    System restore . .
    MSI B450 Tomahawk | AMD Ryzen 7 5700X & Arctic Liquid Freezer II 280 | Kingston FURY Beast 2x16GB | EVGA RTX 3060 Ti XC GAMING | WD SN850 1TB | Seasonic Focus GX-850 | be quiet! Pure Base 500 | LG 27GL850 | Edifier R1800TIII

  5. #5
    Registered User
    Join Date: Dec:2005
    Location: yvr
    Posts: 5,167
    HJT , , , rootkit .
    exe D, ?
    Combofix .

    SFisher- SR , , . SR , , .

  6. #6
    Bitov Corporation pippo's Avatar
    Join Date: Dec:2004
    Location:
    Posts: 2,548
    , , , , . rdp/vnc hamachi. , - , save mode windows, .
    EXE- , , , , .

    :
    , Malwarebytes' Anti-Malware, AVG , Malwarebytes' Anti-Malware , Security Center- XP.

    2:
    combofix- , , combofix.org CA .
    Last edited by pippo; 8th May 2009 at 11:38.

  7. #7
    Registered User
    Join Date: Dec:2005
    Location: yvr
    Posts: 5,167
    , .
    , , .

  8. #8
    Registered User nikikom's Avatar
    Join Date: Jan:2009
    Location:
    Posts: 31
    Windows-a . .

    Code:
    dir /a /t:c /o:d /s c:\ >c:\Log1.txt
    :\ .

    Code:
    dir /a /t:w /o:d /s c:\ >c:\Log2.txt
    .

    Code:
    dir /a /t:a /o:d /s c:\ >c:\Log3.txt
    .

    Audit process tracking, Event Viewer Windows-a.

    Regmon 7.4
    Regmon , , - . - -, . . Regmon .

  9. #9
    Bitov Corporation pippo's Avatar
    Join Date: Dec:2004
    Location:
    Posts: 2,548
    .
    , . SP3 , Webrot AntiVirus with AntiSpyware, , Mal/Behav-243 , , , , c:\Combofix\*.*.
    Firefox (IE ) AVG . Webrot AntiVirus with AntiSpyware, AVG Trojan Horse Generic13.AKLP C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\1HCRF3TM\x[1]
    , .
    Attached Files
    Last edited by pippo; 12th May 2009 at 10:19.

  10. #10
    Registered User
    Join Date: Dec:2005
    Location: yvr
    Posts: 5,167
    .
    2 , .

  11. #11
    Bitov Corporation pippo's Avatar
    Join Date: Dec:2004
    Location:
    Posts: 2,548
    Silent Runner-a e -
    , F-Secure :-(
    Attached Files
    Last edited by pippo; 12th May 2009 at 10:18.

  12. #12
    Registered User
    Join Date: Dec:2005
    Location: yvr
    Posts: 5,167
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ FF.

    .
    AVG , ?
    AVG Antivir , . heuristic medium. AVG - ?

    , . , .

    , code .

  13. #13
    Bitov Corporation pippo's Avatar
    Join Date: Dec:2004
    Location:
    Posts: 2,548
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ FF , ATF Cleaner . AVG , AV , AVG, Spybot-S&D, , 8 AVG Anti Spyware . Antivir .
    .

    .. .

  14. #14
    Nostrum IvO's Avatar
    Join Date: Jun:2008
    Location: HOME.WAD
    Posts: 1,334
    "" SpyBot: S&D / Spyware Blaster. C:\Windows\System32\Drivers\Etc\hosts .

  15. #15
    Bitov Corporation pippo's Avatar
    Join Date: Dec:2004
    Location:
    Posts: 2,548
    AVG Antivir , . C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\1HCRF3TM\x[1] .
    AVG- 2 uninstall- , . uninstall tool- .

  16. #16
    Registered User nikikom's Avatar
    Join Date: Jan:2009
    Location:
    Posts: 31
    pippo. , Windows-a , , C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ , .

    \Content.IE5\ index.data . .
    wssetup.exe .

    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files > properties - security , , . security, My Computer\Tools\Folder Options\View Advanced settings - Use simple file sharing.


    C:\Documents and Settings\UserProfile\Cookies
    Mozilla Firefox C:\Documents and Settings\UserProfile\Local Settings\Application Data\Mozilla\Firefox\Profiles\sx52jlmo.d efault\Cache
    Mozilla Firefox
    C:\Documents and Settings\UserProfile\Local Settings\Temporary Internet Files , Internet Explorer . , C:\Documents and Settings\UserProfile\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine.
    Internet Explorer\Tools\Internet Options Browsing history Settings Move folder... .
    Last edited by nikikom; 17th May 2009 at 18:41.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Copyright © 1999-2011 . .
iskamPC.com | mobility.BG | Bloody's Techblog | | 3D Vision Blog |