KillAll::
File::
NetSvc::
wegfmj
jcwxv
misan
Driver::
wegfmj
jcwxv
misan
krhqawv
Folder::
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3924:TCP"=-
KillAll::
File::
c:\docume~1\White\LOCALS~1\Temp\NRHCB1.tmp
Driver::
GarenaPEngine
Folder::
Registry::
FileLook::
DirLook::
c:\program files\Ufasoft\Sniffer\
Утилита ничего не нашла, это хорошо.что тут? так и должно быть?
Да.Пароли асек, мыла и прочии?
:Processes
explorer.exe
:Services
:Files
C:\m5k1r3r5y2j8.exe
C:\WINDOWS\system32\drivers\xfgn.exe
:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Microsoft Driver Setup"=-
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\System32\52.scr"=-
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?