Перейти к содержанию
Правила раздела

Помогите разобраться с UDP flooder`ом!

Wizin

От Wizin
в Помощь в удалении вирусов

 Share

Рекомендуемые сообщения

Wizin Новичок

Wizin

Опубликовано
Опубликовано

В общем мне засунули вирус через кс знаю звучит глупо но так есть, я в отместку вычислив IP решил забить канал админу того серва УДП флудером но по ошибке чисто случайно запустил его на себя(( у меня теперь от компа к модему и обратно бегают пакеты с частотой 2 минуты 5 секунд, вот что нашёл АВЗ Раскрывающийся текст:

 

AVZ Antiviral Toolkit log; AVZ version is 4.32

Scanning started at 02.04.2010 19:35:25

Database loaded: signatures - 237871, NN profile(s) - 2, malware removal microprograms - 56, signature database released 21.08.2009 14:23

Heuristic microprograms loaded: 374

PVS microprograms loaded: 9

Digital signatures of system files loaded: 135524

Heuristic analyzer mode: Medium heuristics mode

Malware removal mode: disabled

Windows version is: 6.1.7600, ; AVZ is run with administrator rights

System Restore: enabled

1. Searching for Rootkits and other software intercepting API functions

1.1 Searching for user-mode API hooks

Analysis: kernel32.dll, export table found in section .text

Analysis: ntdll.dll, export table found in section .text

Analysis: user32.dll, export table found in section .text

Function user32.dll:ChangeDisplaySettingsExA (1538) intercepted, method - APICodeHijack.JmpTo[100A45CE]

Function user32.dll:ChangeDisplaySettingsExW (1539) intercepted, method - APICodeHijack.JmpTo[100A45FA]

Function user32.dll:SetForegroundWindow (2172) intercepted, method - APICodeHijack.JmpTo[100A454A]

Function user32.dll:SetWindowPos (2223) intercepted, method - APICodeHijack.JmpTo[100A4576]

Analysis: advapi32.dll, export table found in section .text

Function advapi32.dll:AddMandatoryAce (1029) intercepted, method - ProcAddressHijack.GetProcAddress ->767324B5->75B9193A

Function advapi32.dll:I_QueryTagInformation (1361) intercepted, method - ProcAddressHijack.GetProcAddress ->76732655->779A72D8

Function advapi32.dll:I_ScIsSecurityProcess (1362) intercepted, method - ProcAddressHijack.GetProcAddress ->7673268C->779A733F

Function advapi32.dll:I_ScPnPGetServiceName (1363) intercepted, method - ProcAddressHijack.GetProcAddress ->767326C3->779A7C40

Function advapi32.dll:I_ScQueryServiceConfig (1364) intercepted, method - ProcAddressHijack.GetProcAddress ->767326FA->779A5F8A

Function advapi32.dll:I_ScSendPnPMessage (1365) intercepted, method - ProcAddressHijack.GetProcAddress ->76732732->779A5E7D

Function advapi32.dll:I_ScSendTSMessage (1366) intercepted, method - ProcAddressHijack.GetProcAddress ->76732766->779A71C5

Function advapi32.dll:I_ScValidatePnPService (1369) intercepted, method - ProcAddressHijack.GetProcAddress ->76732799->779A6B9D

Function advapi32.dll:IsValidRelativeSecurityDescriptor (1389) intercepted, method - ProcAddressHijack.GetProcAddress ->767327D1->75B8977E

Function advapi32.dll:PerfCreateInstance (1515) intercepted, method - ProcAddressHijack.GetProcAddress ->76732858->74FC2187

Function advapi32.dll:PerfDecrementULongCounterValue (1516) intercepted, method - ProcAddressHijack.GetProcAddress ->76732871->74FC2A1D

Function advapi32.dll:PerfDecrementULongLongCounterValue (1517) intercepted, method - ProcAddressHijack.GetProcAddress ->76732896->74FC2B3C

Function advapi32.dll:PerfDeleteInstance (1519) intercepted, method - ProcAddressHijack.GetProcAddress ->767328BF->74FC2259

Function advapi32.dll:PerfIncrementULongCounterValue (1522) intercepted, method - ProcAddressHijack.GetProcAddress ->767328D8->74FC27B9

Function advapi32.dll:PerfIncrementULongLongCounterValue (1523) intercepted, method - ProcAddressHijack.GetProcAddress ->767328FD->74FC28D6

Function advapi32.dll:PerfQueryInstance (1528) intercepted, method - ProcAddressHijack.GetProcAddress ->76732926->74FC2373

Function advapi32.dll:PerfSetCounterRefValue (1529) intercepted, method - ProcAddressHijack.GetProcAddress ->7673293E->74FC2447

Function advapi32.dll:PerfSetCounterSetInfo (1530) intercepted, method - ProcAddressHijack.GetProcAddress ->7673295B->74FC20B0

Function advapi32.dll:PerfSetULongCounterValue (1531) intercepted, method - ProcAddressHijack.GetProcAddress ->76732977->74FC2565

Function advapi32.dll:PerfSetULongLongCounterValue (1532) intercepted, method - ProcAddressHijack.GetProcAddress ->76732996->74FC2680

Function advapi32.dll:PerfStartProvider (1533) intercepted, method - ProcAddressHijack.GetProcAddress ->767329B9->74FC1FED

Function advapi32.dll:PerfStartProviderEx (1534) intercepted, method - ProcAddressHijack.GetProcAddress ->767329D1->74FC1F34

Function advapi32.dll:PerfStopProvider (1535) intercepted, method - ProcAddressHijack.GetProcAddress ->767329EB->74FC2026

Function advapi32.dll:SystemFunction035 (1753) intercepted, method - ProcAddressHijack.GetProcAddress ->76732A3C->75433EA8

Analysis: ws2_32.dll, export table found in section .text

Analysis: wininet.dll, export table found in section .text

Analysis: rasapi32.dll, export table found in section .text

Analysis: urlmon.dll, export table found in section .text

Analysis: netapi32.dll, export table found in section .text

Function netapi32.dll:DavAddConnection (1) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3B10->710229DD

Function netapi32.dll:DavDeleteConnection (2) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3B29->7102181B

Function netapi32.dll:DavFlushFile (3) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3B45->71021713

Function netapi32.dll:DavGetExtendedError (4) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3B5A->71022347

Function netapi32.dll:DavGetHTTPFromUNCPath (5) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3B76->7102275B

Function netapi32.dll:DavGetUNCFromHTTPPath (6) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3B94->7102257D

Function netapi32.dll:DsAddressToSiteNamesA (7) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3BB2->75294A4D

Function netapi32.dll:DsAddressToSiteNamesExA (8) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3BD1->75294D79

Function netapi32.dll:DsAddressToSiteNamesExW (9) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3BF2->75295049

Function netapi32.dll:DsAddressToSiteNamesW (10) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3C13->75294C29

Function netapi32.dll:DsDeregisterDnsHostRecordsA (11) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3C32->75296DD9

Function netapi32.dll:DsDeregisterDnsHostRecordsW (12) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3C57->75296D59

Function netapi32.dll:DsEnumerateDomainTrustsA (13) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3C7C->75296771

Function netapi32.dll:DsEnumerateDomainTrustsW (14) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3C9E->752860BC

Function netapi32.dll:DsGetDcCloseW (15) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3CC0->7529495D

Function netapi32.dll:DsGetDcNameA (16) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3CD7->75295BB2

Function netapi32.dll:DsGetDcNameW (17) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3CED->75284CA8

Function netapi32.dll:DsGetDcNameWithAccountA (18) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3D03->752955E9

Function netapi32.dll:DsGetDcNameWithAccountW (19) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3D24->75284CD1

Function netapi32.dll:DsGetDcNextA (20) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3D45->75294896

Function netapi32.dll:DsGetDcNextW (21) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3D5B->752947ED

Function netapi32.dll:DsGetDcOpenA (22) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3D71->7529473D

Function netapi32.dll:DsGetDcOpenW (23) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3D87->752946AB

Function netapi32.dll:DsGetDcSiteCoverageA (24) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3D9D->75295239

Function netapi32.dll:DsGetDcSiteCoverageW (25) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3DBB->75295409

Function netapi32.dll:DsGetForestTrustInformationW (26) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3DD9->75296E6F

Function netapi32.dll:DsGetSiteNameA (27) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3DFF->75295B39

Function netapi32.dll:DsGetSiteNameW (28) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3E17->75285F24

Function netapi32.dll:DsMergeForestTrustInformationW (29) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3E2F->75296F71

Function netapi32.dll:DsRoleAbortDownlevelServerUpgrade (30) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3E57->73E54339

Function netapi32.dll:DsRoleCancel (31) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3E80->73E534A9

Function netapi32.dll:DsRoleDcAsDc (32) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3E94->73E53EAD

Function netapi32.dll:DsRoleDcAsReplica (33) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3EA8->73E53F99

Function netapi32.dll:DsRoleDemoteDc (34) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3EC1->73E54189

Function netapi32.dll:DsRoleDnsNameToFlatName (35) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3ED7->73E532B5

Function netapi32.dll:DsRoleFreeMemory (36) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3EF6->73E519A9

Function netapi32.dll:DsRoleGetDatabaseFacts (37) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3F0E->73E53651

Function netapi32.dll:DsRoleGetDcOperationProgress (38) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3F2C->73E53351

Function netapi32.dll:DsRoleGetDcOperationResults (39) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3F50->73E53401

Function netapi32.dll:DsRoleGetPrimaryDomainInformation (40) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3F73->73E51F3D

Function netapi32.dll:DsRoleIfmHandleFree (41) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3F9C->73E53539

Function netapi32.dll:DsRoleServerSaveStateForUpgrade (42) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3FB7->73E535C9

Function netapi32.dll:DsRoleUpgradeDownlevelServer (43) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB3FDE->73E54261

Function netapi32.dll:DsValidateSubnetNameA (44) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4002->75295AF9

Function netapi32.dll:DsValidateSubnetNameW (45) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4021->752949E1

Function netapi32.dll:I_BrowserDebugCall (46) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4040->724124A9

Function netapi32.dll:I_BrowserDebugTrace (47) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB405B->72412581

Function netapi32.dll:I_BrowserQueryEmulatedDomains (48) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4077->724129F9

Function netapi32.dll:I_BrowserQueryOtherDomains (49) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB409D->724122C1

Function netapi32.dll:I_BrowserQueryStatistics (50) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB40C0->72412651

Function netapi32.dll:I_BrowserResetNetlogonState (51) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB40E1->724123D1

Function netapi32.dll:I_BrowserResetStatistics (52) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4105->72412729

Function netapi32.dll:I_BrowserServerEnum (53) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4126->724120BF

Function netapi32.dll:I_BrowserSetNetlogonState (54) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4142->72412919

Function netapi32.dll:I_DsUpdateReadOnlyServerDnsRecords (55) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4164->75295569

Function netapi32.dll:I_NetAccountDeltas (56) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4190->752963AB

Function netapi32.dll:I_NetAccountSync (57) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB41AC->752963AB

Function netapi32.dll:I_NetChainSetClientAttributes (59) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB41C6->75296FA6

Function netapi32.dll:I_NetChainSetClientAttributes2 (58) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB41ED->75297029

Function netapi32.dll:I_NetDatabaseDeltas (60) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4215->75296391

Function netapi32.dll:I_NetDatabaseRedo (61) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4232->75296521

Function netapi32.dll:I_NetDatabaseSync (63) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB424D->75296391

Function netapi32.dll:I_NetDatabaseSync2 (62) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4268->7529639E

Function netapi32.dll:I_NetDfsGetVersion (64) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4284->75647CA1

Function netapi32.dll:I_NetDfsIsThisADomainName (65) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB429E->71014E39

Function netapi32.dll:I_NetGetDCList (66) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB42BF->75295D9C

Function netapi32.dll:I_NetGetForestTrustInformation (67) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB42D7->75296EF1

Function netapi32.dll:I_NetLogonControl (69) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB42FF->752963B8

Function netapi32.dll:I_NetLogonControl2 (68) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB431A->75296439

Function netapi32.dll:I_NetLogonGetDomainInfo (70) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4336->752864A4

Function netapi32.dll:I_NetLogonSamLogoff (71) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4357->75296091

Function netapi32.dll:I_NetLogonSamLogon (72) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4374->75295F39

Function netapi32.dll:I_NetLogonSamLogonEx (73) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4390->75295FE1

Function netapi32.dll:I_NetLogonSamLogonWithFlags (74) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB43AE->7528B22A

Function netapi32.dll:I_NetLogonSendToSam (75) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB43D3->75296111

Function netapi32.dll:I_NetLogonUasLogoff (76) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB43F0->75295EC9

Function netapi32.dll:I_NetLogonUasLogon (77) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB440D->75295E53

Function netapi32.dll:I_NetServerAuthenticate (80) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4429->75296191

Function netapi32.dll:I_NetServerAuthenticate2 (78) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB444A->75296211

Function netapi32.dll:I_NetServerAuthenticate3 (79) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB446C->75286393

Function netapi32.dll:I_NetServerGetTrustInfo (81) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB448E->75296C61

Function netapi32.dll:I_NetServerPasswordGet (82) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB44AF->75296B61

Function netapi32.dll:I_NetServerPasswordSet (84) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB44CF->75296291

Function netapi32.dll:I_NetServerPasswordSet2 (83) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB44EF->75296311

Function netapi32.dll:I_NetServerReqChallenge (85) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4510->75286424

Function netapi32.dll:I_NetServerSetServiceBits (86) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4531->7564426D

Function netapi32.dll:I_NetServerSetServiceBitsEx (87) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4552->75646D11

Function netapi32.dll:I_NetServerTrustPasswordsGet (88) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4575->75296BE1

Function netapi32.dll:I_NetlogonComputeClientDigest (89) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB459B->75285C20

Function netapi32.dll:I_NetlogonComputeServerDigest (90) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB45C2->75296AEC

Function netapi32.dll:NetAddAlternateComputerName (97) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB45E9->73F95B21

Function netapi32.dll:NetAddServiceAccount (98) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB460C->752970B1

Function netapi32.dll:NetApiBufferAllocate (101) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB462A->73FA1415

Function netapi32.dll:NetApiBufferFree (102) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4648->73FA13D2

Function netapi32.dll:NetApiBufferReallocate (103) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4662->73FA3729

Function netapi32.dll:NetApiBufferSize (104) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4682->73FA3771

Function netapi32.dll:NetBrowserStatisticsGet (108) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB469C->72412801

Function netapi32.dll:NetConnectionEnum (112) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB46BC->75645521

Function netapi32.dll:NetDfsAdd (113) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB46D5->710178FD

Function netapi32.dll:NetDfsAddFtRoot (114) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB46E6->71016859

Function netapi32.dll:NetDfsAddRootTarget (115) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB46FD->71017401

Function netapi32.dll:NetDfsAddStdRoot (116) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4718->71012B1E

Function netapi32.dll:NetDfsAddStdRootForced (117) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4730->71012BB1

Function netapi32.dll:NetDfsEnum (118) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB474E->710170F9

Function netapi32.dll:NetDfsGetClientInfo (119) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4760->71013F25

Function netapi32.dll:NetDfsGetDcAddress (120) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB477B->71012C51

Function netapi32.dll:NetDfsGetFtContainerSecurity (121) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4795->71015363

Function netapi32.dll:NetDfsGetInfo (122) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB47B9->71012D69

Function netapi32.dll:NetDfsGetSecurity (123) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB47CE->71017741

Function netapi32.dll:NetDfsGetStdContainerSecurity (124) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB47E7->71013AD5

Function netapi32.dll:NetDfsGetSupportedNamespaceVersion (125) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB480C->71015C19

Function netapi32.dll:NetDfsManagerGetConfigInfo (126) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4836->71012E9C

Function netapi32.dll:NetDfsManagerInitialize (127) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4858->71012F91

Function netapi32.dll:NetDfsManagerSendSiteInfo (128) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4877->710172C5

Function netapi32.dll:NetDfsMove (129) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4898->71015651

Function netapi32.dll:NetDfsRemove (130) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB48AA->71017A19

Function netapi32.dll:NetDfsRemoveFtRoot (131) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB48BE->71016A99

Function netapi32.dll:NetDfsRemoveFtRootForced (132) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB48D8->71016BE5

Function netapi32.dll:NetDfsRemoveRootTarget (133) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB48F8->71015879

Function netapi32.dll:NetDfsRemoveStdRoot (134) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4916->71012CE1

Function netapi32.dll:NetDfsRename (135) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4931->71012E91

Function netapi32.dll:NetDfsSetClientInfo (136) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4945->71014301

Function netapi32.dll:NetDfsSetFtContainerSecurity (137) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4960->710153AF

Function netapi32.dll:NetDfsSetInfo (138) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4984->71016D8B

Function netapi32.dll:NetDfsSetSecurity (139) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4999->71017822

Function netapi32.dll:NetDfsSetStdContainerSecurity (140) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB49B2->71013B24

Function netapi32.dll:NetEnumerateComputerNames (141) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB49D7->73F95E39

Function netapi32.dll:NetEnumerateServiceAccounts (142) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB49F8->75297199

Function netapi32.dll:NetEnumerateTrustedDomains (143) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4A1D->7529652E

Function netapi32.dll:NetFileClose (147) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4A41->75645659

Function netapi32.dll:NetFileEnum (148) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4A55->75645729

Function netapi32.dll:NetFileGetInfo (149) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4A68->75645859

Function netapi32.dll:NetGetAnyDCName (150) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4A7E->7529496D

Function netapi32.dll:NetGetDCName (151) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4A97->75295913

Function netapi32.dll:NetGetDisplayInformationIndex (152) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4AAD->73F84117

Function netapi32.dll:NetGetJoinInformation (153) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4AD2->73F92DC7

Function netapi32.dll:NetGetJoinableOUs (154) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4AEF->73F959D1

Function netapi32.dll:NetGroupAdd (155) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4B08->73F871C3

Function netapi32.dll:NetGroupAddUser (156) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4B1B->73F873AD

Function netapi32.dll:NetGroupDel (157) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4B32->73F873CB

Function netapi32.dll:NetGroupDelUser (158) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4B45->73F873EB

Function netapi32.dll:NetGroupEnum (159) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4B5C->73F87409

Function netapi32.dll:NetGroupGetInfo (160) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4B70->73F878C8

Function netapi32.dll:NetGroupGetUsers (161) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4B87->73F87952

Function netapi32.dll:NetGroupSetInfo (162) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4B9F->73F87C02

Function netapi32.dll:NetGroupSetUsers (163) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4BB6->73F87DAE

Function netapi32.dll:NetIsServiceAccount (164) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4BCE->752972D9

Function netapi32.dll:NetJoinDomain (165) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4BEB->73F954B9

Function netapi32.dll:NetLocalGroupAdd (166) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4C00->73F8875A

Function netapi32.dll:NetLocalGroupAddMember (167) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4C18->73F88886

Function netapi32.dll:NetLocalGroupAddMembers (168) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4C36->73F88E99

Function netapi32.dll:NetLocalGroupDel (169) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4C55->73F888A4

Function netapi32.dll:NetLocalGroupDelMember (170) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4C6D->73F88928

Function netapi32.dll:NetLocalGroupDelMembers (171) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4C8B->73F88EBD

Function netapi32.dll:NetLocalGroupEnum (172) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4CAA->73F88946

Function netapi32.dll:NetLocalGroupGetInfo (173) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4CC3->73F88CE4

Function netapi32.dll:NetLocalGroupGetMembers (174) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4CDF->73F82265

Function netapi32.dll:NetLocalGroupSetInfo (175) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4CFE->73F88D57

Function netapi32.dll:NetLocalGroupSetMembers (176) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4D1A->73F88E75

Function netapi32.dll:NetLogonGetTimeServiceParentDomain (177) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4D39->75296CE9

Function netapi32.dll:NetLogonSetServiceBits (178) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4D65->7528603C

Function netapi32.dll:NetProvisionComputerAccount (184) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4D85->7551F2D3

Function netapi32.dll:NetQueryDisplayInformation (185) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4DA9->73F83D87

Function netapi32.dll:NetQueryServiceAccount (186) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4DCB->75297249

Function netapi32.dll:NetRemoteComputerSupports (188) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4DEB->73FA2160

Function netapi32.dll:NetRemoteTOD (189) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4E0E->75646C11

Function netapi32.dll:NetRemoveAlternateComputerName (190) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4E22->73F95C29

Function netapi32.dll:NetRemoveServiceAccount (191) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4E48->75297129

Function netapi32.dll:NetRenameMachineInDomain (192) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4E69->73F95751

Function netapi32.dll:NetRequestOfflineDomainJoin (208) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4E89->7551B52F

Function netapi32.dll:NetScheduleJobAdd (209) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4EAD->710019D1

Function netapi32.dll:NetScheduleJobDel (210) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4EC8->71001AC9

Function netapi32.dll:NetScheduleJobEnum (211) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4EE3->71001BC1

Function netapi32.dll:NetScheduleJobGetInfo (212) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4EFF->71001CE1

Function netapi32.dll:NetServerAliasAdd (213) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4F1E->75647843

Function netapi32.dll:NetServerAliasDel (214) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4F37->75647A79

Function netapi32.dll:NetServerAliasEnum (215) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4F50->75647931

Function netapi32.dll:NetServerComputerNameAdd (216) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4F6A->75647411

Function netapi32.dll:NetServerComputerNameDel (217) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4F8A->756476FB

Function netapi32.dll:NetServerDiskEnum (218) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4FAA->75646559

Function netapi32.dll:NetServerEnum (219) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4FC3->72412F61

Function netapi32.dll:NetServerEnumEx (220) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4FD9->72412C5F

Function netapi32.dll:NetServerGetInfo (221) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB4FF1->75643CFA

Function netapi32.dll:NetServerSetInfo (222) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5009->75646681

Function netapi32.dll:NetServerTransportAdd (223) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5021->75646851

Function netapi32.dll:NetServerTransportAddEx (224) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB503E->75647329

Function netapi32.dll:NetServerTransportDel (225) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB505D->75646A01

Function netapi32.dll:NetServerTransportEnum (226) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB507A->75646AD9

Function netapi32.dll:NetSessionDel (231) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5098->75645941

Function netapi32.dll:NetSessionEnum (232) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB50AD->75645A11

Function netapi32.dll:NetSessionGetInfo (233) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB50C3->75645B41

Function netapi32.dll:NetSetPrimaryComputerName (234) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB50DC->73F95D31

Function netapi32.dll:NetShareAdd (235) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB50FD->75645C81

Function netapi32.dll:NetShareCheck (236) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5110->75645E91

Function netapi32.dll:NetShareDel (237) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5125->75645F81

Function netapi32.dll:NetShareDelEx (238) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5138->75647B61

Function netapi32.dll:NetShareDelSticky (239) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB514D->756460D1

Function netapi32.dll:NetShareEnum (240) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5166->75643F91

Function netapi32.dll:NetShareEnumSticky (241) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB517A->756461C9

Function netapi32.dll:NetShareGetInfo (242) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5194->7564433F

Function netapi32.dll:NetShareSetInfo (243) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB51AB->75646341

Function netapi32.dll:NetUnjoinDomain (245) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB51C2->73F95641

Function netapi32.dll:NetUseAdd (247) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB51D9->73F93693

Function netapi32.dll:NetUseDel (248) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB51EA->73F95FA9

Function netapi32.dll:NetUseEnum (249) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB51FB->73F93184

Function netapi32.dll:NetUseGetInfo (250) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB520D->73F96039

Function netapi32.dll:NetUserAdd (251) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5222->73F8464F

Function netapi32.dll:NetUserChangePassword (252) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5234->73F85A06

Function netapi32.dll:NetUserDel (253) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5251->73F84826

Function netapi32.dll:NetUserEnum (254) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5263->73F849D6

Function netapi32.dll:NetUserGetGroups (255) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5276->73F84E01

Function netapi32.dll:NetUserGetInfo (256) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB528E->73F81C60

Function netapi32.dll:NetUserGetLocalGroups (257) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB52A4->73F82875

Function netapi32.dll:NetUserModalsGet (258) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB52C1->73F8206B

Function netapi32.dll:NetUserModalsSet (259) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB52D9->73F854AA

Function netapi32.dll:NetUserSetGroups (260) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB52F1->73F85095

Function netapi32.dll:NetUserSetInfo (261) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5309->73F84D1D

Function netapi32.dll:NetValidateName (262) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB531F->73F95859

Function netapi32.dll:NetValidatePasswordPolicy (263) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5336->73F89967

Function netapi32.dll:NetValidatePasswordPolicyFree (264) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5357->73F89B6B

Function netapi32.dll:NetWkstaTransportAdd (267) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB537C->73F94E45

Function netapi32.dll:NetWkstaTransportDel (268) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5398->73F94F21

Function netapi32.dll:NetWkstaTransportEnum (269) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB53B4->73F94CF9

Function netapi32.dll:NetWkstaUserEnum (270) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB53D1->73F94AD1

Function netapi32.dll:NetWkstaUserGetInfo (271) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB53E9->73F93280

Function netapi32.dll:NetWkstaUserSetInfo (272) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5404->73F94C15

Function netapi32.dll:NetapipBufferAllocate (273) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB541F->73FA37AA

Function netapi32.dll:NetpIsRemote (289) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB543E->73FA382D

Function netapi32.dll:NetpwNameCanonicalize (296) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5454->73FA1C30

Function netapi32.dll:NetpwNameCompare (297) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5473->73FA1F2E

Function netapi32.dll:NetpwNameValidate (298) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB548D->73FA1990

Function netapi32.dll:NetpwPathCanonicalize (299) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB54A8->73FA275D

Function netapi32.dll:NetpwPathCompare (300) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB54C7->73FA4086

Function netapi32.dll:NetpwPathType (301) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB54E1->73FA2533

Function netapi32.dll:NlBindingAddServerToCache (302) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB54F8->752861F8

Function netapi32.dll:NlBindingRemoveServerFromCache (303) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB551B->75285D67

Function netapi32.dll:NlBindingSetAuthInfo (304) intercepted, method - ProcAddressHijack.GetProcAddress ->73FB5543->75286198

1.2 Searching for kernel-mode API hooks

Driver loaded successfully

SDT found (RVA=1689C0)

Kernel ntkrnlpa.exe found in memory at address 8280D000

SDT = 829759C0

KiST = 8287C6F0 (401)

Function NtAlpcConnectPort (16) intercepted (82A60821->8DE37B70), hook C:\Windows\system32\drivers\SandBox.sys

Function NtAlpcSendWaitReceivePort (27) intercepted (82A820A3->8DE393E0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtAssignProcessToJobObject (2B) intercepted (82A0470E->8DE32C70), hook C:\Windows\system32\drivers\SandBox.sys

Function NtClose (32) intercepted (82A5409C->8DE17C90), hook C:\Windows\system32\drivers\SandBox.sys

Function NtConnectPort (3B) intercepted (82A85894->8DE36390), hook C:\Windows\system32\drivers\SandBox.sys

Function NtCreateFile (42) intercepted (82A57E82->8DE14000), hook C:\Windows\system32\drivers\SandBox.sys

Function NtCreateKey (46) intercepted (82A1B9FF->8DE1F2A0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtCreateProcess (4F) intercepted (82AE7E07->8DE2B4C0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtCreateProcessEx (50) intercepted (82AE7E52->8DE2BDC0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtCreateSection (54) intercepted (82A3DCE3->8DE12DB0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtCreateSymbolicLinkObject (56) intercepted (82A1C059->8DE1F050), hook C:\Windows\system32\drivers\SandBox.sys

Function NtCreateThread (57) intercepted (82AE7C0E->8DE29F80), hook C:\Windows\system32\drivers\SandBox.sys

Function NtCreateThreadEx (58) intercepted (82A45D51->8DE2AA00), hook C:\Windows\system32\drivers\SandBox.sys

Function NtCreateUserProcess (5D) intercepted (82A62DE0->8DE2C6D0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtDebugActiveProcess (60) intercepted (82ABD150->8DE39E20), hook C:\Windows\system32\drivers\SandBox.sys

Function NtDeleteFile (66) intercepted (829C79EC->8DE1DD30), hook C:\Windows\system32\drivers\SandBox.sys

Function NtDeleteKey (67) intercepted (82A0A219->8DE20B10), hook C:\Windows\system32\drivers\SandBox.sys

Function NtDeleteValueKey (6A) intercepted (829F01C9->8DE275B0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtLoadDriver (9B) intercepted (829AE279->8DE28DC0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtMakeTemporaryObject (A4) intercepted (82A14363->8DE1E8C0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtOpenFile (B3) intercepted (82A875C4->8DE16CB0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtOpenKey (B6) intercepted (82A4F704->8DE201D0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtOpenProcess (BE) intercepted (82A8E531->8DE2DEB0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtOpenSection (C2) intercepted (82A8C1BA->8DE13620), hook C:\Windows\system32\drivers\SandBox.sys

Function NtOpenThread (C6) intercepted (82A8CE88->8DE2D270), hook C:\Windows\system32\drivers\SandBox.sys

Function NtProtectVirtualMemory (D7) intercepted (82A8CC41->8DE33FB0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtQueryDirectoryFile (DF) intercepted (82A8762F->8DE18AB0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtQueryKey (F4) intercepted (82A636F9->8DE22960), hook C:\Windows\system32\drivers\SandBox.sys

Function NtQueryValueKey (10A) intercepted (82A8870E->8DE231B0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtQueueApcThread (10D) intercepted (829F9AF1->8DE320E0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtRenameKey (122) intercepted (82AAA56D->8DE267A0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtReplaceKey (124) intercepted (82AAA0BA->8DE24710), hook C:\Windows\system32\drivers\SandBox.sys

Function NtRequestPort (12A) intercepted (82A97D31->8DE38630), hook C:\Windows\system32\drivers\SandBox.sys

Function NtRequestWaitReplyPort (12B) intercepted (82A83ACB->8DE38950), hook C:\Windows\system32\drivers\SandBox.sys

Function NtRestoreKey (12E) intercepted (82AA2F4F->8DE25F30), hook C:\Windows\system32\drivers\SandBox.sys

Function NtSaveKey (135) intercepted (82AA1060->8DE24E90), hook C:\Windows\system32\drivers\SandBox.sys

Function NtSaveKeyEx (136) intercepted (82AA1B93->8DE256E0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtSecureConnectPort (138) intercepted (82A6CA01->8DE36F70), hook C:\Windows\system32\drivers\SandBox.sys

Function NtSetContextThread (13C) intercepted (82AE8D13->8DE31650), hook C:\Windows\system32\drivers\SandBox.sys

Function NtSetInformationDebugObject (147) intercepted (82ABD9D7->8DE3A410), hook C:\Windows\system32\drivers\SandBox.sys

Function NtSetInformationFile (149) intercepted (82A5CEB3->8DE19E00), hook C:\Windows\system32\drivers\SandBox.sys

Function NtSetSystemInformation (15E) intercepted (82A97DF5->8DE283D0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtSetValueKey (166) intercepted (82A0D5B1->8DE23A30), hook C:\Windows\system32\drivers\SandBox.sys

Function NtSuspendProcess (16E) intercepted (82AE98B3->8DE303A0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtSuspendThread (16F) intercepted (82AA6650->8DE30CD0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtSystemDebugControl (170) intercepted (82A162FC->8DE39660), hook C:\Windows\system32\drivers\SandBox.sys

Function NtTerminateProcess (172) intercepted (82A6EB3D->8DE2E9A0), hook C:\Windows\system32\drivers\SandBox.sys

Function NtTerminateThread (173) intercepted (82A818E4->8DE2F830), hook C:\Windows\system32\drivers\SandBox.sys

Function NtUnloadDriver (17B) intercepted (82AC8827->8DE29740), hook C:\Windows\system32\drivers\SandBox.sys

Function NtWriteVirtualMemory (18F) intercepted (82A945B5->8DE334C0), hook C:\Windows\system32\drivers\SandBox.sys

Functions checked: 401, intercepted: 50, restored: 0

 

ОЧЕНЬ ПРОШУ ПОМОГИТЕ! канал забит ужасно! так это учитывая что всего лишь 1 флудер( кстати стоит фаерволл Outpost который он пакеты конечно блокирует но это не дело((Очень прошу ПОМОГИТЕ!

Ссылка на комментарий
Поделиться на другие сайты
B1ohazarD Постоялец

B1ohazarD

Опубликовано
Опубликовано
Спасибо безполезные

 

Следите, пожалуйста, за словами.

Вам предложили сделать логи для дальнейшей проверки, вы отказались.

Бесполезен, похоже, ваш мозг. :)

  • Согласен 1
Ссылка на комментарий
Поделиться на другие сайты

Пожалуйста, войдите, чтобы комментировать

Вы сможете оставить комментарий после входа в



Войти
 Share
Перейти к списку тем

  • Похожий контент

    • tubizzz
      NET:MALWARE.URL Помогите!!!!
      От tubizzz
      Обнаружил что грузится процессор на 70% при запуске. Через процесс Хакер вижу два проводника. Один нормальный а второй как раз и грузит проц. Через доктор веб находит вирус этот, но не может вылечить, через процесс хакер его замораживать только могу. Читал на форуме про это и через прогу видит внедренный процесс
      \Net\9564\TCP\5.188.137.200-80\Device\HarddiskVolume5\Windows\explorer.exe
    • RusLine
      Помогите нарвался на шифровальшика.
      От RusLine
      Здравствуйте помогите чем сможете. Скачал с nnmclub total commander попользовался а утром зашифровало все фото файлы важные. Подскажите что делать ?
        



    • Шаманов_Артём
      Зашифровались файлы. Помогите, пожалуйста.
      От Шаманов_Артём
      Доброго дня. Поймали данный шедевр на компы, подскажите пожалуйста, какие действия предпринимать, куда бежать, куда писать?
       
      Сообщение от модератора thyrex Перенесено из данной темы
    • Poiluyf
      [РЕШЕНО] MEM:Trojan.Win32.SEPEH.gen помогите удалить
      От Poiluyf
      Доброе утро вчера скачал обход для дискорда и цепанул эту заразу. Причём один комп вроде не заразился а вот ноутбуку досталось. Файл dwm.exe. 
      отчет.txt
      Нашёл файл удалить не возможно грузит процессор.
    • unfamous1337
      Помогите удалить майнер!
      От unfamous1337
      Сегодня решил запустить пк и поиграть в доту и увидел что фпс просто ужасный хотя пк более менее для нее подходящий 
      Гуглил и нашел в пользователях имя John или как то так не помню Удалил его 
      Файла hosts нет на сайты зайти не могу с антивирусами а если и могу то файлы не запускаются пробовал приложения скачать по типу AVZ Не запускаются 
      Помогите 
×
×
  • Создать...