Précédent
- 1
- 2
comme je disais j'ai étendu la recherche sur mabezat , prochainement je m'attaque à la detection des services
https://www.cjoint.com/c/CGsx7bpbvDc
https://www.cjoint.com/c/CGsx7bpbvDc
Utilisateur anonyme
bien joué ! :)
en fait je retire ce que j'ai dit , drWeb ne desinfecte pas à 100% il y'a des restes de mabezat dans les executables , l'infection n'st plus active mais il y a des restes dans les offsets
Possible Mabezat (bad offsets) : C:\Windows\System32\intelcphecisvc.exe : 000000000000000000000000600000E200000000000000000000000000000000
Possible Mabezat (bad offsets) : C:\Windows\System32\vmicsvc.exe : FF350000005003000026000000240300000000000000000000000000600000E2
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\bth.inf_x86_neutral_2d4ce84c4a0b8470\fsquirt.exe : 000000000000000000000000600000E206B7E74C78000000EFB8E74C85000100
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\bth.inf_x86_neutral_92c343c9dc681a74\fsquirt.exe : 000000000000000000000000600000E206B7E74C78000000EFB8E74C85000100
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\bth.inf_x86_neutral_a6bf6d613b46f6a5\fsquirt.exe : 000000000000000000000000600000E206B7E74C78000000EFB8E74C85000100
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\divacx86.inf_x86_neutral_d9558f410186db36\ditrace.exe : 000000000000000000000000600000E2ADDA5B4A18000100DBDA5B4A25000000
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\divacx86.inf_x86_neutral_d9558f410186db36\xlog.exe : 000000000000000000000000600000E2ADDA5B4A18000100DBDA5B4A25000000
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_ebfab40beb2d0c6b\IntelCpHeciSvc.exe : 000000000000000000000000600000E200000000000000000000000000000000
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\nvam.inf_x86_neutral_23f35bca3de056bb\dbInstaller.exe : 000000000000000000000000600000E200000000000000000000000000000000
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\wvmic.inf_x86_neutral_b94eb92e8150fa35\vmicsvc.exe : FF350000005003000026000000240300000000000000000000000000600000E2
Possible Mabezat (bad offsets) : C:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe : 000000000000000000000000600000E200000000000000000000000000000000
Possible Mabezat (bad offsets) : C:\Windows\System32\intelcphecisvc.exe : 000000000000000000000000600000E200000000000000000000000000000000
Possible Mabezat (bad offsets) : C:\Windows\System32\vmicsvc.exe : FF350000005003000026000000240300000000000000000000000000600000E2
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\bth.inf_x86_neutral_2d4ce84c4a0b8470\fsquirt.exe : 000000000000000000000000600000E206B7E74C78000000EFB8E74C85000100
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\bth.inf_x86_neutral_92c343c9dc681a74\fsquirt.exe : 000000000000000000000000600000E206B7E74C78000000EFB8E74C85000100
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\bth.inf_x86_neutral_a6bf6d613b46f6a5\fsquirt.exe : 000000000000000000000000600000E206B7E74C78000000EFB8E74C85000100
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\divacx86.inf_x86_neutral_d9558f410186db36\ditrace.exe : 000000000000000000000000600000E2ADDA5B4A18000100DBDA5B4A25000000
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\divacx86.inf_x86_neutral_d9558f410186db36\xlog.exe : 000000000000000000000000600000E2ADDA5B4A18000100DBDA5B4A25000000
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_x86_neutral_ebfab40beb2d0c6b\IntelCpHeciSvc.exe : 000000000000000000000000600000E200000000000000000000000000000000
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\nvam.inf_x86_neutral_23f35bca3de056bb\dbInstaller.exe : 000000000000000000000000600000E200000000000000000000000000000000
Possible Mabezat (bad offsets) : C:\Windows\System32\DriverStore\FileRepository\wvmic.inf_x86_neutral_b94eb92e8150fa35\vmicsvc.exe : FF350000005003000026000000240300000000000000000000000000600000E2
Possible Mabezat (bad offsets) : C:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe : 000000000000000000000000600000E200000000000000000000000000000000
Précédent
- 1
- 2
