Re: Web rara, rara, rara
[  Nouvelle discussion
|  Répondre au groupe
| 
es.comp.virus ]
El Thu, 12 Jun 2008 14:34:40 +0200, vetcon1 escribió:
> Hola, escribo como siempre para exponer problemas. Mi hija recibio a
> traves del messenger un enlace, que a pesar de las advertencias, abrio y
> Os envio el enlace para
> ver si alguien me puede decir si se trata de software malintencionado.
AVG Antivirus
Found Dropper.Delf.BBI
NOD32
Found Win32/AutoRun.PQ
Filesize 42496 bytes
MD5 32418a8b024b06f01b8dc8c2c4a12e78
Start Reason CreateProcess
Termination Reason Timeout
Start Time 00:07.328
Stop Time 01:01.735
DLL-Handling
Loaded DLLs
Filesystem
New Files
\Device\Tcp
\Device\Ip
\Device\Ip
\Device\RasAcd
Opened Files
\\.\Ip
Chronological order
Create/Open File: \Device\Tcp (OPEN_ALWAYS)
Create/Open File: \Device\Ip (OPEN_ALWAYS)
Create/Open File: \Device\Ip (OPEN_ALWAYS)
Open File: \\.\Ip (OPEN_EXISTING)
Create/Open File: \Device\RasAcd (OPEN_ALWAYS)
Mutexes Creates Mutex: LiNbsdfkagGgskkg
Creates Mutex: LiNbsdfkagGgskkg
Registry
Reads
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\SecurityService ""
System Sleep - Milliseconds (10000)
Sleep - Milliseconds (50)
Sleep - Milliseconds (3600000)
System Info Get Windows Directory
Get Computer Name
Window Find Window - Class Name (_Oscar_StatusNotify) Window Name ()
Find Window - Class Name (MSNHiddenWindowClass) Window Name ()
Find Window - Class Name (__oxFrame.class__) Window Name ()
Network Activity
DNS Lookup
Host Name IP Address
valued-5d844d8d captcha235
wonderland.mydyn.net 91.121.84.47
* C&C Server: 91.121.84.47:9500
* Server Password:
* Username:
* Nickname:
Best regards
c.b.
|
 cette fonctionnalité est reservée aux membres ayant une session active !
|
Fermer session 
Chargement en cours...
Sujet: Re: Web rara, rara, rara 
De: 
Date: 
Re: Web rara, rara, rara
Groupes favoris (
Groupes récents (1)
es.comp.virus
Pour commencer 
Usenet: c'est quoi? 
Internet
Tous les groupes 
Hiérarchie des Usenets 
fr. Groupes français 
