Quote:
|
Originally Posted by stuveltje
wowwwwwwwwwwww Mrhackula  i am wokrking on it thanks |
You are welcome.
Now, the mitglieder worm you already know about. Here is the details page at symantec:
http://securityresponse.symantec.com...glieder.b.html
The most interesting line is this one:
"The Trojan also downloads and executes PWSteal.Ldpinch"
... so any common passwords in use are to be suspect and should be changed.
For the hijack this log... There is another tool you might find helpful if you can't reach the first:
http://hjt.iamnotageek.com/
In my opinion the only really bad thing there was already pointed out by someone else(f69j69b):
C:\WINDOWS\System32\system.exe
The actual file in this case is called:
"ssgrate.exe"
... it is just lyint to the system process manager to make it think it has a true filename of: "system.exe"
Read the removal instructions at symantec's site (linked above) and all should be well.
If you need anything else, just ask.
Dealing with this shit is fun, isn't it?
Now you know why my blacklist is up to 67,126 domains.
Pity there aren't enough non-"traffic-trading" (circle jerk) sites out there to bother making a communal blacklist.
Most sites approve anything because the surfer only has a 1-10 chance of seeing an actual gallery anyway. :-(
I hope it is easy fixing from here on out.
Mr. H.