 |
|
|
|
|
|
|
|
|
|
|
2005-05-24, 07:34 AM
|
#1 |
|
Live and learn. And take very careful notes!
Join Date: Apr 2003
Location: Sunny Holland
Posts: 6,157
 |
wowwwwwwwwwwww Mrhackula
 i am wokrking on it thanks |
|
|
|
2005-05-25, 03:01 AM
|
#2 | |
|
If something goes wrong at the plant, blame the guy who can't speak English
Join Date: Sep 2003
Location: Montana
Posts: 32
|
Quote:
Now, the mitglieder worm you already know about. Here is the details page at symantec: http://securityresponse.symantec.com...glieder.b.html The most interesting line is this one: "The Trojan also downloads and executes PWSteal.Ldpinch" ... so any common passwords in use are to be suspect and should be changed. For the hijack this log... There is another tool you might find helpful if you can't reach the first: http://hjt.iamnotageek.com/ In my opinion the only really bad thing there was already pointed out by someone else(f69j69b): C:\WINDOWS\System32\system.exe The actual file in this case is called: "ssgrate.exe" ... it is just lyint to the system process manager to make it think it has a true filename of: "system.exe" Read the removal instructions at symantec's site (linked above) and all should be well. If you need anything else, just ask. Dealing with this shit is fun, isn't it? Now you know why my blacklist is up to 67,126 domains. Pity there aren't enough non-"traffic-trading" (circle jerk) sites out there to bother making a communal blacklist. Most sites approve anything because the surfer only has a 1-10 chance of seeing an actual gallery anyway. :-( I hope it is easy fixing from here on out. Mr. H.
__________________
Integrity = Longevity |
|
|
|
|
|
2005-05-25, 03:23 AM
|
#3 | |
|
Live and learn. And take very careful notes!
Join Date: Apr 2003
Location: Sunny Holland
Posts: 6,157
|
Quote:
|
|
|
|
|
 |
|
|
Hybrid Mode
