Login

3 New Notifications

New Badge Earned
Get 1K upvotes on your post
Life choices of my cat
Earned 210
bastion . 1 hour ago

Hey, how’s it going nathun?

Drag Images here or Browse from your computer.

Make a meme Video to GIF Browse your uploads
Previous Post Next Post
Trending Posts
Sorted by Newest First
p
park_ER 11.01.20 11:13 pm

Infected with virus Win32/Ijector.DWTB

On the computer, a virusnyak that creates the file f36757fb.exe (the first screen). Antivirus installed ESET SS 4 with the last bases. Every 4-5 seconds the antivirus deletes this file on the path C:\ProgramData\
{5ED88764-4921-97CB-894C-211FD9506EE7}, but it is created again. At the same time as the scheduler task appears (the second screen), to remove which there is no sense, because it is restored along with the file.

img.playground.ru/images/9/1/658568.png />


img.playground.ru/images/6/6/8797089.png />
2 Comments
Sort by:
S
Sanchez Ramirez 11.01.20

Yes, there is no dancing with Procmon and AVZ can not do, I guess. I have loaded up safe mode and it cleared Temp's and files tasks (which are not in the Microsoft and WPD) in paths %windir%\tasks %windir%\system32\tasks and %windir%\systemwow64\tasks. Well, and delete the same created in the programdata file.

901 36
P
Phantom_X 11.01.20

Sanchez Ramirez
+ C:\AppData\Local\Temp\ - there I always clean (especially during shutdown)

And will advise our friend to download CCLeaner and there disable scheduled tasks
And lastly - WIN + R "msconfig" startup and disable there every game.

901 36