![]() Команда: rundll32.exe vxwmpkj.mu,sewpthvz 14:42:19 OPEN-INBOUND TCP offender thisbox 2381 139. TCP stats are very similar: 222 segments, est. 13:15:38 OPEN-INBOUND TCP offender thisbox 3985 139. Now, while certainly deleted by ESET, the deletion takes place *after* the worm executes and creates a scheduled task for its daily execution at the nearest-back whole hour (pardon my crippled English): ![]() connections by 3, and active/passive by 2. TCP stats show related traffic surge of ca. 11:52:39 OPEN-INBOUND TCP offender thisbox 2803 139. ESET log says the worm was cleaned by deleting and isolated:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |