-
Posts
3 -
Joined
-
Last visited
Posts posted by ingmarvanolffen
-
-
10 minutes ago, Marcos said:
It is generally not a good idea to disable AV and play with malware samples on a real machine. What you can do is to check for registry changes reported by app.run on your machine and revert the necessary values.
yes ill send the changes
- PID
- 2928
- CMD
- reg add "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows" /v Load /t REG_SZ /d "C:\Users\admin\AppData\Local\Temp\gscmeme\gscmeme.exe.lnk" /f
- Path
- C:\Windows\system32\reg.exe
- Indicators
- Parent process
- cmd.exe
- User
- admin
- Integrity Level
- MEDIUM
- Exit code
- 0
- Version:
- Company
- Microsoft Corporation
- Description
- Registry Console Tool
- Version
- 6.1.7600.16385 (win7_rtm.090713-1255)
-
so i accedentally opened a ratted file .exe with my stupid head i didnt know that if u dragged something onto a other file itll open it so that happend but i had my eset anti virus disable for a second but when the exe opened i turned my eset back on and it deleted a file now i ran the ratted file in any.run and it shows that it changed regedit files how do i get my pc clean cus idk if the files are deleted or that my pc is still ratted this is my school laptop and i have alot off files on it so i dont wanna reset it
accedentally opened a .exe with rats in it
in Malware Finding and Cleaning
Posted
what will it do ?