Jump to content

WMILister


Go to solution Solved by kermit80,

Recommended Posts

Dear community,

I'm hunting for malware on a Windows Server 2012R2 and found out, that it's most likley something like "WannaMine" or acting similar.

I was pointed to a tool called WMILister to be found here, but those download links ( https://eset.sharefile.com/share/view/sb6232c1bc5240709 ) don't work anymore.

Can someone provide a working link for me?

Many thanks!

Martin

Link to comment
Share on other sites

  • Solution
4 hours ago, Sintec said:

Can someone provide a working link for me?

version 3.4 is available here: https://www.xednaps.com/2018/05/06/wmilister/

I don't know what the latest version should be though. Anyway, it worked for me a couple of times.

Edited by kermit80
Link to comment
Share on other sites

Thank you (and thank you JamesR) for your help. We could find and delete all entries from our server.

Link to comment
Share on other sites

  • Administrators

We would have welcome if you could collaborate with us and provide logs before you delete malware using 3rd party tools in the future. It might help us improve protection and protect also your computers from similar malware.

Link to comment
Share on other sites

21 hours ago, Marcos said:

We would have welcome if you could collaborate with us and provide logs before you delete malware using 3rd party tools in the future. It might help us improve protection and protect also your computers from similar malware.

OP never explicitly stated he had Eset installed. I suspect that he was just looking for the tool.

If Eset was installled, an on-demand scan should have been able to detect WMI malware since it now scans WMI entries.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...