135 Posted July 30, 2012 Share Posted July 30, 2012 Como el propio nombre dice extrae proxies de la web HideMyAss This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
rapid_4_me Posted January 9, 2013 Share Posted January 9, 2013 Re: HMA Ultimate Proxy Grabber v1.1 Checked for debuggers Code injection in process: c:\windows\system32\werfault.exe Created a mutex named: Global\f87e12ca-5a85-11e2-918a-000c297913dd Created a mutex named: Local\!IETld!Mutex Created a mutex named: Local\WERReportingForProcess203524 Created an event named: Global\RestartMSIDLLv327680.498089985 Created an event named: Global\ShutdownMSIDLLv327680.498089985 Created an event named: OleDfRootD132CE98528FCCF3 Created process: C:\Windows\system32\WerFault.exe,C:\Windows\system32\WerFault.exe -u -p 203524 -s 820,C:\Windows\system32 Defined Log_API entry: Traces of Max++ Detected process privilege elevation Enumerated running processes Got system default language ID Got user name information a backdoor program which you share here, admins please check this tool and verify ... stealing all information from computer when run it Link to comment Share on other sites More sharing options...
135 Posted January 9, 2013 Author Share Posted January 9, 2013 Re: HMA Ultimate Proxy Grabber v1.1 Checked for debuggers Code injection in process: c:\windows\system32\werfault.exe Created a mutex named: Global\f87e12ca-5a85-11e2-918a-000c297913dd Created a mutex named: Local\!IETld!Mutex Created a mutex named: Local\WERReportingForProcess203524 Created an event named: Global\RestartMSIDLLv327680.498089985 Created an event named: Global\ShutdownMSIDLLv327680.498089985 Created an event named: OleDfRootD132CE98528FCCF3 Created process: C:\Windows\system32\WerFault.exe,C:\Windows\system32\WerFault.exe -u -p 203524 -s 820,C:\Windows\system32 Defined Log_API entry: Traces of Max++ Detected process privilege elevation Enumerated running processes Got system default language ID Got user name information a backdoor program which you share here, admins please check this tool and verify ... stealing all information from computer when run it Go to Mikisoft´s blog and say him that this tool is backdoored lol..... Link to comment Share on other sites More sharing options...
sQuo Posted January 9, 2013 Share Posted January 9, 2013 Re: HMA Ultimate Proxy Grabber v1.1 el archivo esta limpio, no de donde saca esos datos del mutex y del .exe en system32 Link to comment Share on other sites More sharing options...
135 Posted January 9, 2013 Author Share Posted January 9, 2013 Re: HMA Ultimate Proxy Grabber v1.1 De todas formas la ultima version actualizada es la v 1.3 This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts