Groups | Search | Server Info | Login | Register
Groups > comp.security.misc > #1497
| Path | csiph.com!aioe.org!peer02.ams4!peer.am4.highwinds-media.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!spln!extra.newsguy.com!newsp.newsguy.com!news3 |
|---|---|
| From | Shadow <Sh@dow.br> |
| Newsgroups | alt.comp.os.windows-10, alt.comp.anti-virus, alt.comp.virus, comp.security.misc |
| Subject | Re: Registry - this can't be good |
| Date | Sun, 20 Sep 2020 18:50:20 -0300 |
| Organization | A noiseless patient Shadow |
| Lines | 33 |
| Message-ID | <ebjfmfl25c1h5sfojk756gf5oktbqcs0m3@4ax.com> (permalink) |
| References | <hspaumFe0faU1@mid.individual.net> |
| NNTP-Posting-Host | pb4f4de9abd63b896c2cca5eef297482f5ce0fd337d7c0a83.newsdawg.com |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset=us-ascii |
| Content-Transfer-Encoding | 7bit |
| X-Newsreader | Forte Agent 3.3/32.846 |
| X-Received-Bytes | 1918 |
| X-Received-Body-CRC | 787236106 |
| Xref | csiph.com alt.comp.os.windows-10:122389 alt.comp.anti-virus:25001 alt.comp.virus:11085 comp.security.misc:1497 |
Cross-posted to 4 groups.
Show key headers only | View raw
On Sun, 20 Sep 2020 17:31:33 +0200, "s|b" <me@privacy.invalid> wrote: >So I'm visiting my sister and as usual I take a look at her PC (Windows >10, all recent updates), mostly to update old software. Her C: drive was >all clogged up, a folder (Software) that I use has miraculously >vanished, Fortnite was installed, ... At his point, I'm happy Chrome >isn't installed (again). > >Then I look at the Registry and I see this: ><https://i.postimg.cc/W3TGJbdK/regedit.png> The hOhOhOhOhOhOhOhOhOhOhOhOhOhOhO Sounds suspicious. A Chinese Santa Claus? ;) Seriously, try to put that as a filter in Regmon(or whatever it's called now) and try to see what program is summoning it. Cross posted to other relevant groups. []'s > >That can't be good, right? Avast can't find anything. CCleaner doesn't >show me these files and SUPERAntiSpyware and Malwarebytes don't raise an >alarm either. > >What could this be? The most recent backup image (Macrium) is dated >2018, but I'm inclined to use it to get rid of this crap... unless >anyone else has a better idea? -- Don't be evil - Google 2004 We have a new policy - Google 2012
Back to comp.security.misc | Previous | Next | Find similar
Re: Registry - this can't be good Shadow <Sh@dow.br> - 2020-09-20 18:50 -0300
csiph-web