- Joined
- Aug 17, 2014
- Messages
- 1,666
- Reaction score
- 293
it keeps trying to acces to my ms sql server 2012(rule 5023 which panda blocks)
then it creates thse files
Panda scan:
Trojan detected VBS/Psyme.C
Location: C:\410.vbs
02/01/2017 23:10 Deleted
Dangerous operation detected Rule 5023 02/01/2017 23:10 Blocked
Trojan detected Unknown name
Location: C:\hexsyno.exe
02/01/2017 23:09 Deleted
Trojan detected VBS/Psyme.C
Location: C:\401.vbs
02/01/2017 23:09 Deleted
Trojan detected Unknown name
Location: C:\Windows\System32\hexsyno.exe
Karpersky scan
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="BAT/TrojanDownloader.Ftp.NOK trojan (cleaned by deleting)" ac=C fn="C:\xpsyno.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="BAT/TrojanDownloader.Ftp.NLV trojan (cleaned by deleting)" ac=C fn="C:\Windows\System32\us.dat"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="BAT/TrojanDownloader.Ftp.NOK trojan (cleaned by deleting)" ac=C fn="C:\Windows\System32\xpsyno.exe"
it deletes but randomly creates them again,ad aware,malwarebytes,esset online and karpersky tools detect and delete them too,but it keeps re apearing so i request backup here
it also tries to fk up my sql server and access to it so i stopped the service
i think i downloaded an infected serverfile but cant remember which ones,mabinogi ones(last i downloaded) seem clean
@Hycker @lastfun @DNC @SanGawku 1 of the mmorpg extra releases is infected but idk which one =/
then it creates thse files
Panda scan:
Trojan detected VBS/Psyme.C
Location: C:\410.vbs
02/01/2017 23:10 Deleted
Dangerous operation detected Rule 5023 02/01/2017 23:10 Blocked
Trojan detected Unknown name
Location: C:\hexsyno.exe
02/01/2017 23:09 Deleted
Trojan detected VBS/Psyme.C
Location: C:\401.vbs
02/01/2017 23:09 Deleted
Trojan detected Unknown name
Location: C:\Windows\System32\hexsyno.exe
Karpersky scan
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="BAT/TrojanDownloader.Ftp.NOK trojan (cleaned by deleting)" ac=C fn="C:\xpsyno.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="BAT/TrojanDownloader.Ftp.NLV trojan (cleaned by deleting)" ac=C fn="C:\Windows\System32\us.dat"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="BAT/TrojanDownloader.Ftp.NOK trojan (cleaned by deleting)" ac=C fn="C:\Windows\System32\xpsyno.exe"
it deletes but randomly creates them again,ad aware,malwarebytes,esset online and karpersky tools detect and delete them too,but it keeps re apearing so i request backup here
it also tries to fk up my sql server and access to it so i stopped the service
i think i downloaded an infected serverfile but cant remember which ones,mabinogi ones(last i downloaded) seem clean
@Hycker @lastfun @DNC @SanGawku 1 of the mmorpg extra releases is infected but idk which one =/
Last edited: