The Mysterious
17-11-2009, 05:05
انطلق في 7 نوفمبر/تشرين الثاني أي الشهر الحالي، أصيب به جهازي وجاري البحث عن حل :ah34:، والآن أقوم تحميل أداة لاجتثاثه، آمل أن تفي بالغرض مع أنّ NODE32 Anti virus 3.0 موجود لكن للأسف آخر تحديث له على جهازي كان في 11/10، لذا وجب التنبيه لاتخاذ الاحتياطات اللازمة.
لمزيدٍ من المعلومات التفصيلية عن هذا اللعين..
File Behavior
V1CBVSMQ.EXE has been seen to perform the following behavior:
* The Process is packed and/or encrypted using a software packing process
* This process creates other processes on disk
* Writes to another Process's Virtual Memory (Process Hijacking)
* The process hooks code into all running processes which could allow it to take control of the system or record keyboard input, mouse activity and screen contents
* Violates Windows/Vista Physical Memory Protection allowing it to look inside the data areas of other programs
* This Process Deletes Other Processes From Disk
* Adds a Registry Key (RUN) to auto start Programs on system start up
* Executes a Process
* Copies files
* Injects code into other processes
V1CBVSMQ.EXE has been the subject of the following behavior:
* Deleted as a process from disk
* Created as a process on disk
* Executed as a Process
* Has code inserted into its Virtual Memory space by other programs
* Added as a Registry auto start to load Program on Boot up
* Copied to multiple locations on the system
Country Of Origin
The filename V1CBVSMQ.EXE was first seen on Nov 7 2009 in the following geographical regions of the Prevx community:
* The EUROPEAN UNION on Nov 7 2009
* TURKEY on Nov 8 2009
* GREAT BRITAIN on Nov 8 2009
* YEMEN on Nov 16 2009
File Name Aliases
V1CBVSMQ.EXE can also use the following file names:
* L61YYP.EXE
* HERSS.EXE
* DPLYMK~1.EXE
* DPLYMS~1.EXE
* 93968559.EXE
Filesizes
The following file size has been seen:
* 115,973 bytes
* 1,856,773 bytes
* 292,312 bytes
* 292,316 bytes
File Type
The filename V1CBVSMQ.EXE refers to many versions of an executable program.
لمزيدٍ من المعلومات التفصيلية عن هذا اللعين..
File Behavior
V1CBVSMQ.EXE has been seen to perform the following behavior:
* The Process is packed and/or encrypted using a software packing process
* This process creates other processes on disk
* Writes to another Process's Virtual Memory (Process Hijacking)
* The process hooks code into all running processes which could allow it to take control of the system or record keyboard input, mouse activity and screen contents
* Violates Windows/Vista Physical Memory Protection allowing it to look inside the data areas of other programs
* This Process Deletes Other Processes From Disk
* Adds a Registry Key (RUN) to auto start Programs on system start up
* Executes a Process
* Copies files
* Injects code into other processes
V1CBVSMQ.EXE has been the subject of the following behavior:
* Deleted as a process from disk
* Created as a process on disk
* Executed as a Process
* Has code inserted into its Virtual Memory space by other programs
* Added as a Registry auto start to load Program on Boot up
* Copied to multiple locations on the system
Country Of Origin
The filename V1CBVSMQ.EXE was first seen on Nov 7 2009 in the following geographical regions of the Prevx community:
* The EUROPEAN UNION on Nov 7 2009
* TURKEY on Nov 8 2009
* GREAT BRITAIN on Nov 8 2009
* YEMEN on Nov 16 2009
File Name Aliases
V1CBVSMQ.EXE can also use the following file names:
* L61YYP.EXE
* HERSS.EXE
* DPLYMK~1.EXE
* DPLYMS~1.EXE
* 93968559.EXE
Filesizes
The following file size has been seen:
* 115,973 bytes
* 1,856,773 bytes
* 292,312 bytes
* 292,316 bytes
File Type
The filename V1CBVSMQ.EXE refers to many versions of an executable program.