- 1,584
- 1,303
Никакой антивирус, антистилер, анти-гей не защитят тебя на 100% пока ты сам не начнёшь думать о своей защите.
Эксклюзив Неактуально Избранное ASI AntiStealer
- Автор темы DarkP1xel
- Дата начала
-
- Теги
- antistealer asi
- Статус
Здравствуйте, скачал антистиллер и вот что нашлось, прочитав описание, понял, что это стиллер, можете подсказать, надо ли это удалять, если да, можно путь указать, просто я не знаю, какой именно, спасибо.
[PATCHED] > [LoadLibraryExW] > [C:\Windows\SYSTEM32\MSCOREE.DLL] > {lpLibFileName: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll}
[PATCHED] > [CopyFileA] > [D:\Games\GTA San Andreas\samp.asi] > {lpExistingFileName: D:\Games\GTA San Andreas\samp.asi | lpNewFileName: D:\Games\GTA San Andreas\samp.asi}
[PATCHED] > [SetFileAttributesA] > [D:\Games\GTA San Andreas\samp.asi] > {lpFileName: D:\Games\GTA San Andreas\samp.asi | dwFileAttributes: 7}
[PATCHED] > [CreateProcessW] > [C:\Windows\AppPatch\AcGenral.DLL] > {lpApplicationName: [PATCHED] > [CreateProcessW] > [D:\Games\GTA San Andreas\CrashRpt1402.dll] > {lpApplicationName: D:\Games\GTA San Andreas\CrashSender1402.exe}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\Пользователь\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ | dwFileAttributes: 8198}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\Пользователь\AppData\Roaming\Microsoft\Windows\Cookies\ | dwFileAttributes: 8198}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\Пользователь\AppData\Local\Microsoft\Windows\History\History.IE5\ | dwFileAttributes: 8198}
[WARNING] > [InternetOpenUrlA] > [D:\Games\GTA San Andreas\crashes.asi] > {lpszUrl: https://raw.githubusercontent.com/Whitetigerswt/gtasa_crashfix/master/LatestVersion.txt}
[WARNING] > [getaddrinfo] > [C:\Windows\syswow64\WININET.dll] > {pNodeName: Пользователь-ПК}
[PATCHED] > [LoadLibraryExW] > [C:\Windows\SYSTEM32\MSCOREE.DLL] > {lpLibFileName: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll}
[PATCHED] > [CopyFileA] > [D:\Games\GTA San Andreas\samp.asi] > {lpExistingFileName: D:\Games\GTA San Andreas\samp.asi | lpNewFileName: D:\Games\GTA San Andreas\samp.asi}
[PATCHED] > [SetFileAttributesA] > [D:\Games\GTA San Andreas\samp.asi] > {lpFileName: D:\Games\GTA San Andreas\samp.asi | dwFileAttributes: 7}
[PATCHED] > [CreateProcessW] > [C:\Windows\AppPatch\AcGenral.DLL] > {lpApplicationName: [PATCHED] > [CreateProcessW] > [D:\Games\GTA San Andreas\CrashRpt1402.dll] > {lpApplicationName: D:\Games\GTA San Andreas\CrashSender1402.exe}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\Пользователь\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ | dwFileAttributes: 8198}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\Пользователь\AppData\Roaming\Microsoft\Windows\Cookies\ | dwFileAttributes: 8198}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\Пользователь\AppData\Local\Microsoft\Windows\History\History.IE5\ | dwFileAttributes: 8198}
[WARNING] > [InternetOpenUrlA] > [D:\Games\GTA San Andreas\crashes.asi] > {lpszUrl: https://raw.githubusercontent.com/Whitetigerswt/gtasa_crashfix/master/LatestVersion.txt}
[WARNING] > [getaddrinfo] > [C:\Windows\syswow64\WININET.dll] > {pNodeName: Пользователь-ПК}
- 3,635
- 4,962
[WARNING] > [gethostbyname] > [D:\Games\GTA San Andreas\samp.dll] > {name: HP}
[WARNING] > [gethostbyname] > [D:\Games\GTA San Andreas\samp.dll] > {name: 37.230.139.55}
[WARNING] > [gethostbyname] > [D:\Games\GTA San Andreas\samp.dll] > {name: 37.230.139.55}
теперь такое вместо 1 строки, это тоже просто инет соединение самп?
[WARNING] > [gethostbyname] > [D:\Games\GTA San Andreas\samp.dll] > {name: 37.230.139.55}
[WARNING] > [gethostbyname] > [D:\Games\GTA San Andreas\samp.dll] > {name: 37.230.139.55}
теперь такое вместо 1 строки, это тоже просто инет соединение самп?
- 1,584
- 1,303
Ничего страшного в этом нет. Самп получает хост по нику компа(или по нику в сампе)
ganster_3000
Известный
- 9
- 0
Добрый день, скачал Антистиллер и начала вылетать гта, убираю Анти Стиллер и все норм, посмотрите может стиллер
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\Danil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ | dwFileAttributes: 8198}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\Danil\AppData\Roaming\Microsoft\Windows\Cookies\ | dwFileAttributes: 8198}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\Danil\AppData\Local\Microsoft\Windows\History\History.IE5\ | dwFileAttributes: 8198}
[WARNING] > [URLDownloadToFileA] > [C:\GTA San Andreas MultiPlayer\MoonLoader.asi] > {szURL: https://blast.hk/moonloader/data/version-info.json | szFileName: C:\Users\Danil\AppData\Local\Temp\moonloader-version.json}
[WARNING] > [URLDownloadToFileW] > [C:\Windows\syswow64\urlmon.dll] > {szURL: https://blast.hk/moonloader/data/version-info.json | szFileName: C:\Users\Danil\AppData\Local\Temp\moonloader-version.json}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\Danil\AppData\Roaming\Microsoft\Windows\IETldCache\ | dwFileAttributes: 8198}
[WARNING] > [gethostbyname] > [C:\GTA San Andreas MultiPlayer\samp.dll] > {name: Данила-ПК}
[WARNING] > [InternetConnectW] > [C:\Windows\syswow64\urlmon.dll] > {lpszServerName: blast.hk}
[WARNING] > [InternetOpenUrlA] > [C:\GTA San Andreas MultiPlayer\SAMPFUNCS.asi] > {lpszUrl: http://service.blasthack.net/sf_sta...x=BB9299073C5ED26B12E122F841460D5C5F[WARNING] > [InternetConnectA] > [}C:\Windows\syswow64\WININET.dll
] > {lpszServerName: blast.hk}
[WARNING] > [HttpOpenRequestW] > [C:\Windows\syswow64\urlmon.dll] > {lpszObjectName: /moonloader/data/version-info.json}
[WARNING] > [HttpOpenRequestA] > [C:\Windows\syswow64\WININET.dll] > {lpszObjectName: /moonloader/data/version-info.json}
[WARNING] > [getaddrinfo] > [C:\Windows\syswow64\WININET.dll] > {pNodeName: Данила-ПК}
И если нету, то что мне делать, вылетает гта
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\Danil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ | dwFileAttributes: 8198}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\Danil\AppData\Roaming\Microsoft\Windows\Cookies\ | dwFileAttributes: 8198}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\Danil\AppData\Local\Microsoft\Windows\History\History.IE5\ | dwFileAttributes: 8198}
[WARNING] > [URLDownloadToFileA] > [C:\GTA San Andreas MultiPlayer\MoonLoader.asi] > {szURL: https://blast.hk/moonloader/data/version-info.json | szFileName: C:\Users\Danil\AppData\Local\Temp\moonloader-version.json}
[WARNING] > [URLDownloadToFileW] > [C:\Windows\syswow64\urlmon.dll] > {szURL: https://blast.hk/moonloader/data/version-info.json | szFileName: C:\Users\Danil\AppData\Local\Temp\moonloader-version.json}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\Danil\AppData\Roaming\Microsoft\Windows\IETldCache\ | dwFileAttributes: 8198}
[WARNING] > [gethostbyname] > [C:\GTA San Andreas MultiPlayer\samp.dll] > {name: Данила-ПК}
[WARNING] > [InternetConnectW] > [C:\Windows\syswow64\urlmon.dll] > {lpszServerName: blast.hk}
[WARNING] > [InternetOpenUrlA] > [C:\GTA San Andreas MultiPlayer\SAMPFUNCS.asi] > {lpszUrl: http://service.blasthack.net/sf_sta...x=BB9299073C5ED26B12E122F841460D5C5F[WARNING] > [InternetConnectA] > [}C:\Windows\syswow64\WININET.dll
] > {lpszServerName: blast.hk}
[WARNING] > [HttpOpenRequestW] > [C:\Windows\syswow64\urlmon.dll] > {lpszObjectName: /moonloader/data/version-info.json}
[WARNING] > [HttpOpenRequestA] > [C:\Windows\syswow64\WININET.dll] > {lpszObjectName: /moonloader/data/version-info.json}
[WARNING] > [getaddrinfo] > [C:\Windows\syswow64\WININET.dll] > {pNodeName: Данила-ПК}
И если нету, то что мне делать, вылетает гта
- 1,584
- 1,303
Какова вероятность того, что ты начнёшь отличать СКРИПТЫ от ПЛАГИНОВ и какую-то хуйню от священного антистиллера от Таира?
Соб от школобойки качает Coinminer и Malware VirusTotal(https://www.virustotal.com/#/file/12c2089b3e57f98df078e99675f55e23052b21bb22fdaf8ec11db440a377b5d9/detection)
Код:
|
|>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<|
|> | AntiStealer | V4.4.0 | By DarkP1xel | .LOG File | <|
|> Official Web-Site: https://blast.hk/ <|
|> Subscribe to my YouTube Channel: https://vk.cc/5PCsTe <|
|> Official Topic: https://blast.hk/threads/16018/ <|
|> KEEP CALM AND SMOKE SOME WEED <|
|> !AntiStealer LOADED! <|
|>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<|
[WARNING] > [gethostbyname] > [D:\Grand Theft Auto San Andreas\samp.dll] > {name: ADNIM}
[WARNING] > [gethostbyname] > [D:\Grand Theft Auto San Andreas\samp.dll] > {name: 5.254.104.139}
[WARNING] > [gethostbyname] > [D:\Grand Theft Auto San Andreas\samp.dll] > {name: 5.254.104.139}
[WARNING] > [send] > [D:\Grand Theft Auto San Andreas\d3d9.dll] > {buf: SAMPюh‹ai}
[WARNING] > [send] > [D:\Grand Theft Auto San Andreas\d3d9.dll] > {buf: SAMPюh‹ar}
[WARNING] > [send] > [D:\Grand Theft Auto San Andreas\d3d9.dll] > {buf: SAMPюh‹ac}
[WARNING] > [send] > [D:\Grand Theft Auto San Andreas\d3d9.dll] > {buf: SAMPюh‹ad}
[WARNING] > [send] > [D:\Grand Theft Auto San Andreas\d3d9.dll] > {buf: SAMPюh‹ap}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\ADMIN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ | dwFileAttributes: 8198}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Cookies\ | dwFileAttributes: 8198}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\ADMIN\AppData\Local\Microsoft\Windows\History\History.IE5\ | dwFileAttributes: 8198}
[WARNING] > [InternetOpenUrlA] > [D:\Grand Theft Auto San Andreas\d3d9.dll] > {lpszUrl: https://litehack.ru/sobeit/version.php}
[WARNING] > [InternetOpenUrlA] > [D:\Grand Theft Auto San Andreas\SAMPFUNCS.asi] > {lpszUrl: http://service.blasthack.net/sf_stats.php?d=94F17CC6BE428059E1E1ABF9FB2923F0CDAC2897AE52905A6C314E4C60&x=B9909B053E5CD06910E320FA43440F5E5D}
[WARNING] > [InternetCreateUrlA] > [C:\Windows\syswow64\WININET.dll] > {lpUrlComponents->lpszHostName: service.blasthack.net}
[WARNING] > [InternetCreateUrlA] > [C:\Windows\syswow64\WININET.dll] > {lpUrlComponents->lpszHostName: litehack.ru}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\IETldCache\ | dwFileAttributes: 8198}
[WARNING] > [getaddrinfo] > [C:\Windows\syswow64\WININET.dll] > {pNodeName: service.blasthack.net}[WARNING] > [getaddrinfo] > [
C:\Windows\syswow64\WININET.dll] > {pNodeName: litehack.ru}
[WARNING] > [GetAddrInfoW] > [C:\Windows\syswow64\WS2_32.dll] > {pNodeName: service.blasthack.net}
[WARNING] > [GetAddrInfoW] > [C:\Windows\syswow64\WS2_32.dll] > {pNodeName: litehack.ru}
[WARNING] > [getaddrinfo] > [C:\Windows\syswow64\WININET.dll] > {pNodeName: service.blasthack.net}
[WARNING] > [GetAddrInfoW] > [C:\Windows\syswow64\WS2_32.dll] > {pNodeName: service.blasthack.net}
[WARNING] > [getaddrinfo] > [C:\Windows\syswow64\WININET.dll] > {pNodeName: litehack.ru}
[WARNING] > [GetAddrInfoW] > [C:\Windows\syswow64\WS2_32.dll] > {pNodeName: litehack.ru}
[WARNING] > [send] > [C:\Windows\syswow64\WININET.dll] > {buf: }
[WARNING] > [send] > [C:\Windows\syswow64\WININET.dll] > {buf: GET /sf_stats.php?d=94F17CC6BE428059E1E1ABF9FB2923F0CDAC2897AE52905A6C314E4C60&x=B9909B053E5CD06910E320FA43440F5E5D HTTP/1.1
User-Agent: SAMPFUNCS v5.3.3 release #19 (SA-MP 0.3.7)
Host: service.blasthack.net
}
[WARNING] > [send] > [C:\Windows\syswow64\WININET.dll] > {buf: }
[PATCHED] > [GetTempPathW] > [C:\Windows\syswow64\CRYPT32.dll]
[WARNING] > [send] > [C:\Windows\syswow64\WININET.dll] > {buf: }
[WARNING] > [InternetOpenUrlA] > [D:\Grand Theft Auto San Andreas\d3d9.dll] > {lpszUrl: https://litehack.ru/sobeit/online.php}
[WARNING] > [InternetCreateUrlA] > [C:\Windows\syswow64\WININET.dll] > {lpUrlComponents->lpszHostName: litehack.ru}
[PATCHED] > [SetFileAttributesA] > [C:\Windows\syswow64\WININET.dll] > {lpFileName: C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\IETldCache\ | dwFileAttributes: 8198}
[WARNING] > [send] > [C:\Windows\syswow64\WININET.dll] > {buf: }
[WARNING] > [send] > [C:\Windows\syswow64\WININET.dll] > {buf: }
[WARNING] > [send] > [C:\Windows\syswow64\WININET.dll] > {buf: }
[WARNING] > [URLDownloadToFileA] > [D:\Grand Theft Auto San Andreas\d3d9.dll] > {szURL: https://litehack.ru/sobeit/autorun.exe | szFileName: C:\Users\ADMIN\AppData\Local\Microsoft\taskmgr.exe}
[WARNING] > [URLDownloadToFileW] > [C:\Windows\syswow64\urlmon.dll] > {szURL: https://litehack.ru/sobeit/autorun.exe | szFileName: C:\Users\ADMIN\AppData\Local\Microsoft\taskmgr.exe}
- 1,584
- 1,303
Нету в нём стилера, это авто-обновление, а блокируется потому-что когда антистилер видит ссылку на скачку чего либо в скрипте то, в нём просыпается терминатор
Последнее редактирование:
Не понял, что с анти-стиллером? AVP'хой проверял это Cleo, показало что стиллер от Карабашкина. Этот же AntiStealer в логе ничего не написал. Как понять? Далеко не согласен с тем, что написано в описании. Cleo приложил, есть объяснение? В случае ошибки извинюсь за слова.
Последнее редактирование:
- Статус
Похожие темы
-
- Закрыта
- Закреплено
- Вопрос
