Quantcast
Channel: Sysinternals Forums
Viewing all 10386 articles
Browse latest View live

Process Explorer : Process Explorer / Trojan/Jorik.Birfost.gy

November 27, 2017, 11:20 pm
$
0
0
Author: sporpigal0
Subject: Process Explorer / Trojan/Jorik.Birfost.gy
Posted: 28 November 2017 at 7:20am

Hello all I just run a verification test on my computer and it found Trojan/Jorik.Birfost.gy in my sechost.dll.mui file but it still reades that it is Verified by Microsoft , anyone knows is that a real threat or just a bug ? Cuz if it is I would realy appreciate if you could give me any advice on how to get rid of it. Here are some screen caps : 


Search

Development : PDS Excel Password Cracker Software

November 28, 2017, 12:00 am
$
0
0
Author: Daisysmiths
Subject: PDS Excel Password Cracker Software
Posted: 28 November 2017 at 8:00am

This PDS Excel Password Recovery Software that is capable technology to recover forgotten MS Excel file password and unlock Excel sheet password. Software provides two types of options dictionary or brute force attack to read MS Excel file password. It provides to recover set the password minimum & maximum value of the password recovery and also put the character such as a like: "A-Z,a-z,0-9" to remove Excel file password.


Download Demo Version : Excel Password Recovery


Process Explorer : How to get data from .ost file?

November 28, 2017, 3:38 am

Internals : win7 BSOD on ATMFD.dll after windows update

November 28, 2017, 6:43 am
$
0
0
Author: anisht
Subject: win7 BSOD on ATMFD.dll after windows update
Posted: 28 November 2017 at 2:43pm

After a partial windows 7 update I received BSOD crash on ATMFD.dll after rebooting.  BSOD appears right before loading credentials.  Dell Latitude E7240.

Stop: 0x00000050 (0xFFFFF900C067CF80, 0x000000000000001 0xFFFFF9600099x000000000000000000000000)uploads/52641/IMG_20171127_100749343.rar

Process Explorer : Process Explorer / Trojan/Jorik.Birfost.gy

November 28, 2017, 6:47 am
$
0
0
Author: Dax1792
Subject: Process Explorer / Trojan/Jorik.Birfost.gy
Posted: 28 November 2017 at 2:47pm

One antivirus out of sixty seven thinks it's a Trojan. That's a false positive.

PsTools : Pstools was working...

November 28, 2017, 6:48 am
$
0
0
Author: smfaleh
Subject: Pstools was working...
Posted: 28 November 2017 at 2:48pm

hello,
i have an admin priv. and port 445 is open also port 135-139. also pcanywhere is working fine so i can remote connect to remote machine with no problems. my pstools is suddenly stop working! it gives access denied.

does microsoft stops pstools in the new updates? any help please
thanks

Autoruns : automate autorun

November 28, 2017, 9:34 am
$
0
0
Author: epulone
Subject: automate autorun
Posted: 28 November 2017 at 5:34pm


I was wandering if exist a way to automate a LOGON. I am not going to considering the risk on this argument because I know there are ;)

If one IT Engineer has to login to several pcs the procedure is very boring and after 60th pcs it starts to be very hard....and....if you don't finish before the sleep mode start you have to start again.

There is a way to use auto-run or script on a USB that do it automatically (>>> alt+ctrl+canc > credentials > enter <<<) ???? A kind of Plug and Play 

Will be great ;) 

Thanks


BgInfo : Wallpaper SLIDESHOW

November 28, 2017, 3:42 pm
$
0
0
Author: Jerome
Subject: Wallpaper SLIDESHOW
Posted: 28 November 2017 at 11:42pm

I tried using Bginfo on a SLIDESHOW background, and it disable the slideshow, and only display 1 of the wallpaper.

Any workaround ?
Search

Process Explorer : Process Explorer has Stopped Working

November 28, 2017, 4:09 pm
$
0
0
Author: chack
Subject: Process Explorer has Stopped Working
Posted: 29 November 2017 at 12:09am

I cannot get process explorer to start. I have tried deleting the registry keys, verified that app compatibility is not in effect, redownloaded the application in every conceivable combination. The same error occurs regardless of running the procexp64.exe or the 32bit version.

The same binary works on another device.

Any help?

Problem signature:
  Problem Event Name: APPCRASH
  Application Name: procexp64.exe
  Application Version: 16.21.0.0
  Application Timestamp: 59067242
  Fault Module Name: KERNELBASE.dll
  Fault Module Version: 6.3.9600.18666
  Fault Module Timestamp: 58f33794
  Exception Code: c0000002
  Exception Offset: 00000000000095fc
  OS Version: 6.3.9600.2.0.0.16.7
  Locale ID: 1033
  Additional Information 1: 8c27
  Additional Information 2: 8c2710e3a7031a8ca57bc94d020c0869
  Additional Information 3: b8c9
  Additional Information 4: b8c9b0708e19294a0afc04a56650a3e3

Read our privacy statement online:

If the online privacy statement is not available, please read our privacy statement offline:
  C:\Windows\system32\en-US\erofflps.txt

Process Explorer : Process Explorer / Trojan/Jorik.Birfost.gy

November 28, 2017, 10:52 pm
$
0
0
Author: sporpigal0
Subject: Process Explorer / Trojan/Jorik.Birfost.gy
Posted: 29 November 2017 at 6:52am

Thanks for the replay

Utilities Suggestions : convert ost to pst outlook

November 28, 2017, 10:52 pm
$
0
0
Author: teamtroylar
Subject: convert ost to pst outlook
Posted: 29 November 2017 at 6:52am

OST to PST converter ismost reliable and excellent software for recovery of corrupt OST file andconversion of OST file to PST. With the help of OST to PST converter you cansuccessfully recover corrupted OST file and convert them into PST file andother formats PST, MSG, EML, BOX and Office-365, vCard, vCalformat without facing any problems. It is capable to recover permanentlydeleted items and give you option that you can easily see preview of theirrecovered OST file before conversion.

Visit more :   http://www.bulkecommerce.com/store/ats-ost-to-pst-converter-software-159.html

Troubleshooting : Error 1067:when starting Sysmon service

November 28, 2017, 11:33 pm
$
0
0
Author: JeffyW
Subject: Error 1067:when starting Sysmon service
Posted: 29 November 2017 at 7:33am

The Sysmon Service is not running and when attempting to start, the following Error is encountered: "System Error 1067, Process unexpectedly Terminated". anyone help me?

Autoruns : Autorunsc.exe opening and closing

November 29, 2017, 1:06 am
$
0
0
Author: adidasbrandon
Subject: Autorunsc.exe opening and closing
Posted: 29 November 2017 at 9:06am

Hi could someone please help me with a issue. When i try to open autorunsc.exe or autorunsc64.exe it will open the command prompt load some info super fast then close? how do i get the cmd to stay opened? thank you

Development : AutoLogon Encryption System

November 29, 2017, 3:03 am
$
0
0
Author: Ocktopus
Subject: AutoLogon Encryption System
Posted: 29 November 2017 at 11:03am

Hello,

I'm really interested into AutoLogon security utility and I would like to know which kind of encryption method is used to encrypt password in registry. I have tested the AutoLogon and inside the registry key WinLogon I found the username and the default domain but nothing concerning the password.

My question is then what kind of encryption has been used for the password encryption ?

Thanks in advance for your answers

Autoruns : Autorunsc.exe opening and closing

November 29, 2017, 3:19 am
$
0
0
Author: Dax1792
Subject: Autorunsc.exe opening and closing
Posted: 29 November 2017 at 11:19am

Run cmd.exe to open a command prompt.
Make sure the folder containing Autoruns is in your PATH environment variable or CD to that folder.
Type autorunsc.exe in the command prompt.
 
The default screen buffer size will probably be too small to display everything. If so, change the screen buffer size by right clicking the title bar and selecting 'Properties'. Then go to the 'Layout' tab.
Search

Development : AutoLogon Encryption System

November 29, 2017, 4:22 pm
$
0
0
Author: sredna
Subject: AutoLogon Encryption System
Posted: 30 November 2017 at 12:22am

Older versions stored it in plain text.

MSDN tells you how the encryption works:

Quote
Note that if Winlogon cannot find a password stored by the LsaStorePrivateData function, it will use the DefaultPassword value of the Winlogon key (if it exists) for the automatic logon password.

Troubleshooting : Need help with Ntoskrnl thread causing high CPU

November 29, 2017, 6:08 pm
$
0
0
Author: ftg785
Subject: Need help with Ntoskrnl thread causing high CPU
Posted: 30 November 2017 at 2:08am

hi magicandre.

i have the same problem... the ACPI.sys issue.

when i set to jumper, can i use 2 drives (1 hdd, 1 ssd) at the same time?

Process Explorer : Task Manager replacement issue

November 29, 2017, 6:53 pm
$
0
0
Author: EricKY26
Subject: Task Manager replacement issue
Posted: 30 November 2017 at 2:53am

You can delete HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe in your registry to restore your original system task manager.

Miscellaneous Utilities : RamMap 1.5 Error Refreshing Database

November 30, 2017, 1:25 am
$
0
0
Author: richard@hesketh.org.
Subject: RamMap 1.5 Error Refreshing Database
Posted: 30 November 2017 at 9:25am

This occurs on launch on Windows Server 2012 R2. I'm logged in as the Administrator, and the Administrator account name has been changed for security purposes.


Development : AutoLogon Encryption System

November 30, 2017, 5:12 am
$
0
0
Author: Ocktopus
Subject: AutoLogon Encryption System
Posted: 30 November 2017 at 1:12pm

Do you mean that it's stored in plain text in the LSA and it's the only encryption provided ?
Viewing all 10386 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>