Hi Polonus,
Then if we found malicious at our memory like me :
[b]Full Scan Summary:
* Scan details:
o Scan started: Thursday, November 19, 2009 11:45:29
o Scan time: 14 minutes, 28 seconds
o Number of memory objects scanned: 14038
+ processes: 76
+ modules: 4348
+ heap pages: 9614
o Number of suspicious memory objects detected: 0
o Number of malicious memory objects detected: 2
o Overall Risk Level: High
* Summary of the detected threat characteristics:
Severity Level What’s been found
A network-aware worm that uses known exploit(s) in order to replicate across vulnerable networks.
View detected locations
* Process "svchost.exe", heap page: [0x04240000 - 0x04280000]
* Process "svchost.exe", heap page: [0x042c0000 - 0x04300000]
MS04-011: LSASS Overflow exploit - replication across TCP 445 (common for Sasser, Bobax, Kibuv, Korgo, Gaobot, Spybot, Randex, other IRC Bots).
View detected locations
* Process "svchost.exe", heap page: [0x04240000 - 0x04280000]
* Process "svchost.exe", heap page: [0x042c0000 - 0x04300000]
* Summary of the detected memory objects:
Severity Level Memory Object
Process “svchost.exe”, heap page: [0x04240000 - 0x04280000]
View detected characteristics
* A network-aware worm that uses known exploit(s) in order to replicate across vulnerable networks.
* MS04-011: LSASS Overflow exploit - replication across TCP 445 (common for Sasser, Bobax, Kibuv, Korgo, Gaobot, Spybot, Randex, other IRC Bots).
Process “svchost.exe”, heap page: [0x042c0000 - 0x04300000]
View detected characteristics
* A network-aware worm that uses known exploit(s) in order to replicate across vulnerable networks.
* MS04-011: LSASS Overflow exploit - replication across TCP 445 (common for Sasser, Bobax, Kibuv, Korgo, Gaobot, Spybot, Randex, other IRC Bots).[/b]
Is there any tool you could suggested to me to clean this out?