You are viewing our Forum Archives. To view or take place in current topics click here.

Was this helpful at all? (This is my first small TuT)

Yes
66.67% (2 votes)
A little (It got me close to deleting it)
0.00% (0 votes)
No, sorry.
33.33% (1 vote)

Total Votes: 3

[TuT]Have you downloaded a Trojan from BO Editors?[TuT]
Posted:

[TuT]Have you downloaded a Trojan from BO Editors?[TuT]Posted:

dy3p8ntrkid
  • New Member
Status: Offline
Joined: Nov 26, 201014Year Member
Posts: 42
Reputation Power: 1
Status: Offline
Joined: Nov 26, 201014Year Member
Posts: 42
Reputation Power: 1
If this is in the wrong section, sorry, but normally modding programs are manipulated and posted here so this may help alot of people that download any unsafe .exes.


Main Concern: Bots, IRCs, RATs, Keyloggers (All backdoor.Trojans, meaning you have to execute a file to get the virus).


This is to help anyone that does not know what to do if they download any supposed editors or program modders that will alter any profile, game, etc.

This is mainly concerning people who do download backdoor.Trojans, a.k.a. Keyloggers, RAT's, Bots, etc.

This is to basically show what to do if you don't know what to do if you ever download an .exe file that is a keylogger, etc.


Program[s] Needed:
[ Register or Signin to view external links. ]
Pic of Scan Button:
[ Register or Signin to view external links. ]

Cannot Get a virus scan, if you don't trust the .exe direct download, go to site for the download [ Register or Signin to view external links. ]


[ Register or Signin to view external links. ]
Virus Scan:
File Info

Report date: 2010-12-16 08:00:23 (GMT 1)
File name: mbam-setup-exe
File size: 7622112 bytes
MD5 Hash: c0f516a550b9fc6891909c5db20f4ee7
SHA1 Hash: e32dff1f637b03d7dcdfaf8e9302551472121797
Detection rate: 0 on 16 (0%)
Status: CLEAN

Detections

a-squared -
Avast -
AVG -
Avira AntiVir -
BitDefender -
ClamAV -
Comodo -
Dr.Web -
F-PROT6 -
Ikarus T3 -
Kaspersky -
NOD32 -
Panda -
TrendMicro -
VBA32 -
VirusBuster -

Scan report generated by
[ Register or Signin to view external links. ]


1. As you are downloading I'd recommend looking for any suspicious looking processes running in your task manager, any svchost.exe's (If there are 2), explorer.exe (If there are 2), or if your default browser is not running on your desktop and it is in your processes, the RAT injected itself into your default browser when you tried to run the .exe. [To open task manager simple Ctrl+ALT+DEL and open Task Manager.]

2. Next just simply scan with spybot or whatever antivirus you are using, remember if your antivirus got rid of any Backdoor.Trojans, 99.9% likely you got rid of your little hacking friend that failed. Any results from the Anti-virus delete obviously, unless you want a computer with a virus? Don't be dumb :|

3. Spybot will show grey windows on files that don't have rights through spybot, a.k.a. the keylogger or sometimes files that you've downloaded before that are running. If you find any files in /User/*Yourname*/Appdata/Local/Roaming/ Then this is 99.9% likely your little keylogging ass and this file should be an .exe. Just delete it..


This is fairly simple but sometimes people do not know what to do and they panic, after using IRC's, Bots, RAT's, etc, I've kinda learned where alot of the RAT proggies install their bots automatically or what files normally people will choose to inject to.


Please thank the topic if this helped you Just saw some people post how they were worried about the files they downloaded, again if this is in the wrong section, please move it if it does not belong here.
#2. Posted:
UFCundisputed2010
  • Resident Elite
Status: Offline
Joined: Oct 23, 201014Year Member
Posts: 204
Reputation Power: 7
Status: Offline
Joined: Oct 23, 201014Year Member
Posts: 204
Reputation Power: 7
Thanks for posting this. i seriously didn't realize how much files i had infected on my pc. Now it runs hella smooth since malware scanner found 180 different kinds of viruses and removed them. compared to before. programs were taking so long to open. youtube videos lagging like a b!tch. Also Firefox would disconnect me for no apparent reason at all.

I'm glad that s**t is finally over with.
#3. Posted:
-eLeVaTiiONz
  • Powerhouse
Status: Offline
Joined: Oct 19, 201014Year Member
Posts: 428
Reputation Power: 14
Status: Offline
Joined: Oct 19, 201014Year Member
Posts: 428
Reputation Power: 14
You have 38 Posts... i thoughed this would be a trojan!... :/
#4. Posted:
dy3p8ntrkid
  • New Member
Status: Offline
Joined: Nov 26, 201014Year Member
Posts: 42
Reputation Power: 1
Status: Offline
Joined: Nov 26, 201014Year Member
Posts: 42
Reputation Power: 1
Thanks for the replies to my first TuT And thanks for verifying that my downloads are not trojans. Finally got my internet back on after Cain & Abel messed it up.
#5. Posted:
PUDDI
  • Challenger
Status: Offline
Joined: Oct 15, 201014Year Member
Posts: 163
Reputation Power: 6
Status: Offline
Joined: Oct 15, 201014Year Member
Posts: 163
Reputation Power: 6
What do I do if I find an "svchost.exe" running in task manager?
Thought those were drivers?
#6. Posted:
-Tactical-Techie-
  • TTG Addict
Status: Offline
Joined: Aug 03, 201014Year Member
Posts: 2,421
Reputation Power: 103
Status: Offline
Joined: Aug 03, 201014Year Member
Posts: 2,421
Reputation Power: 103
TTG_DERP wrote What do I do if I find an "svchost.exe" running in task manager?
Thought those were drivers?


Svchost can also be a windows process so dont worry
#7. Posted:
iWooki3
  • Challenger
Status: Offline
Joined: Dec 16, 201013Year Member
Posts: 178
Reputation Power: 8
Status: Offline
Joined: Dec 16, 201013Year Member
Posts: 178
Reputation Power: 8
nice copy and paste if you gunna post this you put it on here
Forums/viewtopic/p=4783382.html#4783382

-iWooki3
#8. Posted:
KaplanCrunch
  • TTG Addict
Status: Offline
Joined: Mar 01, 201014Year Member
Posts: 2,223
Reputation Power: 101
Status: Offline
Joined: Mar 01, 201014Year Member
Posts: 2,223
Reputation Power: 101
Antiviruses suck...mKay

If you want to really get rid of a virus the right way visit this.

Forums/viewtopic/t=659243.html


Relying on a program to do manual work is bad...mKay
#9. Posted:
-1337-
  • TTG Contender
Status: Offline
Joined: Oct 12, 200915Year Member
Posts: 3,791
Reputation Power: 276
Status: Offline
Joined: Oct 12, 200915Year Member
Posts: 3,791
Reputation Power: 276
LOL! even if you have 2 svchost.exe and explorer.exe then they are normal processes just do us all a favour and go end crss.exe >_<
Jump to:
You are viewing our Forum Archives. To view or take place in current topics click here.