Jump to content

Recommended Posts

Posted

Hello MxC! I decided to make a topic teaching you avoid to be infected from bad files on internet [shared , from downloads and much more]

 

What is it a backdoored file?

 

It's an infected file , binded 99%, which would damage your personal data and use your pc like a bot!

 

What means bind? or what the hell we call binder?

 

It's a programm that can incorporate your virus,rat,keylogger,trojan with clean programms & files and infect others easily! It means binder is a way for crypting your bad files and infect others !

 

FIRST METHOD

Right click it, if you got winrar installed and you see

"open with winrar" then this means it was binded with winrar

so definitely it's backdoored

 

SECOND METHOD

Open it with a resource editor such as resource hacker/restorator/pe explorer and check the rcdata section,if theres 1 & 2 entries in it

then its binded

 

THIRD METHOD

Open it with a hex editor , at the start of a PE header theres always this line "This program cannot be run in DOS mode" , search for it,if it

exists more then once then it might be binded

it depends on the specific app,for example its not unusual for

binders/crypters to have the stub file attached in the resources

also search for .exe and inspect the results,a binded file

drops the files to a temp folder before executing em , so if

you find somethin like this: %.t.e.m.p.%..x.x...e.x.e or file1.exe/file2.exe

then its def binded...

 

FOURTH METHOD

Run it in sandboxie ,when a file is ran'd in sandboxie its isolated (cant access your files/registry, first click the sandboxie tray icon to

open up its Window , then right click the file and click "run with sandboxie"

if you see another process name in the sandboxie Window then its probably backdoored (this doesnt include sandboxie rpcss/dcom launch processes,those are legit and needed for some programs) , thats not all , the file may drop another when one of the buttons in the program GUI is clicked or after you close it , so click all the buttons and close it

just to make sure , if you do see other processes then immdiatly click file>terminate all processes from the sandboxie menu , if a file refuses to run in sandboxie or its suppose to be a program and it runs

without GUI then it would probably be best to delete it!!

 

[move]Credits 2 GOOLE SEARCH[/move]

 

*I MADE THIS GUIDE, OTHER RETARDS LEECH IT, YOU CAN FIND THIS GUIDE EVERYWHERE, IN GOOGLE FORUMS ETC, LEECHING YOUR GUIDES ISNT THE BEST THING TO MAKE YOU ANGRY BUT STILL BELONG TO 'EM*

 

Posted

If you find the guide usefull stop crying for credits and so on, because in MxC are sharing a lot of programms and files I thought that it is necessary to post it, bye

 

 

Where is the proper credits? And how do you know that the guide belong to this guy rolf, go play with your toys but away from my topic

Posted

If you find the guide usefull stop crying for credits and so on, because in MxC are sharing a lot of programms and files I thought that it is necessary to post it, bye

You claimed to be yours.

No problem if you had put credits,or not even putting credits

 

but this

No mate it's 100% mine  :)

I am the first who shared it in other forums like hf, someone leech it really

really gets me angry

 

People are not that stupid as you think

 

In 1 week,you have scammed,lied many times.

Hell,noone is gonna believe w/e you say

 

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...