K4rmaArr0ws Posted March 13, 2011 Posted March 13, 2011 Hello MxC! I decided to make a topic teaching you avoid to be infected from bad files on internet [shared , from downloads and much more] What is it a backdoored file? It's an infected file , binded 99%, which would damage your personal data and use your pc like a bot! What means bind? or what the hell we call binder? It's a programm that can incorporate your virus,rat,keylogger,trojan with clean programms & files and infect others easily! It means binder is a way for crypting your bad files and infect others ! FIRST METHOD Right click it, if you got winrar installed and you see "open with winrar" then this means it was binded with winrar so definitely it's backdoored SECOND METHOD Open it with a resource editor such as resource hacker/restorator/pe explorer and check the rcdata section,if theres 1 & 2 entries in it then its binded THIRD METHOD Open it with a hex editor , at the start of a PE header theres always this line "This program cannot be run in DOS mode" , search for it,if it exists more then once then it might be binded it depends on the specific app,for example its not unusual for binders/crypters to have the stub file attached in the resources also search for .exe and inspect the results,a binded file drops the files to a temp folder before executing em , so if you find somethin like this: %.t.e.m.p.%..x.x...e.x.e or file1.exe/file2.exe then its def binded... FOURTH METHOD Run it in sandboxie ,when a file is ran'd in sandboxie its isolated (cant access your files/registry, first click the sandboxie tray icon to open up its Window , then right click the file and click "run with sandboxie" if you see another process name in the sandboxie Window then its probably backdoored (this doesnt include sandboxie rpcss/dcom launch processes,those are legit and needed for some programs) , thats not all , the file may drop another when one of the buttons in the program GUI is clicked or after you close it , so click all the buttons and close it just to make sure , if you do see other processes then immdiatly click file>terminate all processes from the sandboxie menu , if a file refuses to run in sandboxie or its suppose to be a program and it runs without GUI then it would probably be best to delete it!! [move]Credits 2 GOOLE SEARCH[/move] *I MADE THIS GUIDE, OTHER RETARDS LEECH IT, YOU CAN FIND THIS GUIDE EVERYWHERE, IN GOOGLE FORUMS ETC, LEECHING YOUR GUIDES ISNT THE BEST THING TO MAKE YOU ANGRY BUT STILL BELONG TO 'EM* Quote
j1maras2@ Posted March 13, 2011 Posted March 13, 2011 You made a Good guide. I Hope it's not a copy/paste. Quote
K4rmaArr0ws Posted March 13, 2011 Author Posted March 13, 2011 You made a Good guide. I Hope it's not a copy/paste. No mate it's 100% mine :) Quote
Reptant_ Posted March 13, 2011 Posted March 13, 2011 http://www.bukisa.com/articles/297051_how-to-detect-a-backdoor-virus-in-a-executable-file Plus 30+ other results Should i dekarma you? Quote
K4rmaArr0ws Posted March 13, 2011 Author Posted March 13, 2011 I am the first who shared it in other forums like hf, someone leech it really Quote
Reptant_ Posted March 13, 2011 Posted March 13, 2011 Sure,i found ones shared 1,5 year ago Hell,don't think we are stupid Quote
K4rmaArr0ws Posted March 13, 2011 Author Posted March 13, 2011 OK check your PMs and look my reg date at hf Joined: Apr 2010 Quote
Reptant_ Posted March 13, 2011 Posted March 13, 2011 OK check your PMs and look my reg date at hf Joined: Apr 2010 so,when did u make this guide? Quote
K4rmaArr0ws Posted March 13, 2011 Author Posted March 13, 2011 When I was new in hf forums, so stop judging me for nothing :-\ Quote
Reptant_ Posted March 13, 2011 Posted March 13, 2011 When I was new in hf forums, so stop judging me for nothing :-\ so,at April 2010? Nice one http://forum.cheatengine.org/viewtopic.php?p=4800294&sid=4d05d24f13c699099e37217d0b22041c Quote
Sirocco Posted March 13, 2011 Posted March 13, 2011 finito isnt stupid,liar or crazy he gave us proofs. So give the proper credits. Quote
K4rmaArr0ws Posted March 13, 2011 Author Posted March 13, 2011 If you find the guide usefull stop crying for credits and so on, because in MxC are sharing a lot of programms and files I thought that it is necessary to post it, bye so,at April 2010? Nice one http://forum.cheatengine.org/viewtopic.php?p=4800294&sid=4d05d24f13c699099e37217d0b22041c Where is the proper credits? And how do you know that the guide belong to this guy rolf, go play with your toys but away from my topic Quote
Reptant_ Posted March 13, 2011 Posted March 13, 2011 If you find the guide usefull stop crying for credits and so on, because in MxC are sharing a lot of programms and files I thought that it is necessary to post it, bye You claimed to be yours. No problem if you had put credits,or not even putting credits but this No mate it's 100% mine :) I am the first who shared it in other forums like hf, someone leech it really really gets me angry People are not that stupid as you think In 1 week,you have scammed,lied many times. Hell,noone is gonna believe w/e you say Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.