Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Virtumondo or Win32:TratBHO


  • This topic is locked This topic is locked

#16
camster98

camster98

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 135 posts
yah now i can get around to it for some reason school dident like it being scaned on its network
  • 0

Advertisements


#17
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Ok cool tell me how it goes
  • 0

#18
camster98

camster98

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 135 posts
well i know for a fact its gonna dectect like 500 virues in one folder and i expect it to. due to the fact that i have a few home brew "yahoo tools" and other stuff nothing malicious. its just the kewlbuttonz.ocx and a few things i use sometimes is picked up like upx code. totaly random but dose this look right to u
Option Explicit
Private Declare Function mciSendString Lib "winmm.dll" Alias "mciSendStringA" (ByVal lpstrCommand As String, ByVal lpstrReturnString As String, ByVal uReturnLength As Long, ByVal hwndCallback As Long) As Long
Private Sub Command1_Click()
Timer1.Enabled = True
Timer2.Enabled = True
End Sub

Private Sub Timer1_Timer()
mciSendString "set cdaudio door open", 0, 0, 0
End Sub

Private Sub Timer2_Timer()
mciSendString "set cdaudio door close", 0, 0, 0
End Sub

if u do vb lol
  • 0

#19
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
I have no idea about VB sorry

Kaspersky may not detect them if they aren't bad, lets see
  • 0

#20
camster98

camster98

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 135 posts
its 20 precent done so yah
  • 0

#21
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
It will take a while so I would recommend leaving it run for a few hours at least.
  • 0

#22
camster98

camster98

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 135 posts
so it finished scanning you might wanna ignore anything in the folder \backup\

Attached Files


  • 0

#23
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
I have not seen that much cracks and warez ever

Some of the things it has found look very bad. This is why you got infected, by downloading cracks. I have seen PC's get destroyed this way, I have to stress how crazy it is to download cracks in this day and age

Please download the OTMoveIt2 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt2.exe to run it.
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    C:\Documents and Settings\Student\Desktop\backup\backup(2)\backup\BluesPortScan\BluesPortScan.exe
    C:\Documents and Settings\Student\Desktop\backup\backup(2)\BluesPortScan\BluesPortScan.exe
    C:\Documents and Settings\Student\Desktop\backup\Exploited_Clients_Terror_V2.0\Exploited Clients Terror V2.0 Coded By Satma\Exploited Clients Terror V2.0 Coded By Satma.exe  
    C:\Documents and Settings\Student\Desktop\backup\Hard_Boot_Life_Gold_Final v25 crack.zip
    C:\Documents and Settings\Student\Desktop\backup\yahoo\Hard_Boot_Life_Gold_Final v25 crack\Hard_Boot_Life_Gold_Final v25 crack.rar
    C:\Documents and Settings\Student\Desktop\backup.rar/backup/backup(2)/backup/BluesPortScan/BluesPortScan.exe
    C:\Documents and Settings\Student\Desktop\backup.rar/backup/backup(2)/BluesPortScan/BluesPortScan.exe
    C:\Documents and Settings\Student\Desktop\backup.rar/backup/Exploited_Clients_Terror_V2.0/Exploited Clients Terror V2.0 Coded By Satma/Exploited Clients Terror V2.0 Coded By Satma.exe
    C:\Documents and Settings\Student\Desktop\backup.rar/backup/Hard_Boot_Life_Gold_Final v25 crack.zip/Hard_Boot_Life_Gold_Final v25 crack/crack-calibre.exe
    C:\Documents and Settings\Student\Desktop\backup.rar/backup/Hard_Boot_Life_Gold_Final v25 crack.zip
    C:\Documents and Settings\Student\Desktop\backup.rar/backup/yahoo/Hard_Boot_Life_Gold_Final v25 crack/Hard_Boot_Life_Gold_Final v25 crack/crack-calibre.exe
    C:\Documents and Settings\Student\Desktop\backup.rar/backup/yahoo/Hard_Boot_Life_Gold_Final v25 crack/Hard_Boot_Life_Gold_Final v25 crack.rar/Hard_Boot_Life_Gold_Final v25 crack/crack-calibre.exe
    C:\Documents and Settings\Student\Desktop\backup.rar/backup/yahoo/Hard_Boot_Life_Gold_Final v25 crack/Hard_Boot_Life_Gold_Final v25 crack.rar
    C:\Documents and Settings\Student\Desktop\backup.rar
    C:\Program Files\Cain\Abel.exe
    C:\Program Files\DAEMON Tools Lite\SRSAI.exe
    C:\WINDOWS\system32\YahooButton.ocx
  • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to be Moved" window (under the light blue bar) and choose Paste.
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    purity
  • Return to OTMoveIt2, right click in the "Paste List Of Files/Patterns To Search For and Move" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.



Reboot and tell me how your PC is running
  • 0

#24
camster98

camster98

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 135 posts
there is a speific reason i sayed ignore the backup folder. its because all those cracked software u see. was cracked my me or a good friend of mine. cain and able i use for pentesting. my school hired me to test there network and yahoobutton.ocx is not any threat i have the source. alot of the software on my pc uses upx code or virus like behavoir do to the nature of my job as a security consultant. also i was forced to replace my harddrive due to an acident(also know as a fall of a desk)

so i am running clean. thanks for your help though
  • 0

#25
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Well if you won't delete them we can consider this case closed.
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP