MAgerly666 Posted September 30, 2012 Share Posted September 30, 2012 (edited) This code I came across is something called a GEMA trojan. I tested it in a VMWare XP image and it locked me down pretty hard. Even when I tried to boot into Safe Mode with command prompt, it attempts to display a non-existent web site and you can't do anything else. Booting into a LiveCD and removing the file, 1.exe, from your application data path and then rebooting into safe mode with command prompt allowed me to run explorer.exe. But it still wasn't cleaned up.****SO IF YOU DO TEST THIS, MAKE SURE TO USE VMWARE OR SOMETHING SIMILAR TO PREVENT YOUR MACHINE FROM BEING LOCKED DOWN****I wanted to share this, because it is a great look at windows manipulation and I like going through code and learning new things.Plus I don't usually run across much trojan type code...Here is an excerpt and I will also include a txt file with the full source...enjoy!<snip> Edited September 30, 2012 by Melba23 Removed code and attached file Link to comment Share on other sites More sharing options...
Moderators Melba23 Posted September 30, 2012 Moderators Share Posted September 30, 2012 MAgerly666,Do not post this sort of thing here! Please read the Forum Rules - particularly the bit about not discussing malware - before you post again. Thread locked and code removed. M23 Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind Open spoiler to see my UDFs: Spoiler ArrayMultiColSort ---- Sort arrays on multiple columnsChooseFileFolder ---- Single and multiple selections from specified path treeview listingDate_Time_Convert -- Easily convert date/time formats, including the language usedExtMsgBox --------- A highly customisable replacement for MsgBoxGUIExtender -------- Extend and retract multiple sections within a GUIGUIFrame ---------- Subdivide GUIs into many adjustable framesGUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView itemsGUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeViewMarquee ----------- Scrolling tickertape GUIsNoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxesNotify ------------- Small notifications on the edge of the displayScrollbars ----------Automatically sized scrollbars with a single commandStringSize ---------- Automatically size controls to fit textToast -------------- Small GUIs which pop out of the notification area Link to comment Share on other sites More sharing options...
Recommended Posts