 news |
| UT |
| community |
| gallery |
| filewizard |
| links |
| staff |
|
 |
| |
|
|
news
|
|
| UT2k3
| ACHTUNG!!!! Aktuelle illegale Beta enthält Trojaner
|
rapi |
08.07.2002 |
text (short)
Die neue illegale Beta von UT2k3 soll einen Trojaner enthalten der den Festplatteninhalt an Warez Server schickt. Unter mehr findet ihr die orginal News.
*Update: Wir möchten auch nochmal daraufhinweisen, dass der Besitz dieser Beta so oder so illegal ist.
text (long)
The recent *BETA* copy of UT2003 (which weighs in at 2.5G uncompressed) contains a nasty trojan that will send your hard drive contents to Infinty Warez servers. This is not a joke. Warn everyone on your site if you can. Please email me for any questions and or concerns. In hindsite..I jumped the gun by downloading this *beta*, but I was curious as to how the game played. After I "installed" this program and it failed to run. I recieved a warning from Zone Alarm as it was asking for permission to let IW-Platinum to access the internet. When I traced the program back it was using SVCHOST.EXE and had also made a registry entry to run with windows started under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "svchost"="C:\\WINDOWS\\system32\\system\\explorer svchost.exe I also found .ini files linking SVCHOST.EXE back to infinity warez servers. There were also .ini entrys concerning windows explorer and my outlook express files. Now understand that svchost is used by the NT kernel for all the computer tasks..so in the task processes it will show up more than once. The REAL svchost is about 15K..the trojan one is smaller. This fucker chose svchost.exe as the name for the executable - that makes it harder to detrect under the task list and also to delete. There are system tasks running as such! Delete the wrong one and your system will shut down. To delete this pest: 1. If you haven't run the so called 15 day crack, DON'T RUN it - delete all files immediately. This UT version won't install, possibly wrapped up fake, to carry the trojan. 2. If you ran it, go to Start/Run/ enter "regedit.exe" and lauch the Registry editor. Then navigate to [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] and delete the key that says svchost"="C:\\WINDOWS\\system32\\system\\explorer svchost.exe Close Regedt. 3. Go to Windows\System32\System and delete the whole goddamn folder. If you get an error that you can't delete the svchost.exe file, that's because it is running! You can either take your chances to guess which one of the svchost.exe files it is - with CTRL-ALT-DEL bring up the running tasklist. Or better, restart the PC, boot in SAFE MODE and then go to the folder above and delete the svchost.exe file and anything else in there. As I said before..ANY QUESTIONS email me
Sincerely, Pianoman
[ back to the news ] |
related links:
no links available. |
| comments |
|
|
|
comment error
|
|
you have to be registered and loged in to write comments. if you lost your password click here.
|
|
[ 6 / 25 users online ] - Mittwoch, 30. März 2016 - 16:39 
