Scan your Local/AppData/Temp Folder! Possible Trojan Find.

Oggy2k5 · Jan 24, 2013

I've just had a few e-mails concerning "breach of account" and having Diablo 3 account's locked today. I also have noticed that one of my banned accounts had been used to have Starcraft Starter Edition added to it. Thankfully, they've not touched any of my new accounts, only these closed accounts, which is strange.
I have also had my eBay account breached, and closed down to protect my data. Of which I am suspecting would be something to be with these two things I've just found.

I have run a virus scan, as well as a malbyte's scan. I have found two trojan's within the updaters, which is a concern as I am using a pretty new HDD.

C:\Users\UserName\AppData\Local\Temp\dbupdater2197632.exe (Trojan.MSIL)
C:\Users\UserName\AppData\Local\Temp\dbupdater4475824.exe (Trojan.MSIL)

Anyone able to tell me whether these two updates are reasonably new?

Tony · Jan 24, 2013

thats false positive,nothing to worry about

affe · Jan 24, 2013

Omfqq they trackin me jerkin on pornsites !! :-o

smurg · Jan 24, 2013

Tony said:
thats false positive,nothing to worry about

It's always a false positive until someone decompiles it amiright?

Never use the updater, download new versions and virus check them. Also test them on an account or two before moving all bots onto the new version.

Immortality · Jan 24, 2013

It seems like MSIL Trojans are used to force administrator mode.

Reference: Encyclopedia entry: Trojan:MSIL/Scapfrog.A - Learn more about malware - Microsoft Malware Protection Center
- A specific example but seems to apply for all MSIL trojans.

If Tony says it's harmless then it's harmless, we already paid these guys to provide us with bots why would they hack us and miss out on future sales?

mridontevenknowu · Jan 24, 2013

They said that before and it wasn't harmless. They are human and prone to mistakes like the rest of us. Always use your best judgement.

Harmacintyre · Jan 24, 2013

mridontevenknowu said:
They said that before and it wasn't harmless. They are human and prone to mistakes like the rest of us. Always use your best judgement.

BeepBoopBop. I. AM. COMING. TO. KEEL. U. JOHN. CONNOR.

smurg · Jan 24, 2013

Immortality said:
It seems like MSIL Trojans are used to force administrator mode.

Reference: Encyclopedia entry: Trojan:MSIL/Scapfrog.A - Learn more about malware - Microsoft Malware Protection Center
- A specific example but seems to apply for all MSIL trojans.

If Tony says it's harmless then it's harmless, we already paid these guys to provide us with bots why would they hack us and miss out on future sales?

There was a legit trojan in past downloads which they chalked up to some chinamen gaining access and that was the end of that.

Tony · Jan 24, 2013

as its already stated,its a false positive

thread closed

Search

Search

Scan your Local/AppData/Temp Folder! Possible Trojan Find.

Oggy2k5

Member

Tony

"The Bee"

affe

Member

smurg

New Member

Immortality

New Member

mridontevenknowu

New Member

Harmacintyre

New Member

smurg

New Member

Tony

"The Bee"