Results 1 to 9 of 9

Thread: Antivirus Pro

  1. #1
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747

    Antivirus Pro

    Greetings all...been a while since I've visited.

    I have a question, I'm hoping someone might be able to help me with. I accidentally contracted the Antivirus pro trojan / spyware earlier today (oops). I got rid of it after a few minutes, but I saved the executable that was downloaded to my computer.

    Does anyone know how I might be able to say unpack / decompile the file?

    I'm wanting to take a peak on the inside of this lovely program and see what makes it run. Unfortunately, using a resource editor doesn't give me much of anything.

    Thanks
    =

  2. #2
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391

    Lightbulb Wow long time no see.

    Greetz Cheyenne.

    Anyhow here are a few urls i have stashed away in my Bookmark collection.

    http://www.woodmann.com/crackz/index.html#msgboards

    http://forum.exetools.com/index.php <(Invite only, but i could organise a invitation to be sent.)


    Also check out vxchaos file server, there are a ton of unpackers located there.

    http://vxchaos.official.ws

  3. #3
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    Very cool..I'll have to check those out.

    Is there anyway to find out what a .exe was coded in? For example..C++, .net etc etc?

    Or is the best bet just to try some different unpackers / decompilers till one works?
    =

  4. #4
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    Greetz.

    I haven't dabbled in reverse engineering in awhile.

    but usually it's just a matter of finding a decompiler/s that suit what you are trying to achieve, and stick with those.

    and it also helps to know a little info about how the object was coded, what sort of packing algorithm etc etc.

    also check out http://www.woodmann.com/forum/index.php

    the forum is pretty useful, and there are a few more urls that may help.

    a few stealth google searches may help you dig up more info about this Antivirus pro trjn.

  5. #5
    Senior Member
    Join Date
    Dec 2003
    Location
    Texas
    Posts
    164

    Smile

    Quote Originally Posted by cheyenne1212 View Post
    Greetings all...been a while since I've visited.

    I have a question, I'm hoping someone might be able to help me with. I accidentally contracted the Antivirus pro trojan / spyware earlier today (oops). I got rid of it after a few minutes, but I saved the executable that was downloaded to my computer.

    Does anyone know how I might be able to say unpack / decompile the file?

    I'm wanting to take a peak on the inside of this lovely program and see what makes it run. Unfortunately, using a resource editor doesn't give me much of anything.

    Thanks
    as i recall there is a fix tool for that particular piece of spy ware google antivirus pro removal tool that should point you in the right direction , i like finding a removal tool whenever possible because some anti virus/anti malware programs don't remove it completely also remember to disable system restore as i recall this piece of malware like to store itself there as well good luck

  6. #6
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    Oh..I already have it removed..that parts easy...just wanted look at the code
    =

  7. #7
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,253
    cheyenne:

    Wanna use *nix or windows? Ah hell just go here http://www.thefreecountry.com/progra...semblers.shtml
    frhed is probably what you need, I haven't tried borg
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  8. #8
    Senior Member
    Join Date
    Dec 2003
    Location
    Texas
    Posts
    164
    Quote Originally Posted by cheyenne1212 View Post
    Oh..I already have it removed..that parts easy...just wanted look at the code
    lol sorry i didnt read your whole post , was 3 am ,and had worked on 2 pcs that day, the nonprofit organization i belong to i get all the hard repairs , so my brain was fried lol
    Last edited by romanticcowboy; November 22nd, 2009 at 12:47 AM. Reason: figured i would elabourate

  9. #9
    Junior Member
    Join Date
    Nov 2009
    Posts
    1
    Quote Originally Posted by cheyenne1212 View Post
    Oh..I already have it removed..that parts easy...just wanted look at the code
    Hey cheyenne, what did you use? Everything I try isn't getting rid.

Similar Threads

  1. Antispyware vs Antivirus
    By dalek in forum Spyware / Adware
    Replies: 9
    Last Post: December 15th, 2005, 11:37 PM
  2. New Version 3.15 of F-Prot Antivirus for Windows
    By TSR in forum AntiVirus Discussions
    Replies: 0
    Last Post: July 3rd, 2004, 09:19 PM
  3. The Antivirus Defense-in-Depth Guide
    By jinxy in forum AntiVirus Discussions
    Replies: 0
    Last Post: June 2nd, 2004, 01:33 AM
  4. Symantec Norton AntiVirus 2004 ActiveX Control Vulnerability
    By SDK in forum Miscellaneous Security Discussions
    Replies: 0
    Last Post: May 25th, 2004, 03:06 PM
  5. Learning to program from a security point of view
    By hellforgedangel in forum Newbie Security Questions
    Replies: 13
    Last Post: April 29th, 2004, 10:58 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •