Watch out for fake public profiles with tracking trojans!

i use it for Bot, popcorntime, torrents and stuff like that. allways encrypt my self and mask my self.

I do know the false positive. but this one had a scritp to the plugin with use of the file to track me. If it was not for that. i whould have had my mouth shut

 

Proof or GTFO. Stop running your mouth.

 

Its the thanks you get for warning others.. so thanks for the nice reply

 

you have my thanks Glenn

 

Is it so hard to back up your claims with actual, verifiable data?

 

I can see your point, maybe he can PM you?

 

I almost spilled my drink reading your msg.
1) Best way how to catch malware to your PC is using torrents (Imho there is not better way how to spread malware)
2) If you are not using VPN to 3rd world countries, you are not masked in any way. Free VPN providers almost always disclose information about clients If you ask them nicely (something like that their IP was doing bad thing in timeframe XYZ-ZYX)
3) If you downloaded unknown dll and just run it, you are not smart enough to use internet, sorry


Also your path to "virus"

Code:

x:\backup\hb2\UseBaitWoD_630693666.dll

is not dll downloaded from Buddy forum, but dll compiled by HB itself (from .cs file in plugin folder)
There is this plugin with same name (UseBaitWoD) https://www.thebuddyforum.com/honor...ait-wod-fire-ammonite-bait-autoangler2-4.html and I checked its source code and everything is ok and plugin dont include any form of trojan.
Based on "virus" name provided by you (Gen.Variant.Kazy) I must say that 99.999% it is false positive. When AV give you anything "Gen.Variant" it means that AV is not sure what it is, but It "can" be something..

 

i checked that package to. And its not the same u find there now. and that is explained. I got a .rar package from a user. and that one is gone now from there. checked that to this morning. And that package was around april-15

Gen:Variant.Kazy is a NEW type of Trojan infection containing malevolent codes, which is utilized by cyber crooks to carry out abnormal symptoms on affected computer for illicit activities. In computers, Gen:Variant.Kazy is designed as a specific malware program that cannot fulfill self-replication. Determined by the nature of the virus, Gen:Variant.Kazy, often derives from certain software applications that can be downloaded manually. When installed, this type of Trojan virus will hide its components deeply in system and change the names of its files all the time so as to bypass the full detection from antivirus software or other security utilities. Meanwhile, by means of making modification in default system configuration, Gen:Variant.Kazy, threat could be loaded up and executed automatically on every Windows boot.

Similar as other Trojan virus, Gen:Variant.Kazy. may often decrease the overall PC performance speed by technically occupying high computing resources. It may directly result in 100% CPU utilization in system. Serves as a tricky infection, Gen:Variant.Kazy is often bundled with a class of additional PC threats such as Trojan, worm, rookit or other unknown subjects that are capable of doing further harm on compromised machine. Security experts has classified Gen:Variant.Kazy.27215 as a high-danger threat, due to its destructive attributes which may open a backdoor for remote hackers. On account of the existence of a backdoor, Gen:Variant.Kazy. may obtain unauthorized access for hackers and thus potentially lead to further compromise by other attackers. In that circumstance, not only your computer but also your privacy and logging will be at extremely risk that should pay attention to.

 

Please don't post "virus definition" from very suspicious sites. I can find this by myself, but I dont see point in reading it.

I would like to ask you, to upload dll that was marked as virus to https://mega.nz/ (preferably in .rar/.zip with password) and send me link in PM.

I have some knowledge about malware analysis and I would like too take a look why it is marked as virus.

That you very much.


Ps. Reason why I see this little bit suspicious is because Kazy is malware from 2008 so in IT business it is something like ancient piece of technology.

 

wel i never use any other fake profiles only then kicks they all in xml so. never got a trojan from this site

 

Sorry i dont know where you Download your Profiles, Plugins etc. i NEVER found a Infected File here on the HB Forum (and i own a lot of the Stuff here on my Local Disks).

Please give us some example links to infected files, otherwise please stop talking and i hope a Mod will close this useless Thread.

P.S. UseBaitWoD for Example is only available via here: https://www.thebuddyforum.com/honor...te-bait-autoangler2.html?highlight=UseBaitWoD
And this Archiv dont own any DLL.

lol someone send you a link to a package (was it hosted on HB forum or on another side?), you downloaded it and now you're wondering why own this trojan?

 

Post with download was edited last time in "20.11.2014 at 01:45." there is no way how you could download another rar from that topic in April 2015.

Also I laughted when I read

Sorry but I don't believe you, because saying "Im greyhat" is stupid thing (and you also mistyped it as"grayhat" which is wrong) It is something like saying "Hi, Im stealing in shop when I get bored". You would know that it is better to call yourself Whitehat.
There is no way how any security specialist can make such horrible decision as using free VPN and saying "Hey I'm untraceable!". You can be very easily tracked behind anything including VPN or TOR if you have malware in your PC.
Next thing is that you were more worried about "tracking" than worrying about your data and infected PC.


Im sorry, but I must say that you are pure troll.