Recently, an injector has been uploaded. This file was analyzed and approved, while it deployed suspicious behavior. Several members downloaded and may have ran this file. It is the following file:
DrokJector v2.0 | Injector DLL [Undetected]
We're sorry for the inconvinience caused if any. A mistake was made and as further action the following tutorial is to remove traces of the file from your system if you ran the file. If there are any additions or comments to this, please reply below.
Kill all instances of browsers on your system: iexplore.exe, chrome.exe and firefox.exe;
Open explorer and navigate to %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup. (Windows 7 and higher). A file called SNET.vbs could be created in this folder. Remove it;
Navigate to %TEMP%. A file called HPXF.exe and a few files without extension and with your username in it could be in this folder. Remove all of them;
Navigate to %APPDATA%. A folder called TrippyMane could be in this folder. The folder contains a .bat file and the executable file that is renamed/cloned to feelgood.exe. If you've killed all instances of your browser (and possibly feelgood.exe too), you should be able to remove this folder from your temporary files folder. Remove it;
Restart your system and recheck the following folders to ensure the traces are purged from your system.
What did this file do? It extracted files into startup folders and cloned itself. This may be an attempt to hide itself from the system or defensive applications. We haven't been able to find clear traces of this application stealing information or applying a backdoor. This may still be the case. Be careful while using this application and the purging tutorial. Any additions are welcome.
Regards
Gratz @Riddick for allowing this shit, pm me for original uc thread
Originally Posted by Pato@940
Gratz @Riddick for allowing this shit, pm me for original ** thread
We already know about this and this V1 version is clean.. He has been informed that if he attempts to release the V2 from ** he will be perm banned.
Originally Posted by Pato@940
Gratz @Riddick for allowing this shit, pm me for original **** thread
Stop dropping this shit in his threads, we don't blind approve stuff, file was scanned several times by other minions & it came to be clean.
---
@ @Riddick Please remove the advertising from his & your post, Thanks Riddick.
Thx+++++++
Nice, but in newest version not dragon
You post your injector in every FPS section.
No human, only in A.V.A,PB,WR,CA,CF,BS,APB, & BFH.
Originally Posted by Bob Marley ®
You post your injector in every FPS section.
is this xp hack ?
Originally Posted by owne razi
is this xp hack ?
It's an INJECTOR only for injecting dll's into the game exe.