can anyone tell me how to remove this? Backdoor.Bladabindi

(04-07-2019, 03:14 AM)mothered Wrote:

[To see links please register here]

(04-06-2019, 01:39 PM)darkninja1980 Wrote:

[To see links please register here]

(04-05-2019, 10:37 AM)mothered Wrote:

[To see links please register here]

It's good practice to use the Registry's "Export" feature, to back It up prior to making changes.

yes it is but only tests it in a VM. :smile:

A VM Is certainly the safest option.

In fact, any controlled environment Isolated from the Host physical system Is good practice to execute and analyze files.

yes I agree it is very good practice to do it in a controlled environment.

(04-07-2019, 09:05 AM)darkninja1980 Wrote:

[To see links please register here]

(04-07-2019, 03:14 AM)mothered Wrote:

[To see links please register here]

(04-06-2019, 01:39 PM)darkninja1980 Wrote:

[To see links please register here]

yes it is but only tests it in a VM. :smile:

A VM Is certainly the safest option.

In fact, any controlled environment Isolated from the Host physical system Is good practice to execute and analyze files.

yes I agree it is very good practice to do it in a controlled environment.

Malware Is known to circumvent virtual machines and the like.

It's best to use a dedicated Host physical machine, with a VM Installed (as the Guest) and segregated from the network.

(04-07-2019, 11:57 AM)mothered Wrote:

[To see links please register here]

(04-07-2019, 09:05 AM)darkninja1980 Wrote:

[To see links please register here]

(04-07-2019, 03:14 AM)mothered Wrote:

[To see links please register here]

A VM Is certainly the safest option.

In fact, any controlled environment Isolated from the Host physical system Is good practice to execute and analyze files.

yes I agree it is very good practice to do it in a controlled environment.

Malware Is known to circumvent virtual machines and the like.

It's best to use a dedicated Host physical machine, with a VM Installed (as the Guest) and segregated from the network.

yes, a good point. Is there any tutorials out there to set that type of environment up?

(04-07-2019, 11:38 PM)darkninja1980 Wrote:

[To see links please register here]

(04-07-2019, 11:57 AM)mothered Wrote:

[To see links please register here]

(04-07-2019, 09:05 AM)darkninja1980 Wrote:

[To see links please register here]

yes I agree it is very good practice to do it in a controlled environment.

Malware Is known to circumvent virtual machines and the like.

It's best to use a dedicated Host physical machine, with a VM Installed (as the Guest) and segregated from the network.

yes, a good point. Is there any tutorials out there to set that type of environment up?

It's simply a stand-alone PC with a VM Installed.

(04-08-2019, 03:29 AM)mothered Wrote:

[To see links please register here]

(04-07-2019, 11:38 PM)darkninja1980 Wrote:

[To see links please register here]

(04-07-2019, 11:57 AM)mothered Wrote:

[To see links please register here]

Malware Is known to circumvent virtual machines and the like.

It's best to use a dedicated Host physical machine, with a VM Installed (as the Guest) and segregated from the network.

yes, a good point. Is there any tutorials out there to set that type of environment up?

It's simply a stand-alone PC with a VM Installed.

yes that the way I have it on my computer.

For me the best way to remove malware is to boot in safe mode, backup all images documents skipping all executables, libraries etc.. and just reinstall windows or linux... The reason is the malware might infected some random program that might be even a system program, don't use explorer or regedit to find the malware since some advance malware can hijack explore and regedit and make it invisable. If you don't want to reinstall boot in safe mode, run administrated command prompt and type "sfc /scnannow", while is running use cmd and the command dir to find in, start from %appdata% and clear the temp folder (Windows sucks at clearing temp files), After sfc and reboot if its necessary go back go safe mode and try to find it from registry, removing viruses is very hard and time consuming, I hope its the virus is simple and the coder didn't put time on development.

download njrat lime edition and then install it on yourself. theres a feature that kills malware. ik it sounds crazy but if you compile one from source youre safe. and it works really well.

(03-13-2020, 07:02 AM)Rapt.be Wrote:

[To see links please register here]

download njrat lime edition and then install it on yourself. theres a feature that kills malware. ik it sounds crazy but if you compile one from source youre safe. and it works really well.

This thread Is over a year old and the last reply prior to yours, Is close to the same duration. As such, this has been grave dug which Is against forum

[To see links please register here]

.

You can read about grave digging

[To see links please register here]

.

If u are using Windos OS, you are tring command "netstat -naop tcp"
and u see "ESTABLSE"
and then, you decteced virous.