Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Spyware/Malware/Viruses/Scareware
New Posts  All Forums:Forum Nav:

Spyware/Malware/Viruses/Scareware - Page 2

post #11 of 16
Thread Starter 
Quote:
Originally Posted by mbudden View Post
Look for haxxxxxzz for computer software. Like key's, keygen's, patches etc. Start downloading things. You will find them, trust me on that. Not sure if Google started filtering those out...
Ok i may go down this route, thing is i use to bootleg all the time but i never got any thing and since i came to the "Honest" side i haven't used much torrents except for windows ISO's for PC repair. While using the COA on the Box of coarse. Thank You.

Quote:
Originally Posted by killeraxemannic View Post
Ive looked for that myself and never had any luck. I have had pretty good luck at my schools though.... I do the same thing as you btw.

Usually a student will come to me and say the computer is messed up and I can look in the history and find the url and go to it on my mac. Im sure what your looking for exists but I have no idea where to find it like your saying.
The only MAC's i have access to are in our drafting lab and i'm not comfortable not am i very competent with them either. How would i got about finding where it would copy the files on the mac once i believe it's infected. Are windows viruses even capable of doing anything in a MAC being the fact that the OS's are different. I know most viruses/crap end up in the my documents dir, windows dir, system32 dir, downloads dir on a PC.

Good to see another under appreciated technician

Rep for you both

If anyone else has any more input the search continues
 
MacBook Pro 6.1
(16 items)
 
Server
(19 items)
 
CPUMotherboardGraphicsRAM
Core i7 Q720 Asus ATI Mobility Radeon HD 5870 1GB DDR5 12 GB DDR3 
Hard DriveOSMonitorKeyboard
Seagate Momentus XT 500GB 7200RPM & Seagate 750... Windows 7 Ultimate x64 17.3" LED LCD Factory 
PowerCaseMouseMouse Pad
Factory Factory Logitech G9X Mine 
CPUMotherboardGraphicsGraphics
Intel Core i5 MacBook Pro 6.1 17" Intel HD Graphics NVIDIA GeForce GT 330M 
RAMHard DriveOptical DriveCooling
4 GB DDR3 1067 MHz Hitachi HTS545050B9SA02 HL-DT-ST DVDRW GS23N Factory 
OSMonitorKeyboardPower
Mac OS X 10.6.8 17" LED Factory Factory 
CaseMouseMouse PadAudio
Factory Factory None Factory 
CPUMotherboardGraphicsRAM
Intel Core 2 Quad Q9550 Abit IP35 Pro PNY VCQ290NVS-PCIEX16-PB Quadro NVS 290 256MB 64-b G.Skill F2-8000CL5D-4GBPQ 
Hard DriveHard DriveHard DriveHard Drive
Dell Perc5/i Samsung HD204UI Seagate Constellation ES SAS Drive Model: ST310... Hitachi Deskstar 
Hard DriveHard DriveOptical DriveCooling
Western Digital WD1002FAEX Black Western Digital Black 2 x ASUS DRW-2014L1T Corsair H50 
OSMonitorKeyboardPower
Windows Server 2008 R2 Standard x64 ASUS VK222U Black 22" 2ms Logitech G15 (Original) - U.S. Dvorak Layout Enermax INFINITI EIN720AWT 720w 
CaseMouseMouse Pad
LIAN LI V SERIES PC-V2100A Silver Aluminum ATX ... Logitech G9x Steven's Computer Service 
  hide details  
Reply
 
MacBook Pro 6.1
(16 items)
 
Server
(19 items)
 
CPUMotherboardGraphicsRAM
Core i7 Q720 Asus ATI Mobility Radeon HD 5870 1GB DDR5 12 GB DDR3 
Hard DriveOSMonitorKeyboard
Seagate Momentus XT 500GB 7200RPM & Seagate 750... Windows 7 Ultimate x64 17.3" LED LCD Factory 
PowerCaseMouseMouse Pad
Factory Factory Logitech G9X Mine 
CPUMotherboardGraphicsGraphics
Intel Core i5 MacBook Pro 6.1 17" Intel HD Graphics NVIDIA GeForce GT 330M 
RAMHard DriveOptical DriveCooling
4 GB DDR3 1067 MHz Hitachi HTS545050B9SA02 HL-DT-ST DVDRW GS23N Factory 
OSMonitorKeyboardPower
Mac OS X 10.6.8 17" LED Factory Factory 
CaseMouseMouse PadAudio
Factory Factory None Factory 
CPUMotherboardGraphicsRAM
Intel Core 2 Quad Q9550 Abit IP35 Pro PNY VCQ290NVS-PCIEX16-PB Quadro NVS 290 256MB 64-b G.Skill F2-8000CL5D-4GBPQ 
Hard DriveHard DriveHard DriveHard Drive
Dell Perc5/i Samsung HD204UI Seagate Constellation ES SAS Drive Model: ST310... Hitachi Deskstar 
Hard DriveHard DriveOptical DriveCooling
Western Digital WD1002FAEX Black Western Digital Black 2 x ASUS DRW-2014L1T Corsair H50 
OSMonitorKeyboardPower
Windows Server 2008 R2 Standard x64 ASUS VK222U Black 22" 2ms Logitech G15 (Original) - U.S. Dvorak Layout Enermax INFINITI EIN720AWT 720w 
CaseMouseMouse Pad
LIAN LI V SERIES PC-V2100A Silver Aluminum ATX ... Logitech G9x Steven's Computer Service 
  hide details  
Reply
post #12 of 16
Quote:
Originally Posted by Tempest_Inc View Post
Ok i may go down this route, thing is i use to bootleg all the time but i never got any thing and since i came to the "Honest" side i haven't used much torrents except for windows ISO's for PC repair. While using the COA on the Box of coarse. Thank You.



The only MAC's i have access to are in our drafting lab and i'm not comfortable not am i very competent with them either. How would i got about finding where it would copy the files on the mac once i believe it's infected. Are windows viruses even capable of doing anything in a MAC being the fact that the OS's are different. I know most viruses/crap end up in the my documents dir, windows dir, system32 dir, downloads dir on a PC.

Good to see another under appreciated technician

Rep for you both

If anyone else has any more input the search continues

I use the mac to get the malicious program. If you hit an infected website with a mac it will just download the file to the downloads folder or the desktop like anything else you download. You then have the raw executable file that auto launches when it gets downloaded on a pc. When you get it on a mac it can't do anything so its just there in the downloads folder waiting to be copied. Once you get this file you can copy it to a flash drive.

Install sandboxie on a pc and bring the exe over with your flash drive. Right click on the exe and there will be a option to open file in sandboxie on the menu. This will show exactly what it does, where it goes, what registry keys it changes exc.
SuperMegaPwnsauce
(16 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 4770k Asus Z87-PRO MSI GTX 1080 Gaming X Gskill Ripjaws X 19200 16GB 
Hard DriveCoolingOSMonitor
Samsung 850 EVO 500GB SSD BeQuiet! Dark Rock Pro 3 Windows 10 Home 64Bit  Dell S2716DG 2K 144hz G-Sync 
KeyboardPowerCaseMouse
Logitech G910 Orion Spectrum Seasonic Flagship PRIME TITANIUM 650W Fractal Design Define R5 W/ 3 Phanteks PH-F140S... Logitech G Pro 
Mouse PadAudioAudio
PC Gaming Master Race Glorious XXXL Pad & Razer... Creative Sound Blaster Z & Schiit M&M 2 Uber/Mu... HifiMan HE400i & Antlion ModMic 4.0 
  hide details  
Reply
SuperMegaPwnsauce
(16 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 4770k Asus Z87-PRO MSI GTX 1080 Gaming X Gskill Ripjaws X 19200 16GB 
Hard DriveCoolingOSMonitor
Samsung 850 EVO 500GB SSD BeQuiet! Dark Rock Pro 3 Windows 10 Home 64Bit  Dell S2716DG 2K 144hz G-Sync 
KeyboardPowerCaseMouse
Logitech G910 Orion Spectrum Seasonic Flagship PRIME TITANIUM 650W Fractal Design Define R5 W/ 3 Phanteks PH-F140S... Logitech G Pro 
Mouse PadAudioAudio
PC Gaming Master Race Glorious XXXL Pad & Razer... Creative Sound Blaster Z & Schiit M&M 2 Uber/Mu... HifiMan HE400i & Antlion ModMic 4.0 
  hide details  
Reply
post #13 of 16
Thread Starter 
Quote:
Originally Posted by killeraxemannic View Post
I use the mac to get the malicious program. If you hit an infected website with a mac it will just download the file to the downloads folder or the desktop like anything else you download. You then have the raw executable file that auto launches when it gets downloaded on a pc. When you get it on a mac it can't do anything so its just there in the downloads folder waiting to be copied. Once you get this file you can copy it to a flash drive.

Install sandboxie on a pc and bring the exe over with your flash drive. Right click on the exe and there will be a option to open file in sandboxie on the menu. This will show exactly what it does, where it goes, what registry keys it changes exc.
Sandbox monitors and displays all that information you just gave me? I normally run things in VM Ware for testing. I understand the idea of sandboxing but is this a true sandbox or is there some possibility of it escaping into my host machine?
 
MacBook Pro 6.1
(16 items)
 
Server
(19 items)
 
CPUMotherboardGraphicsRAM
Core i7 Q720 Asus ATI Mobility Radeon HD 5870 1GB DDR5 12 GB DDR3 
Hard DriveOSMonitorKeyboard
Seagate Momentus XT 500GB 7200RPM & Seagate 750... Windows 7 Ultimate x64 17.3" LED LCD Factory 
PowerCaseMouseMouse Pad
Factory Factory Logitech G9X Mine 
CPUMotherboardGraphicsGraphics
Intel Core i5 MacBook Pro 6.1 17" Intel HD Graphics NVIDIA GeForce GT 330M 
RAMHard DriveOptical DriveCooling
4 GB DDR3 1067 MHz Hitachi HTS545050B9SA02 HL-DT-ST DVDRW GS23N Factory 
OSMonitorKeyboardPower
Mac OS X 10.6.8 17" LED Factory Factory 
CaseMouseMouse PadAudio
Factory Factory None Factory 
CPUMotherboardGraphicsRAM
Intel Core 2 Quad Q9550 Abit IP35 Pro PNY VCQ290NVS-PCIEX16-PB Quadro NVS 290 256MB 64-b G.Skill F2-8000CL5D-4GBPQ 
Hard DriveHard DriveHard DriveHard Drive
Dell Perc5/i Samsung HD204UI Seagate Constellation ES SAS Drive Model: ST310... Hitachi Deskstar 
Hard DriveHard DriveOptical DriveCooling
Western Digital WD1002FAEX Black Western Digital Black 2 x ASUS DRW-2014L1T Corsair H50 
OSMonitorKeyboardPower
Windows Server 2008 R2 Standard x64 ASUS VK222U Black 22" 2ms Logitech G15 (Original) - U.S. Dvorak Layout Enermax INFINITI EIN720AWT 720w 
CaseMouseMouse Pad
LIAN LI V SERIES PC-V2100A Silver Aluminum ATX ... Logitech G9x Steven's Computer Service 
  hide details  
Reply
 
MacBook Pro 6.1
(16 items)
 
Server
(19 items)
 
CPUMotherboardGraphicsRAM
Core i7 Q720 Asus ATI Mobility Radeon HD 5870 1GB DDR5 12 GB DDR3 
Hard DriveOSMonitorKeyboard
Seagate Momentus XT 500GB 7200RPM & Seagate 750... Windows 7 Ultimate x64 17.3" LED LCD Factory 
PowerCaseMouseMouse Pad
Factory Factory Logitech G9X Mine 
CPUMotherboardGraphicsGraphics
Intel Core i5 MacBook Pro 6.1 17" Intel HD Graphics NVIDIA GeForce GT 330M 
RAMHard DriveOptical DriveCooling
4 GB DDR3 1067 MHz Hitachi HTS545050B9SA02 HL-DT-ST DVDRW GS23N Factory 
OSMonitorKeyboardPower
Mac OS X 10.6.8 17" LED Factory Factory 
CaseMouseMouse PadAudio
Factory Factory None Factory 
CPUMotherboardGraphicsRAM
Intel Core 2 Quad Q9550 Abit IP35 Pro PNY VCQ290NVS-PCIEX16-PB Quadro NVS 290 256MB 64-b G.Skill F2-8000CL5D-4GBPQ 
Hard DriveHard DriveHard DriveHard Drive
Dell Perc5/i Samsung HD204UI Seagate Constellation ES SAS Drive Model: ST310... Hitachi Deskstar 
Hard DriveHard DriveOptical DriveCooling
Western Digital WD1002FAEX Black Western Digital Black 2 x ASUS DRW-2014L1T Corsair H50 
OSMonitorKeyboardPower
Windows Server 2008 R2 Standard x64 ASUS VK222U Black 22" 2ms Logitech G15 (Original) - U.S. Dvorak Layout Enermax INFINITI EIN720AWT 720w 
CaseMouseMouse Pad
LIAN LI V SERIES PC-V2100A Silver Aluminum ATX ... Logitech G9x Steven's Computer Service 
  hide details  
Reply
post #14 of 16
Quote:
Originally Posted by Tempest_Inc View Post
Sandbox monitors and displays all that information you just gave me? I normally run things in VM Ware for testing. I understand the idea of sandboxing but is this a true sandbox or is there some possibility of it escaping into my host machine?
Last I knew, sandboxie wasn't as secure on x64 as it was on x32 because of limitations in what sandboxie is now allowed to access (on x64).

A VM would certainly still be the safest alternative.
    
CPUMotherboardGraphicsRAM
I5-2500k 4.8Ghz @ 1.38v Z68X-UD4-B3 PNY 480 8GB Dominator 1600's 
Hard DriveOptical DriveOSMonitor
Intel 510 + 300GB Velociraptor LG DVD RW Server 2012 HP 25" + HP 20" 
KeyboardPowerCaseMouse
Deck Legend TX850W XClio Coolbox Mamba 
Mouse PadAudio
Dolica HD550's 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
I5-2500k 4.8Ghz @ 1.38v Z68X-UD4-B3 PNY 480 8GB Dominator 1600's 
Hard DriveOptical DriveOSMonitor
Intel 510 + 300GB Velociraptor LG DVD RW Server 2012 HP 25" + HP 20" 
KeyboardPowerCaseMouse
Deck Legend TX850W XClio Coolbox Mamba 
Mouse PadAudio
Dolica HD550's 
  hide details  
Reply
post #15 of 16
Thread Starter 
Does anyone know of any tools that i could install that would monitor how the rogue software infects the computer, what registry keys, it modifying/creating, file download locations, sources? Just something that i could point to watch this file and anything that is created, deleted, or what ever because of it...?
 
MacBook Pro 6.1
(16 items)
 
Server
(19 items)
 
CPUMotherboardGraphicsRAM
Core i7 Q720 Asus ATI Mobility Radeon HD 5870 1GB DDR5 12 GB DDR3 
Hard DriveOSMonitorKeyboard
Seagate Momentus XT 500GB 7200RPM & Seagate 750... Windows 7 Ultimate x64 17.3" LED LCD Factory 
PowerCaseMouseMouse Pad
Factory Factory Logitech G9X Mine 
CPUMotherboardGraphicsGraphics
Intel Core i5 MacBook Pro 6.1 17" Intel HD Graphics NVIDIA GeForce GT 330M 
RAMHard DriveOptical DriveCooling
4 GB DDR3 1067 MHz Hitachi HTS545050B9SA02 HL-DT-ST DVDRW GS23N Factory 
OSMonitorKeyboardPower
Mac OS X 10.6.8 17" LED Factory Factory 
CaseMouseMouse PadAudio
Factory Factory None Factory 
CPUMotherboardGraphicsRAM
Intel Core 2 Quad Q9550 Abit IP35 Pro PNY VCQ290NVS-PCIEX16-PB Quadro NVS 290 256MB 64-b G.Skill F2-8000CL5D-4GBPQ 
Hard DriveHard DriveHard DriveHard Drive
Dell Perc5/i Samsung HD204UI Seagate Constellation ES SAS Drive Model: ST310... Hitachi Deskstar 
Hard DriveHard DriveOptical DriveCooling
Western Digital WD1002FAEX Black Western Digital Black 2 x ASUS DRW-2014L1T Corsair H50 
OSMonitorKeyboardPower
Windows Server 2008 R2 Standard x64 ASUS VK222U Black 22" 2ms Logitech G15 (Original) - U.S. Dvorak Layout Enermax INFINITI EIN720AWT 720w 
CaseMouseMouse Pad
LIAN LI V SERIES PC-V2100A Silver Aluminum ATX ... Logitech G9x Steven's Computer Service 
  hide details  
Reply
 
MacBook Pro 6.1
(16 items)
 
Server
(19 items)
 
CPUMotherboardGraphicsRAM
Core i7 Q720 Asus ATI Mobility Radeon HD 5870 1GB DDR5 12 GB DDR3 
Hard DriveOSMonitorKeyboard
Seagate Momentus XT 500GB 7200RPM & Seagate 750... Windows 7 Ultimate x64 17.3" LED LCD Factory 
PowerCaseMouseMouse Pad
Factory Factory Logitech G9X Mine 
CPUMotherboardGraphicsGraphics
Intel Core i5 MacBook Pro 6.1 17" Intel HD Graphics NVIDIA GeForce GT 330M 
RAMHard DriveOptical DriveCooling
4 GB DDR3 1067 MHz Hitachi HTS545050B9SA02 HL-DT-ST DVDRW GS23N Factory 
OSMonitorKeyboardPower
Mac OS X 10.6.8 17" LED Factory Factory 
CaseMouseMouse PadAudio
Factory Factory None Factory 
CPUMotherboardGraphicsRAM
Intel Core 2 Quad Q9550 Abit IP35 Pro PNY VCQ290NVS-PCIEX16-PB Quadro NVS 290 256MB 64-b G.Skill F2-8000CL5D-4GBPQ 
Hard DriveHard DriveHard DriveHard Drive
Dell Perc5/i Samsung HD204UI Seagate Constellation ES SAS Drive Model: ST310... Hitachi Deskstar 
Hard DriveHard DriveOptical DriveCooling
Western Digital WD1002FAEX Black Western Digital Black 2 x ASUS DRW-2014L1T Corsair H50 
OSMonitorKeyboardPower
Windows Server 2008 R2 Standard x64 ASUS VK222U Black 22" 2ms Logitech G15 (Original) - U.S. Dvorak Layout Enermax INFINITI EIN720AWT 720w 
CaseMouseMouse Pad
LIAN LI V SERIES PC-V2100A Silver Aluminum ATX ... Logitech G9x Steven's Computer Service 
  hide details  
Reply
post #16 of 16
i also work at a school and we get bombarded with spam and viruses. I think it comes in with thier mail as usual, and since most of them are just data entry they just click everything they see. it may be a total waste of time doing this becuz each virus/spyware is different. you could spend 3 weeks looking at AV2009 and then the next one comes out and you have to start all over again. i think its a better idea to just find a sweeper that can remove it safely and just always have that available. its these guys jobs to trick us and they get paid WELL to do it.
Edited by corpse fan - 1/24/11 at 9:11am
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Spyware/Malware/Viruses/Scareware