Register - Login
Views: 99803592
 Main - Memberlist - Active users - Calendar - Wiki - IRC Chat - Online users
Ranks - Rules/FAQ - Stats - Latest Posts - Color Chart - Smilies 		05-03-22 07:24:39 AM
Jul - Computers and Technology - Fun with malware New poll - New thread - New reply
Next newer thread | Next older thread
Bagel

Giant Red Paratroopa
without music life would Bb
Level: 75


Posts: 912/1446
EXP: 3802210
For next: 24694

Since: 03-30-09

Pronouns: he/him
From: bear

Since last post: 190 days
Last activity: 6 days
Posted on 03-31-11 06:22:52 PM (last edited by Bagel at 03-31-11 03:25 PM) Link | Quote
I've been having fun infecting a virtual machine running XP Home SP2 with all kinds of things. Doing searches like "free screensavers" in IE6 got me hit with Vundo from a driveby attack in an ad almost immediately.

Currently it's running conficker, Vundo, NavaShield, AntiSpyware Master, and ThinkPoint, and it's basically hilarious for some reason.

The all-too-common Vundo and NavaShield are by far the most annoying, but conficker uses a lot of CPU power. ThinkPoint only pops up fake alerts and sometimes prevents explorer.exe from running at startup. AntiSpyware Master also rarely pops up a message but mainly it was a dropper for Vundo.

NavaShield in particular is just a massive dick move. It uses proper English and looks legit and somewhat professional at first; it's really well done. Not only does it try to steal your money, but it also literally laughs at you. Sometimes it will pop up a slowly expanding fake message saying that your C: drive is being erased and block anything else from running. It's one of the most hardcore pieces of malware I've ever seen and is actually slightly frightening.

<object width="640" height="390"><embed src="http://www.youtube.com/v/0hxFyDpfcg0?fs=1&hl=en_US" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="640" height="390"></embed></object>

(note: not my video; I don't have any way to record my screen right now. derp)

____________________
Lyskar
12210
-The Chaos within trumps the Chaos without-
Level: 192


Posts: 8712/12211
EXP: 99321261
For next: 552310

Since: 07-03-07

From: 52-2-88-7

Since last post: 7.4 years
Last activity: 7.3 years
Posted on 04-01-11 02:33:46 AM Link | Quote
Stats
Time/Date
03-31-11 08:33:46 PM
Posts
8712
Days Here
1367
Level
136
Metal_Man88's Post
That's some evil Malware right there. Few that I know of laugh malevolently while announcing they are an Outer Space Robot at you.

____________________

Eisnaught - SSQΒ² - Mobius Roleplay - SSS
sofi

🌠
Level: 116


Posts: 444/4152
EXP: 17113377
For next: 210716

Since: 02-18-11

Pronouns: she/her
From: γŸγΎγ”γ£γ‘ζ˜Ÿ

Since last post: 10 days
Last activity: 15 hours
Posted on 04-01-11 01:57:28 PM Link | Quote
Oh man, that's hilarious. Are you thinking of adding even more to it? How about trying to clean it up without restoring your VM to a previous state?

____________________
β€”Sofi
Profile β€’ PM β€’ Posts β€’ Threads
CB

Flippitty Flip
Level: 90


Posts: 1162/2280
EXP: 6978770
For next: 209839

Since: 02-01-11

From: Canadaland

Since last post: 10.5 years
Last activity: 10.4 years
Posted on 04-02-11 07:12:26 PM Link | Quote


I would not want to be hit with that malware, although it isn't the worst I've seen. I remember getting some malware 5-6 years ago that would turn the start menu button into a shortcut for a site which would download more malware that would replace other important buttons with malware sites. I only got to the third generation of malware before I clued in and had my computer reset. Apparently it was suspossed to delete every file in my C: drive that began with the letter 'W' after a few generations. Although the laughing and the porn opening would have driven me nuts, I'd hate to contract that virus...

____________________
...sigh...
Liliana
"A horrible person". That's what it says. "A horrible person."

We weren't even testing for that.


Level: NaN


Posts: 2338/-3841
EXP: NaN
For next: 0

Since: 07-23-07


Since last post: 10.3 years
Last activity: 10.1 years
Posted on 04-02-11 07:36:53 PM Link | Quote
And in German, Malware literally means "drawing goods", so people who aren't quite into computers will totally misunderstand the term.

____________________

Most people who visit your Web pages are there in search of useful or entertaining information, not to admire your fancy graphics skills or HTML prowess.
β€” Apple Web Design Guide, 1996
Β 
dotUser
From the Grave
Level: 91


Posts: 444/2357
EXP: 7427623
For next: 41289

Since: 10-20-10

Pronouns: she/her
From: a particularly peculiar tiny store's back shelf

Since last post: 34 days
Last activity: 6 days
Posted on 04-03-11 10:50:01 PM Link | Quote
logo Pesterboard
Haha wow. I think I know what my brother-in-law's computer had now.

____________________
Social: Tumblr Twitter Website Steam
kellykel
Member
Level: 25


Posts: 113/118
EXP: 84369
For next: 5251

Since: 06-22-10

From: My room. Mostly in front of computer.

Since last post: 10.7 years
Last activity: 7.9 years
Posted on 04-07-11 09:59:30 PM (last edited by kellykel at 04-07-11 07:00 PM) Link | Quote
I will give you an internet high five if you can endure it.
http://www.youtube.com/watch?v=XRzOpC6yEWk&feature=channel_video_title
Make sure to read the description and tags. Also, you could watch some of his other videos. Those fake antivirus programs are called rougues if you didn't know.


____________________
CB

Flippitty Flip
Level: 90


Posts: 1210/2280
EXP: 6978770
For next: 209839

Since: 02-01-11

From: Canadaland

Since last post: 10.5 years
Last activity: 10.4 years
Posted on 04-07-11 11:35:57 PM Link | Quote


Originally posted by kellykel
I will give you an internet high five if you can endure it.
http://www.youtube.com/watch?v=XRzOpC6yEWk&feature=channel_video_title
Make sure to read the description and tags. Also, you could watch some of his other videos. Those fake antivirus programs are called rougues if you didn't know.


Yeah, clicking links of any sort while in a thread about viruses is a little foolish. I couldn't care less if it says youtube, I'm keeping clear.

____________________
...sigh...
devin

Yoshi
i'm mima irl
Level: 112


Posts: 1961/3519
EXP: 14931973
For next: 406232

Since: 04-29-08

Pronouns: any
From: FL

Since last post: 306 days
Last activity: 3 days
Posted on 04-07-11 11:44:16 PM Link | Quote
Originally posted by CB
Yeah, clicking links of any sort while in a thread about viruses is a little foolish. I couldn't care less if it says youtube, I'm keeping clear.

Why would you avoid clicking Youtube links in a thread where the OP contains an embedded Youtube video?

____________________

Photo by Luc Viatour
Nicole

Disk-kun
Level: 146


Posts: 3265/6469
EXP: 38284826
For next: 228468

Since: 07-07-07

Pronouns: she/her
From: Boston, MA

Since last post: 78 days
Last activity: 1 day
Posted on 04-07-11 11:56:19 PM Link | Quote
Originally posted by CB
Yeah, clicking links of any sort while in a thread about viruses is a little foolish. I couldn't care less if it says youtube, I'm keeping clear.

That's true, I clicked on the link that said "New Reply" and now my C:\ drive is being deleted! =o

____________________
β€” Colin β€”
Missing: One avatar. Will be restored at some point.

Post 8214/10052
Active 8.3 years ago
Posted on 04-08-11 04:25:22 AM Link | Quote
I've read about ThinkPoint before which just basically hijacks the PC until you pay up (and I mean hijacks; it doesn't load up explorer.exe so there you go and that'll get most people), but Nava Shield... dear lord. There's a special place in hell for the people who programmed that one.

____________________
Next newer thread | Next older thread
Jul - Computers and Technology - Fun with malware New poll - New thread - New reply


Rusted Logic

Acmlmboard - commit 47be4dc [2021-08-23]
©2000-2022 Acmlm, Xkeeper, Kaito Sinclaire, et al.

31 database queries, 1 query cache hits.
Query execution time: 0.088665 seconds
Script execution time: 0.024977 seconds
Total render time: 0.113642 seconds