Welcome Guest [Log In] [Register]
| The Rules | Discord Server | The Staff
Who told you about this place?

Username:   Password:
Add Reply
Free Antiv1rus Softwaerz; tech humor
Topic Started: Friday Sep 17 2010, 01:19 PM (590 Views)
-SG-
Member Avatar
For the Lulz
[ *  *  * ]
So one of the guys where I work had me come look at this bug. Now we have all seen the fake av programs, but this one does something that I found humorous.

Posted Image

So it first pops up and mimics Microsoft Security Essentials. If you click 'apply actions' it runs a 'scan' and comes back saying nothing found. It then recommends that you run a online scan, which leads to this:

Posted Image

It lists a bunch of legitimate apps, as well as some fake ones. It has each app listed run a scan, then surprise surprise, only the fake ones find a bug. A bit different from what these things normally do...
Oscar Gamble
 
"They don't think it be like it is, but it do"
Offline Profile Quote Post Goto Top
 
Slayer706
Member Avatar
The best of the best of The Board.
[ *  *  * ]
That's pretty clever.
Posted Image
Offline Profile Quote Post Goto Top
 
whoozwah
Member Avatar
Is it live, or is it Dave-orex?
[ *  *  *  * ]
"major defense kit"? lol
Realtime Last.fm feed. I have everything scrobbling to it.

Posted Image

It is possible to not understand without being confused.
It is possible to be inaccessible without hiding.
It is possible to be aware without being awake.
Offline Profile Quote Post Goto Top
 
Slayer706
Member Avatar
The best of the best of The Board.
[ *  *  * ]
I also note the complete lack of spelling and grammar errors. This looks like really good work.

They could have picked a better file to detect though, it's pretty easy to figure out that Quick Time isn't a trojan.
Posted Image
Offline Profile Quote Post Goto Top
 
whoozwah
Member Avatar
Is it live, or is it Dave-orex?
[ *  *  *  * ]
Slayer706
Friday Sep 17 2010, 08:49 PM
Quick Time isn't a trojan.
I guess that depends on who you talk to :P
Realtime Last.fm feed. I have everything scrobbling to it.

Posted Image

It is possible to not understand without being confused.
It is possible to be inaccessible without hiding.
It is possible to be aware without being awake.
Offline Profile Quote Post Goto Top
 
Slayer706
Member Avatar
The best of the best of The Board.
[ *  *  * ]
whoozwah
Friday Sep 17 2010, 08:15 PM
"major defense kit"? lol
At least their logo looks legit. Look at Red Cross and Pest Detector's logos.
Posted Image
Offline Profile Quote Post Goto Top
 
Slayer706
Member Avatar
The best of the best of The Board.
[ *  *  * ]
I found this thing on Bleeping Computer:
http://www.bleepingcomputer.com/virus-removal/remove-fake-microsoft-security-essentials-alert

Check out the screenshots, all of the fake AV programs that it can install have the exact same interface aside from the logo.
Posted Image
Offline Profile Quote Post Goto Top
 
whoozwah
Member Avatar
Is it live, or is it Dave-orex?
[ *  *  *  * ]
wow. it took 17 steps to say "kill the process. run malware bytes". At least they gave a list of associated files and registry keys.
Realtime Last.fm feed. I have everything scrobbling to it.

Posted Image

It is possible to not understand without being confused.
It is possible to be inaccessible without hiding.
It is possible to be aware without being awake.
Offline Profile Quote Post Goto Top
 
Slayer706
Member Avatar
The best of the best of The Board.
[ *  *  * ]
whoozwah
Friday Sep 17 2010, 08:59 PM
wow. it took 17 steps to say "kill the process. run malware bytes". At least they gave a list of associated files and registry keys.
Yeah, they are a little wordy. I guess they are trying to help out the computer illiterates with step-by-step guides.

Their site is great though. It has info on a lot of different malware. You can even search for a specific startup item or process and it will tell you what file it is associated with, what it does, and the consequences of removing it.

They are also the makers of ComboFix, which is one of the best utilities on my flash drive.
Posted Image
Offline Profile Quote Post Goto Top
 
Deadlypixels
Member Avatar
Fuck with me. Do it.
[ *  *  * ]
This would be so funny if I wasn't dumb as shit.

What was I talking about?
"They should put me in a Tyler Perry movie 'cause I don't know how to act" -- Off Rip
Offline Profile Quote Post Goto Top
 
whoozwah
Member Avatar
Is it live, or is it Dave-orex?
[ *  *  *  * ]
occupational humor. Move along. Nothing to see here...
Realtime Last.fm feed. I have everything scrobbling to it.

Posted Image

It is possible to not understand without being confused.
It is possible to be inaccessible without hiding.
It is possible to be aware without being awake.
Offline Profile Quote Post Goto Top
 
-SG-
Member Avatar
For the Lulz
[ *  *  * ]
It's gotten to the point now if someone calls me saying they can't online that instead of the normal tech routine, I have them first check the proxy settings in IE. That ends up being about half of the connectivity problems I run into, thanks to these bugs. Of course there are still bits of the bugs hanging out, but that at least gets me to where I can remote in via logmein or TIL.
Oscar Gamble
 
"They don't think it be like it is, but it do"
Offline Profile Quote Post Goto Top
 
Slayer706
Member Avatar
The best of the best of The Board.
[ *  *  * ]
SgS180
Thursday Sep 23 2010, 02:52 PM
It's gotten to the point now if someone calls me saying they can't online that instead of the normal tech routine, I have them first check the proxy settings in IE. That ends up being about half of the connectivity problems I run into, thanks to these bugs. Of course there are still bits of the bugs hanging out, but that at least gets me to where I can remote in via logmein or TIL.
That has been my experience too. That's one of the first things I check on computers that can't get online.

For anyone who wants to know, to fix a lot of connection problems nowadays all you have to do is go to Control Panel and go to Internet Options. You can also get here by opening IE and going to Tools and then Internet Options. There you click the Connections tab, and then click the LAN Settings button. If there is a check in the "Use a proxy server..." box, uncheck it and hit Ok. After that, you should be able to go online.

If there wasn't a check in that box, then your problem lies elsewhere.
Posted Image
Offline Profile Quote Post Goto Top
 
Deadlypixels
Member Avatar
Fuck with me. Do it.
[ *  *  * ]
What about instead of all that bullshit, I wag my finger at my computer and go: "NO! Bad computer! Bad!"

Will that get it online?
"They should put me in a Tyler Perry movie 'cause I don't know how to act" -- Off Rip
Offline Profile Quote Post Goto Top
 
Slayer706
Member Avatar
The best of the best of The Board.
[ *  *  * ]
Deadlypixels
Thursday Sep 23 2010, 05:00 PM
What about instead of all that bullshit, I wag my finger at my computer and go: "NO! Bad computer! Bad!"

Will that get it online?
Damn, that's an excellent solution. Here is your honorary A+ Certification:
Posted Image

Present that to any employer in IT and they will totally hook you up with a job.
Posted Image
Offline Profile Quote Post Goto Top
 
Deadlypixels
Member Avatar
Fuck with me. Do it.
[ *  *  * ]
Ok
"They should put me in a Tyler Perry movie 'cause I don't know how to act" -- Off Rip
Offline Profile Quote Post Goto Top
 
-SG-
Member Avatar
For the Lulz
[ *  *  * ]
Deadlypixels
Thursday Sep 23 2010, 05:00 PM
What about instead of all that bullshit
I lol'd
Oscar Gamble
 
"They don't think it be like it is, but it do"
Offline Profile Quote Post Goto Top
 
Deadlypixels
Member Avatar
Fuck with me. Do it.
[ *  *  * ]
SgS180
Thursday Sep 23 2010, 05:31 PM
Deadlypixels
Thursday Sep 23 2010, 05:00 PM
What about instead of all that bullshit
I lol'd
Mission complete!
"They should put me in a Tyler Perry movie 'cause I don't know how to act" -- Off Rip
Offline Profile Quote Post Goto Top
 
Slayer706
Member Avatar
The best of the best of The Board.
[ *  *  * ]
Check out this nice e-mail my mother got today:
Posted Image

Looks like a legit e-mail from the postal service, right? It even has a legit looking sender address. Since I order a bunch of stuff online, she thought it must be for me and gave me a call (luckily before opening the attachment).

I was suspicious since I have not shipped anything back for a while. The last time I did was well before the 19th. Then I checked out the attachment:
Posted Image

An executable disguised as a spreadsheet document. Someone with the Window's default "Hide extensions for known file types." setting enabled would have only seen this:
Posted Image

I couldn't find much on the net about this specific e-mail virus, so yall need to hide yo' kids, hide yo' wife, and hide yo' husband cuz they infectin' errbody out here.
Posted Image
Offline Profile Quote Post Goto Top
 
whoozwah
Member Avatar
Is it live, or is it Dave-orex?
[ *  *  *  * ]
lol Antoine Dodson.

quickest way to proxy settings is inetcpl.cpl from the run box then off you go
Realtime Last.fm feed. I have everything scrobbling to it.

Posted Image

It is possible to not understand without being confused.
It is possible to be inaccessible without hiding.
It is possible to be aware without being awake.
Offline Profile Quote Post Goto Top
 
1 user reading this topic (1 Guest and 0 Anonymous)
Go to Next Page
« Previous Topic · The Board · Next Topic »
Add Reply