Jump to content


Experienced Members
  • Posts

  • Joined

  • Last visited

Everything posted by iuseccleaner

  1. I understand but it annoys me when people jump to conclusions. As for hidden scripts, anything embedded is not executed when you open the image file, not with this tool, as far as I know. How this works: http: No worries, no offense taken. And you genius, how old are you? 12? How would malware users exploit this tool? Files hidden in the image file are not executed when you open the image file. It only gets executed if you change the extension or extracting it and running it. There are malwares that pretend to be JPG files and this is not the tool to do it. An idea on how this works: http:
  2. I don't know what all the fuss is about. Being pounced on like a criminal. I'm just sharing a tool I made myself and the first thing that comes to mind is 'potential malware'? How would my tool be used as a malware vector?
  3. There are other uses as well such as hiding your files in plain sight on your computer. If I were to hide something in an image and the uploading it for someone else to download, I would inform them about the 'secret contents'. Even if a person downloads it without knowing what's inside, it can't do any harm. Just another form of steganography.
  4. I normally get the youtube file by loading the video and then grabbing it from the temp folder. If you want a software(converter not included I think), then you can try Stream Transport(http://www.streamtransport.com/). Apart from YouTube-like videos that creates a cached file as you load video, this software can also download videos that do not create a cache, even encrypted ones. Protocols supported are HTTP, RTMP, RTMPT, RTMPE, RTMPTE, etc.
  5. The 'hide file in an image' trick is old and can be done using the command prompt window but can be a little confusing. So I created a GUI to make things easier. Sometimes I hide files in the picture and then upload it to file hosting sites, I wonder if it's against the T&C of this hosting sites?
  6. This trick is not really new but thought it would be nice to share. iPhone: http://www.facebook.com/connect/prompt_feed.php?api_key=3e7c78e35a76a9299309885393%20b02d97 Android: http://www.facebook.com/connect/prompt_feed.php?api_key=882a8490361da98702bf97a021ddc14d BlackBerry: http://www.facebook.com/connect/prompt_feed.php?api_key=2254487659 or alternatively, you can visit this site: http://fbpostvia.zymichost.com Now everyone can post via iPhone, Android or Blackberry! Hehe *The 3 links above will resize your window. Re-maximize it to view the Facebook form.
  7. Direct download link removed What do you think about it?
  8. Is yours pre-installed or self installed? Maybe the partition is only created in the official version?(or only OEM?)
  9. So in summary Vista and 7 does not create a RECOVERY partition automatically? It only appears when it is a preinstalled OEM version of Windows? What about cases of hidden partitions as mentioned in my first post and here?
  10. Just found out, the recovery partition is hidden in most systems(especially preinstalled OEM Windows 7 ones) and is used to recover factory settings without using the a Windows or recovery disc(unlike Vista). But i'm not sure about the purpose of the autorun.inf file. I don't like the idea of a hidden partition, taking up precious space.
  11. I can't seem to link with any software but thanks for the tip. I'll take a look at the shell extensions, sounds more like it. It happens quite often so I should be able to get it to hang quite easily... hopefully procxp can shed more light
  12. Is anybody here on Windows Vista or 7? When you install either OS'es, does it automatically create the RECOVERY partition? Is the partition visible or hidden? Are you able to access the drive. It seems that in most cases the partition is not accessible and is read-only. Sometimes there is also an autorun.inf file and the contents are: [Autorun] ShellExecute=Info.exe protect.ed 480 480 I don't think it's malware related but can someone shed some light on the purpose of the partition and the autorun.inf file? Does it only affect OEM versions of Windows? Thank you.
  13. Thanks hazel for the reply. I'm sure those are good security utilities but my concern was what changes would it make to my computer so that just in case something goes wrong, I would know how to revert the effects. Tools like ComboFix can be sometimes hurt the system if used incorrectly, so I hope you understand. Thank you.
  14. What does 'The Comedian' and 'TFC' do or fix?
  15. Happy belated birthday Mudd!
  16. There's a t-shirt on sale at Threadless that has the words 'their, they're, there' on it...
  17. I'm not sure why but once in a while my explorer will hang for no apparent reason(static hour glass appears). It can be caused by a simple right-click on a file, dragging a file, opening a folder, etc. I can wait forever and nothing seems to change. When this happens it is still possible to open Task Manager and the weird thing is explorer.exe's CPU usage is 0%! I googled and the common symptom is that explorer.exe's CPU usage will be really high but this doesn't seem to apply to my case. Everytime this happens I resort to killing the explorer.exe process and then restart it. I tried disabling AVG Free's resident shield to see if it is the culprit but the problem seems to always appear again. My spec: Windows XP Home Edition SP2 Intel Pentium 4 3.0GHz HT 2.5 GB RAM AVG Free 9.0 Spybot Search & Destroy(Tea Timer is activated) Anybody with a similar problem or solution? Thank you.
  18. Hi there, this might be an old thread but looks like this problem is still occuring with the latest version(1.10)... I'm using a proxy connection too but had to disable the connection, change update settings, and then re-enable connection to avoid the crash on start up.
  19. Malwares have been exploiting the autorun.inf file to trick users into executing it for a long time already but has been in the spotlight since Conficker was discovered. Users normally execute the file when they access the drive through the double-click method or right-click-open/explore. It doesn't automatically run by itself like a CD or DVD contrary to what many people say. Another way it uses to trick users is by exploiting the 'action' command in the autorun.inf file. It adds the AutoRun action to the AutoPlay window and often masquerades as an option to access the drive but in actual fact, you're executing the malware. Smarter malwares will run and then open your drive for viewing, as if nothing happened. You can actually avoid executing the malware by double-clicking or right-clicking by accessing the drive via the explorer drop-down address bar or the 'folders' button which opens your drive contents for viewing in tree view in the window. Windows 7, as pointed here says it will improve the feature by fixing the vulnerability. This vulnerability refers to the AutoPlay window, but will it prevent the execution of the malware via double-clicking? There are several ways to plug this vulnerability in Windows. There is the registry method and the software method. The registry method or hack is described here by Nick Brown which actually disables the function of autorun.inf files completely. Autorun.inf files are treated as non-existent when this method is used. If you're the type who actually uses autorun.inf files(icon changing, cds, etc) and do not want to disable the functionality, but at the same time would want to avoid this type of malwares, there are several softwares to do this but I personally prefer Autorun Eater. So what do you think?
  20. You're welcome! Glad to help. I was also looking high and low for a way around this and at last found it.
  21. Okay, looks like I've found the way to revert back SA 26.6 but avoid the 'new update found' problem... Steps by a forumer on McAfee's forum: http://forums.mcafeehelp.com/showpost.php?...amp;postcount=4 Basically, it is opening the .xpi file in a zip program(extract all contents), locate the install.rdf file and remove the line that points to the update site, then repackage the file back to a .xpi file. Install it as usual(drag into a Firefox window) and try updating. There should be no updates for SA 26.6. If you want to avoid the hassle of doing the steps above, you can download it from here: http://files.filefront.com/McAfee+SiteAdvi...;/fileinfo.html
  22. I've reverted back to SA 26.6 but when I update my add-ons, the update for SA(28.0) will naturally appear and notify me about it. But how do stop it from notifying me? It adds a yellow 'up-arrow' to the add-on icon in the add-on window, as well as the 'updates' tab... Is there a way to stop this notifying per add-on?
  23. Hi Andavari. Thanks for the last version of Siteadvisor Plug-in for Firefox! After 'accidentally' updating to the installer version, I've been hunting for the plug-in version but to no avail, and at last I found it here. Is it ok for me to share the link with other internet users or redistribute it?
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.