Jump to content

iuseccleaner

Experienced Members
  • Posts

    24
  • Joined

  • Last visited

Posts posted by iuseccleaner

  1. We are not treating you as a criminal. Surely you are aware of the potential of such a thing being used by people to hide scripts etc in?

     

    First off as Alan said it is unlikely that the TOS of any file hosting site would allow it for the very reasons that have been mentioned. No one wants to download one thing only to find it contains another.

     

    Anyway don't be too upset, we are just protecting our members (and that includes you :))

     

    I understand but it annoys me when people jump to conclusions. As for hidden scripts, anything embedded is not executed when you open the image file, not with this tool, as far as I know. How this works: http:

     

     

     

    Not yet, although we have the Piriform? Straitjacket? v4.5.8413 at our disposal for such situations.:lol:

    52fa6c34e05c.png

     

    :lol:

     

    I didn't take this thread that way. Forgive me if I gave offense, I meant none. However, such a procedure does have some potential for abuse. Thats what everyone is on about.

     

    No worries, no offense taken.

     

     

    Hey genius, ever heard of malware, or is that too 2000 for you? (Provided you were born before 2000.)

     

    And you genius, how old are you? 12? How would malware users exploit this tool? Files hidden in the image file are not executed when you open the image file. It only gets executed if you change the extension or extracting it and running it. There are malwares that pretend to be JPG files and this is not the tool to do it.

     

    An idea on how this works: http:

  2. I don't know what all the fuss is about. Being pounced on like a criminal. I'm just sharing a tool I made myself and the first thing that comes to mind is 'potential malware'? How would my tool be used as a malware vector?

  3. Perhaps you ought to find out first before posting the link (which I have removed for now)

     

    Also consider that hiding files in an picture then uploading it for people to download it unknowing of the contents is not something I think most people would think of as friendly.

     

    There are other uses as well such as hiding your files in plain sight on your computer. If I were to hide something in an image and the uploading it for someone else to download, I would inform them about the 'secret contents'. Even if a person downloads it without knowing what's inside, it can't do any harm. Just another form of steganography.

  4. I normally get the youtube file by loading the video and then grabbing it from the temp folder. If you want a software(converter not included I think), then you can try Stream Transport(http://www.streamtransport.com/). Apart from YouTube-like videos that creates a cached file as you load video, this software can also download videos that do not create a cache, even encrypted ones. Protocols supported are HTTP, RTMP, RTMPT, RTMPE, RTMPTE, etc.

  5. The 'hide file in an image' trick is old and can be done using the command prompt window but can be a little confusing. So I created a GUI to make things easier. Sometimes I hide files in the picture and then upload it to file hosting sites, I wonder if it's against the T&C of this hosting sites?

  6. This trick is not really new but thought it would be nice to share.

     

    iPhone: http://www.facebook.com/connect/prompt_feed.php?api_key=3e7c78e35a76a9299309885393%20b02d97

     

    Android: http://www.facebook.com/connect/prompt_feed.php?api_key=882a8490361da98702bf97a021ddc14d

     

    BlackBerry: http://www.facebook.com/connect/prompt_feed.php?api_key=2254487659

     

    or alternatively, you can visit this site: http://fbpostvia.zymichost.com

     

    Now everyone can post via iPhone, Android or Blackberry! Hehe

     

    *The 3 links above will resize your window. Re-maximize it to view the Facebook form.

  7. that doesn't show here on my System.

     

    Is yours pre-installed or self installed?

     

     

    no idea never come accross the issue before.

     

    I've only done a Win 7 Ultimate RC install, and am using it now no hidden partitions here.

    but this is defiantly NOT a default feature of XP.

     

    Maybe the partition is only created in the official version?(or only OEM?)

  8. So in summary Vista and 7 does not create a RECOVERY partition automatically? It only appears when it is a preinstalled OEM version of Windows? What about cases of hidden partitions as mentioned in my first post and here?

  9. umm... Vista nor Windows 7 creates a Recovery Partition upon installing the OS. now there is a Recovery CD that you can Download a ISO to create the CD.

     

    Vista Recovery Disc

     

    Recovery Options for Windows 7

     

    Note: the Install Disc for Windows 7 is the Recovery Disc as well

     

    Just found out, the recovery partition is hidden in most systems(especially preinstalled OEM Windows 7 ones) and is used to recover factory settings without using the a Windows or recovery disc(unlike Vista). But i'm not sure about the purpose of the autorun.inf file. I don't like the idea of a hidden partition, taking up precious space.

  10. And while you're looking at the spyware angle, here's another possibility .....

     

    An extremely common cause for this is a poorly written explorer shell extension. Trouble is they are a b*gger to find. Can you tie the start of this happening down to the installation of any software that added anything to your explorer right-click menu?

     

    I've had this periodically on one machine for ages ... I still haven't been able to pin it down yet!

     

    I can't seem to link with any software but thanks for the tip. I'll take a look at the shell extensions, sounds more like it.

     

     

    If all else fails you can keep Process Monitor running in the background and wait for a hang.

     

    It happens quite often so I should be able to get it to hang quite easily... hopefully procxp can shed more light :P

  11. Is anybody here on Windows Vista or 7? When you install either OS'es, does it automatically create the RECOVERY partition? Is the partition visible or hidden? Are you able to access the drive.

     

    It seems that in most cases the partition is not accessible and is read-only. Sometimes there is also an autorun.inf file and the contents are:

     

    [Autorun]

    ShellExecute=Info.exe protect.ed 480 480

     

    I don't think it's malware related but can someone shed some light on the purpose of the partition and the autorun.inf file? Does it only affect OEM versions of Windows?

     

    Thank you. :)

  12. These are steps that should be followed to make sure you have no hidden 'nasties'

     

    We are lucky enough to have Rorschach112 as one of our spyware mods as he also is a malware fighter trainer

     

    I can assure you these programs are genuine and are used on several well known spyware fighting forums.

     

    Should you have any problems running these programs or following the steps just let us know. :)

     

    Thanks hazel for the reply. I'm sure those are good security utilities but my concern was what changes would it make to my computer so that just in case something goes wrong, I would know how to revert the effects. Tools like ComboFix can be sometimes hurt the system if used incorrectly, so I hope you understand. Thank you. :)

  13. I let most of them slide, but your/you're their/they're/there and "alot" bug me ... a.... lot.

     

    There's a t-shirt on sale at Threadless that has the words 'their, they're, there' on it... :)

  14. I'm not sure why but once in a while my explorer will hang for no apparent reason(static hour glass appears). It can be caused by a simple right-click on a file, dragging a file, opening a folder, etc. I can wait forever and nothing seems to change. When this happens it is still possible to open Task Manager and the weird thing is explorer.exe's CPU usage is 0%! I googled and the common symptom is that explorer.exe's CPU usage will be really high but this doesn't seem to apply to my case. Everytime this happens I resort to killing the explorer.exe process and then restart it.

     

    I tried disabling AVG Free's resident shield to see if it is the culprit but the problem seems to always appear again.

     

    My spec:

     

    Windows XP Home Edition SP2

    Intel Pentium 4 3.0GHz HT

    2.5 GB RAM

    AVG Free 9.0

    Spybot Search & Destroy(Tea Timer is activated)

     

    Anybody with a similar problem or solution? Thank you.

  15. Hi there, this might be an old thread but looks like this problem is still occuring with the latest version(1.10)...

     

    I'm using a proxy connection too but had to disable the connection, change update settings, and then re-enable connection to avoid the crash on start up.

  16. Malwares have been exploiting the autorun.inf file to trick users into executing it for a long time already but has been in the spotlight since Conficker was discovered. Users normally execute the file when they access the drive through the double-click method or right-click-open/explore. It doesn't automatically run by itself like a CD or DVD contrary to what many people say. Another way it uses to trick users is by exploiting the 'action' command in the autorun.inf file. It adds the AutoRun action to the AutoPlay window and often masquerades as an option to access the drive but in actual fact, you're executing the malware. Smarter malwares will run and then open your drive for viewing, as if nothing happened. You can actually avoid executing the malware by double-clicking or right-clicking by accessing the drive via the explorer drop-down address bar or the 'folders' button which opens your drive contents for viewing in tree view in the window.

     

    Windows 7, as pointed here says it will improve the feature by fixing the vulnerability. This vulnerability refers to the AutoPlay window, but will it prevent the execution of the malware via double-clicking?

     

    There are several ways to plug this vulnerability in Windows. There is the registry method and the software method. The registry method or hack is described here by Nick Brown which actually disables the function of autorun.inf files completely. Autorun.inf files are treated as non-existent when this method is used. If you're the type who actually uses autorun.inf files(icon changing, cds, etc) and do not want to disable the functionality, but at the same time would want to avoid this type of malwares, there are several softwares to do this but I personally prefer Autorun Eater.

     

    So what do you think?

  17. That worked like a charm, and I can't thank you enough for posting the information! It has finally solved the nuisance of always being super careful not to update by accident.

     

    I've also updated the XPI installer I have in this post, re-tested and it works fine.

     

    You're welcome! Glad to help. I was also looking high and low for a way around this and at last found it. :)

  18. Okay, looks like I've found the way to revert back SA 26.6 but avoid the 'new update found' problem...

     

    Steps by a forumer on McAfee's forum: http://forums.mcafeehelp.com/showpost.php?...amp;postcount=4

     

    Basically, it is opening the .xpi file in a zip program(extract all contents), locate the install.rdf file and remove the line that points to the update site, then repackage the file back to a .xpi file. Install it as usual(drag into a Firefox window) and try updating. There should be no updates for SA 26.6.

     

    If you want to avoid the hassle of doing the steps above, you can download it from here: http://files.filefront.com/McAfee+SiteAdvi...;/fileinfo.html

  19. I've reverted back to SA 26.6 but when I update my add-ons, the update for SA(28.0) will naturally appear and notify me about it.

     

    But how do stop it from notifying me? It adds a yellow 'up-arrow' to the add-on icon in the add-on window, as well as the 'updates' tab...

     

    Is there a way to stop this notifying per add-on?

  20. You can grab it from:

    http://www.mediafire.com/?2thjzlnlzmy

     

    I've already tested it, and it installs fine.

     

    Hi Andavari. Thanks for the last version of Siteadvisor Plug-in for Firefox! After 'accidentally' updating to the installer version, I've been hunting for the plug-in version but to no avail, and at last I found it here. :)

     

    Is it ok for me to share the link with other internet users or redistribute it?

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.