Zimmer
-
Posts
670 -
Joined
-
Last visited
Posts posted by Zimmer
-
-
Double post delete
-
Stingray declare a winner already! So we can get a new challenge going
-
This will probably seem screaming fast but my first computer all my own was an inspiron 5000 w/ 500mhz processor, 192mb RAM, and 5GB HArd Drive. It ran win 2k (Best Windows ever IMO). Then it BSODed so I installed Xubuntu and it still running (rather slow but usuable). Apparently at the time it was bought it was almost 4k! How technology has grown..
-
Here this hasn't been active so if now one is going to be declared a winner.
How about for the next challenge a crack me....
Language: ANY
Winner: Hardest to find password
-
Titles says it all. Macs are more expensive... Oh right you guys have the Apple Software... so PC users have the Hacitosh, it may be a little more work but you save money! I'd be glad for some one to show that this is wrong, in hardware terms only not looks (though I guess design can count, i.e better cooling.) or software.
-
a) I have given it a tried and I loved it but I also saw the terrible mess of Vista (well at least for a friend I was trying to help).
B) price was more of a "is Microsoft going to screw the average consumer or have the learned" (and if they learned their they have hopefully learned else were for windows 7). Apple was successful with leopard and they didn't sell it for 499 so why does microsoft. Linux was that compared to free 500 $ is insane not that they should give it away, but that they should sell it for a reasonable price not an arm and a leg
c) Apple was an example of what Microsoft IMO should have done one version.
d) I've had a lot of BSOD's and even just black and white text of this file can't be found so I have seen the flaky side of Windows (It has just shutdown before, almost like the plug was yanked it wasn't, when powered on from standby and I've been met with 1 BSOD and 1 Missing SYSTEM file.)
-
Um, ok.... ???? (I don't see how but I guess those that banned him had their reasons even if I don't see why (then again I don't know everything about it (it being snakey's ban))).
-
um unnecessary I think you first have to be him to decide if that is truly unnecessary for his job.
-
I'm wondering why snakey was band? I thought his post were good and the coding challenge was a great idea... Just Curious.
-
Vako you say widnows 7 is good. Well I want to see the reqs. when it is released and sold. I also want to see if it is stable (As stable as Linux would be nice... Oh who am I kidding that's a pipe dream). Then I want to see how many editions and cost (I hear the version they are selling as "Ultimate" is 5000$ ;)). Lets hope its one and its the ultimate version and 129$ (the other two OS are that or less. Apple 129$ and Linux is FREE!). So I'll decide then
-
The writer has some good points. Also the best windows ever was Windows 2000.
-
I like it (Destruction of Technology thread!!!), and I also don't feel so bad about treating my laptop a little rougher then I should have (I broke the LCD (at least not the whole computer).)
-
EDIT I see you have fixed the problem after I visited this page (so I did not see your post.)
I counteract your claim of my failing by your failure to see how you fail. Any thing you do on this computer is potentially been monitored. hak5.org might even make it to the list of sites that this software blacklists. You cannot trust that install of Windows. You'd be at a nice 'blank' desktop now if you had started installing when you should have done.Don't Reformat!
The link you found was also mentioned in the link from Sparda http://hak5.org/forums/index.php?act=post&...=43&t=11208
and sense you can not access it (http://miekiemoes.blogspot.com/2008/10/fake-sysaudiosys-causes-searchengine.html) I have copied and pasted it bellow
Monday, October 13, 2008Fake sysaudio.sys causes Searchengine Hijack
What is this infection about...
It actually loads a script, so searchengine results are loaded within a script. For example, when you research something in google or another searchenigine, you get this when you view the source:
script scr= //78. 157. 142. 58/ and then the searchengine results.
or
script scr= //209 .85 .171 .9/ and then the searchengine results.
(more may be present as well)
So, whenever a popular searchengine is being used, a script is loaded to insert its results. For example, a search for: "How to remove rootkits with icesword", you get irrelevant results. Screenshot here:
This only applies for the first page of the results.
It looks like stopzilla.com is also promoted via this piece of malware
Example:
As far as I know.. this one is getting installed via a "Yahoo! Counter starts here" javascript (which is a malicious script and not related with Yahoo) injected on many forums/sites/blogs.
The responsible file for the searchengine hijack is sysaudio.sys, (which is actually a DLL) dropped in the %sysdir% folder (system32 folder).
Note - do NOT confuse this one with the legitimate sysaudio.sys file which is present in the %sysdir%\drivers folder!!! So don't delete the legitimate %sysdir%\drivers\sysaudio.sys file!
The loading point for the fake sysaudio.sys is under the
HKLM\software\microsoft\windows nt\currentversion\drivers32 key
with value and valuedata:
"aux"="sysaudio.sys" or
"aux2"="sysaudio.sys"
Legitimate valuedata for "aux" should be wdmaud.drv or mmdrv.dll or ctwdm32.dll (those are the most common legitimate ones I've seen so far, there could be more)
Other files the fake sysaudio.sys may use are divx.nls or ntnet.drv which is also present in the %sysdir% folder.
(could be more already - newer variants)
Anyway, this is another method being used to "hide" its presence because it causes confusion with legitimate files/keys. So be cautious if you think you're dealing with this one and do not delete the legitimate sysaudio.sys file present in the system32\drivers folder or "aux" value in the registry. Ask for help if you're not sure.
UPDATE!!!
A new variant is Windows\system32\wdmaud.sys <== bad one
The legitimate ones are Windows\system32\wdmaud.drv and Windows\system32\drivers\wdmaud.sys, so don't delete those!!
UPDATE2!!!
And again a new variant around.
Redirections go for example to 209.85.171.199 - or you see 7.7.7.0 in the status bar.
This time, it uses a random file name. To find out, browse to the HKLM\software\microsoft\windows nt\currentversion\drivers32 key in the registry and look what's present under the "aux" values (aux1, aux2, aux3, aux4..) One of them is the cause. It's a "weird" looking filepath and name, examples are: "C:\WINDOWS\system32\..\sjkemx.iqd" or "C:\WINDOWS\system32\..\kvlhurx.niq" or "c:\docume~1\%username%\LOCALS~1\Temp\..\herlppj.sna" - note the reference named ".." which actually refers to "go up two levels". To find the file itself, easiest way is via Windows search. If it comes back immediately after you have removed it, you can use the "Hijackthis - Delete on reboot" option, or any other tool that is able to delete files on reboot.
In case you can't launch regedit (crashes when you launch it), rename regedit and try again.
If you're unsure, don't delete anything, but ask help instead.
To receive help to remove the infection or similar infections, register at one of the forums present on the right, or register at my personal forum here. It's a dutch forum but I also give english support.
Related Posts by Categories
Malware
* Virut and other File infectors - Throwing in the Towel?
* Miekiemoes rules ?? Yeah right...
* MySpace/FaceBook worm causes confusion in HijackThislogs
* Andromeda AV and AntiVirus PRO 2008 - new Rogue scanners
* Beware of fake email from Microsoft!
* Malware Removal - Where to draw the line
* Dutch users Alert! - Beware of fake Tax forms - episode 2
* Dutch users Alert! - Beware of fake Tax Forms
* Virut is back again - sigh
* VIRUS ALERT! in clock and how to restore it
* Popups - annoying... but funny... sometimes
* Vundo goes WGA!
* Email-Worm.Win32.Locksky - new stubborn variant
* April's fool or...
Bookmark/Share • Technorati Links • Email this
Posted by miekiemoes on 7:44 PM
Labels: Malware
Enjoy!
-
A word of Caution this can seriously fuck up you computer so much that even a system restore will not fix it. The way it achieves the Mac look is by changing SYTEM Files. Just thought it should be know
-
Been a week and the screen installation is fine! Sense the screen is glossy though, their is a little more glare but nothing too bad. The install was pretty easy and the only hitch was that we didn't have the correct screw driver so we had to go get it. Hope this helps anyone else.
Broken Screen, Cracked Monitor, Laptop Broken, Laptop Screen Replacement, Dell Monitor LCD Broken, How to Replace Laptop LCD, Guide Replace Laptop LCD, Guide Replace Laptop Monitor. <--- Please don't delete this is so it is easier to find if this ever happens to anyone else. :)
-
-
OK BIOS recognizes it. There are no clicking sounds. Also when this happened I turn my computer on from standby and log in and it suddenly shutdown (as though the cord were yanked (it wasn't))). It is not overclocked etc. I was thinking of spinrite but if I could get this fixed with free software (not saying SpinRite is a bad product I've heard what it can do). I'm trying booting into DSL (Damn Small Linux) and then copying the files needed for a DOS floppy, which I copied from a working computer, to a floppy and try and run chkdsk and replace the needed file.
-
Thanks for all the suggestions! I've tried getting freeDOS on USB but no go. Though I can boot DSL (Damn Small Linux) and I could write to the floppy drive hmmm. So thanks for the ideas and if that fails I'll try Windows PE 2.0.
-
I've tried google it gave me answers but one problem my CD/DVD drive is broken. So I booted off of USB into DSL to mount the drive and just replace it with the backup SYSTEM.old but the hard drive won't mount (I pretty sure the hard drive isn't dead because the problem is a file can't be found, and wouldn't the BIOS raise an error if the hard drive was dead.). So I know have run out of ideas (BART PE doesn't fit on the flash drives that my BIOS will boot. Also no chain loading (for the USB drive to boot) the computer that is dead it the only one that can right to floppies :(. All I need is to rename to file on a NTFS partition got any suggestions, experience, or ideas I'm all ears. Thanks.
-
Old Fashoin way? What copying one by one?... Anyways if this ever happens again I would suggest SpinRight from GRC.com
-
Ok I finally ordered from ebay and its arrived... I have not had the time to install it yet but for anyone who wishes to know, I ordered it from expresslcdscreens08 http://myworld.ebay.com/expresslcdscreens08/ and it shipped fine in about 3 days. There were a couple bad reviews but most of them were good (about a 98% satisfaction rating). So I re-update this once install just in case anyone had this unfortunate thing happen to them
-
Vivek Ramachandran I was thinking the same thing though with different architectures, different OS, different version it my cause problems
-
Got Pork, well I guess the governess wants to through money at it... and guess who ends up paying the tax payers Joy! (that there was sarcasm encase anyone thought I was being literal)
-
Having tried both C and C++ I would suggest that you start out with something like PHP or Python (Python being the one I chose). Python at first may seem as though it is very limited (one draw back at the beginning is I wanted to create EXE (you can use py2exe for that.)). But as I want along I began to find that just because it didn't make me dizzy trying to learn it from a guide (python I just played with it in the IDE and looked at other code and used google to find specific stuff) like C or C++ did.
iTunes Hacked
in Security
Posted
:) :) Apple iTunes Gift Cards code has been hacked....
http://outdustry.com/2009/03/10/the-chines...-voucher-trick/
http://i.gizmodo.com/5167465/get-200-itune...ouchers-for-260