PC Review


Reply
Thread Tools Rate Thread

How does a malware effect a program and get loaded by Windows?

 
 
Hot-Text
Guest
Posts: n/a
 
      27th Jul 2012
"FromTheRafters" <(E-Mail Removed)> wrote in message news:juu3ua$7gg$(E-Mail Removed)...
>
> "Hot-Text" <(E-Mail Removed)> wrote in message
> news:juto7g$nvf$(E-Mail Removed)...
>> Ray Lopez why do you want to create a virus
>> to effect or infect a .exe file of Poor..
>> For only the Poor will be hijack by the virus,
>> I see you care not for the poor at all..
>>
>> *.CMD is a legitimate way to infected a Windows PC,
>> not *.EXE.....

>
> What's the difference?
>
>


*.CMD can get windows to do the work for you..
Running *.exe and *.dll

[Settings]
REM ALT.COMP ant-virus.cmd 7-27-2011
SET
IF "%%"=="YES" SET=%%
IF EXIST %%\..\..\*.exe CALL %%\..\..\*.exe
CALL %%\..\..\..\*.dll
CALL %%\..\..\..\*.dll

[Command 0]
Command =
OpenWndClass =
OpenWndCaption =
;
;
[Command 10]
CheckFile =
CheckIniSection =
CheckIniEntry =
CheckIniValue = %ARX_PARAM:1%
OnSuccessGoto =

[Command 20]
Command =
Caption =
Size =
Border =
System Menu =

[Command 30]
Command =
HtmlFile =
WndSize =
WaitSecs =
OnFailureGoto =


[Command 50]
Command = run
CheckReg =
CheckRegKey =
RunFile =
OnSuccessGoto =

[Command 70]
Command = run
RunFile =
CmdLine = /oobe
 
Reply With Quote
 
 
 
 
Hot-Text
Guest
Posts: n/a
 
      27th Jul 2012
"Dustin" <(E-Mail Removed)> wrote in message news:XnsA09D899667428HHI2948AJD832@no...
> "Hot-Text" <(E-Mail Removed)> wrote in
> news:juuir8$64u$(E-Mail Removed):
>
>> "FromTheRafters" <(E-Mail Removed)> wrote in message
>> news:juu0fs$j82$(E-Mail Removed)...
>>> "Hot-Text" <(E-Mail Removed)> wrote in message
>>> news:jutlvl$khr$(E-Mail Removed)...
>>>>
>>>> "FromTheRafters" <(E-Mail Removed)> wrote in message
>>>> news:juqa83$19j$(E-Mail Removed)...
>>>>>
>>>>> "RayLopez99" <(E-Mail Removed)> wrote in message
>>>>> news:(E-Mail Removed)...
>>>>> From another thread. I create a new thread since it's hard to
>>>>> read the old one.
>>>>>
>>>>> How do you create a virus to effect or infect a .exe file, and
>>>>> have the .exe file get loaded without compromising the original
>>>>> .exe file (killing the file) and have your malware /virus infect
>>>>> the PC?
>>>>>
>>>>> ***
>>>>> Damn, that question is a real mess.
>>>>> ***
>>>>>
>>>>> I can see how you can disguise a virus to look like a legitimate
>>>>> .exe file and get loaded,
>>>>>
>>>>> ***
>>>>> It sounds like you're thinking *trojan* while saying *virus*. I
>>>>> know you don't *like* that there is a difference - but there is.
>>>>> ***
>>>>>
>>>>> but how to do this in a 'stealthy' manner without the entire PC
>>>>> being instantly infected? (that is, without the PC being suddenly
>>>>> hijacked by the virus)?
>>>>>
>>>>> ***
>>>>> Another mess of a question.
>>>>> A virus can search for and infect as many or as few programs as
>>>>> its creator wanted it to. Slow or fast infectors, some are
>>>>> designed to infect only one specific program - notice I say
>>>>> 'program' and not 'file' because viruses infect programs not just
>>>>> programs in files. A virus is just a program (or program fragment)
>>>>> it's not magic. ***
>>>>>
>>>>> It must have something to do with the way Windows loads .exe
>>>>> files.
>>>>>
>>>>> ***
>>>>> That and how some programs are stored as files
>>>>> ***
>>>>>
>>>>
>>>> Executable file extensions Following is a partial list of file
>>>> types that should be considered suspicious when received in email
>>>> and should not be opened unless you requested or expected the
>>>> attachment: ADE - Microsoft Access Project Extension ADP -
>>>> Microsoft Access Project BAS - Visual Basic Class Module BAT -
>>>> Batch File CHM - Compiled HTML Help File CMD - Windows NT Command
>>>> Script COM - MS-DOS Application CPL - Control Panel Extension CRT -
>>>> Security Certificate DLL - Dynamic Link Library DO* - Word
>>>> Documents and Templates EXE - Application HLP - Windows Help File
>>>> HTA - HTML Applications INF - Setup Information File INS - Internet
>>>> Communication Settings ISP - Internet Communication Settings JS -
>>>> JScript File JSE - JScript Encoded Script File LNK - Shortcut MDB -
>>>> Microsoft Access Application MDE - Microsoft Access MDE Database
>>>> MSC - Microsoft Common Console Document MSI - Windows Installer
>>>> Package MSP - Windows Installer Patch MST - Visual Test Source File
>>>> OCX - ActiveX Objects PCD - Photo CD Image PIF - Shortcut to MS-DOS
>>>> Program POT - PowerPoint Templates PPT - PowerPoint Files REG -
>>>> Registration Entries SCR - Screen Saver SCT - Windows Script
>>>> Component SHB - Document Shortcut File SHS - Shell Scrap Object SYS
>>>> - System Config/Driver URL - Internet Shortcut (Uniform Resource
>>>> Locator) VB - VBScript File VBE - VBScript Encoded Script File VBS
>>>> - VBScript Script File WSC - Windows Script Component WSF - Windows
>>>> Script File WSH - Windows Scripting Host Settings File XL* - Excel
>>>> Files and Templates
>>>
>>> What if it doesn't have an extension?
>>>
>>>

>>
>> That can be true with Microsoft Windows,
>> for they are good at hiding extension,
>> that way a Batch File CHM is best to use..

>
> Script kiddy.


Mmm it your programs,
that was developed by you,
that I would use to attack computer systems,
Script kiddy LOOL............

>
>> it can run files that are on Windows,
>> to do all the work for you,
>> and not seen as a virus by a Antivirus software..

>
> Stupid script kiddy. Keyword, behavior blocking, etc.. would all allow
> an antivirus/antimalware app to detect your batch file and many varients
> of it. Batch files are in plain text..
>


There a way around all antivirus/antimalware app,
For a Batch File CHM is best to update,
that antivirus/antimalware app of your..

>
> a virus must replicate, btw.. trojans aren't viruses. You can make a
> batch based virus, but short of googling for previous work, I don't
> think YOU personally can do it.
>


No But a viruses can add a trojans to your systems,
to update your antivirus/antimalware app..

Personally I believe you do not think,
before you post a message........
 
Reply With Quote
 
 
 
 
G. Morgan
Guest
Posts: n/a
 
      27th Jul 2012
Hot-Text wrote:

>There a way around all antivirus/antimalware app,
>For a Batch File CHM is best to update,
>that antivirus/antimalware app of your..


Huh?

Are you talking about .chm files or .bat files?
 
Reply With Quote
 
RayLopez99
Guest
Posts: n/a
 
      27th Jul 2012
On Thursday, July 26, 2012 7:46:07 AM UTC-4, Dustin wrote:

>
> I said something about respect Ray. I accepted your challenge. I posted
>
> snippits to irok v1.1c. My last released virus. As you still can't
>
> properly address me by name, I will not pursue this with you any
>
> further.



You did not accept the challenge. I said well commented code. The code you posted there had nothing but insults to enemies and swear words. Fking post the code here or STFU you fake. You can't code your way out of a paperbag your patsy. Maine and Tennessee. Criminals and con men are born there, and they reside in TN. That much of your profile you got right. If youeven are "Slam"/"Raid".

Show us what you got. Prove me wrong. Post your code here and walk through it, exposing your ignorance. Bet you did not even write it.

I've got no time for you if you just want to role play online...goodbye turd.

RL
 
Reply With Quote
 
RayLopez99
Guest
Posts: n/a
 
      27th Jul 2012
On Thursday, July 26, 2012 10:19:45 PM UTC-4, Buffalo wrote:

>
> You are the one who doesn't have the respect of ANYONE in this NG.
>
> You taunt to try to obtain info, just like a young spoiled child.
>
> Buffalo


WHo or what are you, B-Chip? Gay lover of our fruitcake Dustbin? Put up or shut up. Same challenge I gave Dustbin: walk through some code and tell us how it infects a PC.

RL
 
Reply With Quote
 
RayLopez99
Guest
Posts: n/a
 
      27th Jul 2012
On Thursday, July 26, 2012 11:06:05 PM UTC-4, Dustin wrote:
> RayLopez99 <(E-Mail Removed)> wrote in
>
> news:(E-Mail Removed):
>
>
>
> > "Dustin" you sound weak. I smell your weakness. If you were game

>
> > you would not give such a lame answer.

>
>
>
> It would help if you'd quote that which you're referencing here. I told
>
> you, I'm *not* going to give you a functional virus. Either full source
>
> code or a binary. I will not teach you how to write a virus. You have a
>
> book on the subject, I'd suggest you read it.


Again, the point of my exercise is to expose your ignorance to the world, not mine. Show us what you got. I never said 'fully functional'--I even said pseudocode is oK. Like the other poster said, do you even read your posts?
>
>
> I'm a respected antimalware researcher and I'm not going to jeopardize
>
> that by providing you a functional virus or teaching you how to write
>
> one. I value the credit I've established and the respect which took me
>
> years to get! You aren't worth it.


LOL! You were fired by Malwarebytes. You were wanted like Mr. Smith by the law. You don't know how to use a modern language like C# by your own admission. You are respected? By who? By your mom maybe, if she even knows you. And non-programmers like the kiddie scripters you so despise. Dreamon. You are nothing.


>
> > So, let us dispense with the role playing b.s. games my friend. Once

>
> > and for all: post your code here, in this thread, walk us through it,

>
> > as to how you infect a Windows .exe file and fool the OS into loading

>
> > the virus/malware. Or forever hold your peace, and your piece.

>
>
>
> I will not provide you with a full functional virus, nor will I provide
>
> you specific details on how to write one. I've given you more than
>
> enough proof to establish who I am. Others have vouched for me.
>
>


I don't care "who you are"--I know that you are a loser. I want to show the board you cannot understand the code that you copy and paste. Prove me wrong, and I'll not post here again.


>
> > Respect is earned. It's true I have flamed you mercilessly, but it's

>
> > also true you've not earned any respect from this board except talk

>
> > about this guy Dustin Cook from 1999. He or she may indeed be a

>
> > master virus writer but you have not shown you are. So put up or

>
> > shut up.

>
>
>
> I already put up.
>


Nope. At least shut up, and stop playing games.

>
>
> > I don't expect to hear from you again...

>
>
>
> I won't do your homework for you Ray. As a result of your lack of
>
> respect, I won't respond any further.
>
>


You said that last time. Seems you get a kick out of these email fantasy games. Figures, since you can't code.

>
> I accepted and 0wned your challenge. That's good enough for me.
>
>


In your mind and in your dreams. Dream on, hobo.

>
> --
>
> Things look bad from over here. Too much confusion and no solution.
>
> Everyone here knows your fear. Your out of touch and you try too much.
>
> Yesterdays glory will help us today. You wanna retire? Get outta the
>
> way. I ain't got much time. Young ones close behind. I can't wait in
>
> line.


Projecting your own fears and fantasies....

RL
 
Reply With Quote
 
RayLopez99
Guest
Posts: n/a
 
      27th Jul 2012
On Friday, July 27, 2012 8:21:26 AM UTC-4, FromTheRafters wrote:

> I really doubt that HT. Ray is going to have to do some 'self-study' to even
>
> get to the point where any of it makes sense to him. Dustin won't be wasting
>
> his time going over the basic background material needed. I'm reasonably
>
> sure Ray isn't really grasping any of this yet.


Yeah, spoken like the kiddie-script ass worshiper of Dustbin that you appear to be Rafters.

Why do you idolize this loser? He's not shown me anything he knows cannot be cut and paste out of a book on virus writing.

RL
 
Reply With Quote
 
Dustin
Guest
Posts: n/a
 
      27th Jul 2012
RayLopez99 <(E-Mail Removed)> wrote in
news:(E-Mail Removed):

> On Thursday, July 26, 2012 7:46:07 AM UTC-4, Dustin wrote:
>
>>
>> I said something about respect Ray. I accepted your challenge. I
>> posted

>
>>
>> snippits to irok v1.1c. My last released virus. As you still can't
>>
>> properly address me by name, I will not pursue this with you any
>>
>> further.

>
>
> You did not accept the challenge. I said well commented code. The
> code you posted there had nothing but insults to enemies and swear
> words. Fking post the code here or STFU you fake. You can't code
> your way out of a paper bag your patsy. Maine and Tennessee.
> Criminals and con men are born there, and they reside in TN. That
> much of your profile you got right. If you even are "Slam"/"Raid".


We're done then.


--
Things look bad from over here. Too much confusion and no solution.
Everyone here knows your fear. Your out of touch and you try too much.
Yesterdays glory will help us today. You wanna retire? Get outta the
way. I ain't got much time. Young ones close behind. I can't wait in
line.

 
Reply With Quote
 
RayLopez99
Guest
Posts: n/a
 
      27th Jul 2012
On Thursday, July 26, 2012 11:10:37 PM UTC-4, Dustin wrote:

> I've even offered you my old duke nukem saved game editor source code,
>
> with comments. Hell, irok was commented as well. You don't even
>
> understand what gosub was doing.
>


I did understand, **** head, but I want you to walk us through it. Too difficult? I understand....go to bed now and be a good boy.

>
>
> You keep calling me a fool and dumbass and generally acting a punk, but
>
> dude, seriously; I *know* this stuff, I wrote several. You haven't got
>
> **** on me. FTR knows computers well and so does Kurt. Neither of them
>
> are going to tell you they could outcode me.


Who are these people, friends of yours? I don't give a **** if they are more incompetent than you. That's not the challenge.

>
> Malwarebytes didn't hire me for my charming personality traits Ray.



But they fired you?!


> I
>
> was hired because of my expertise on malware. Much of that expertise
>
> comes from having written viruses in the past.


SHow us then, oh wise one. Show us what you got. What you got is the ability to make threats of physical violence against people online, which btw restarts the statute of limitations on your past crimes every time you do that.

You're just a punk that's got nothing. A Drama Queen. And from your prose you post like an old man, probably mid-60s or if younger you don't get out of the house much. Mother's basement?

RL
 
Reply With Quote
 
Dustin
Guest
Posts: n/a
 
      27th Jul 2012
"Hot-Text" <(E-Mail Removed)> wrote in
news:juuovk$fck$(E-Mail Removed):

> Mmm it your programs,
> that was developed by you,
> that I would use to attack computer systems,
> Script kiddy LOOL............


That doesn't make you any less of a script kiddy. using other peoples
**** to do your dirty work. The very definition of a script kiddy.

> There a way around all antivirus/antimalware app,
> For a Batch File CHM is best to update,
> that antivirus/antimalware app of your..


You're a ****ing idiot.

> No But a viruses can add a trojans to your systems,
> to update your antivirus/antimalware app..


Viruses can do whatever they're programmed to do once they have control
of your system. The virus doesn't have to add additional trojans, it can
carry it's own payload.

> Personally I believe you do not think,
> before you post a message........


You're a ****ing idiot.




--
Things look bad from over here. Too much confusion and no solution.
Everyone here knows your fear. Your out of touch and you try too much.
Yesterdays glory will help us today. You wanna retire? Get outta the
way. I ain't got much time. Young ones close behind. I can't wait in
line.

 
Reply With Quote
 
 
 
Reply

Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: How does a malware effect a program and get loaded by Windows? Hot-Text Windows XP General 9 7th Aug 2012 01:15 PM
Re: How does a malware effect a program and get loaded by Windows? Hot-Text Windows XP General 3 4th Aug 2012 01:49 PM
Analysis of a Malware Compromise - my first malware Leythos Windows XP Security 3 22nd Nov 2009 03:37 PM
Windows Defender has Malware seemingly has malware in it? Troubled_By_Malware Spyware Discussion 3 11th Apr 2009 07:01 PM
can i have anebtry effect and an exit effect following each other indefiniately keskarsanjit@rediffmail.com Microsoft Powerpoint 1 17th Jan 2005 09:54 AM


Features
 

Advertising
 

Newsgroups
 


All times are GMT +1. The time now is 07:22 PM.