I had an interesting adventure today, exploration of windows. It is so~ full of surprises. For example, I found an uninstall file in the windows folder, and to my surprise, when I decided to find out what it might uninstall, I got the following message:
"You do not have sufficient permission to run this file"
This is interesting. I, the owner of this computer, am not allowed to undelete something, wtf. I tracked that program back to an .inf file with various tricks, and it's label was
Ethernet + Creditcard or something, and a bunch of code I admittedly do not understand. Very very interesting. then an .ini file with a lot of senseless characters, within, coded, only thing recognizable a four-digit number.
"Trust is a weakness". Indeed. Everyone who bothers to scan his C:\Windows\ folder will agree to that.
Trust is a weakness
Moderators: jelco, bert_the_turtle, Chris, Icepick, Rkiver
-
- level1
- Posts: 12
- Joined: Tue Jan 21, 2003 5:03 am
-
- level1
- Posts: 54
- Joined: Sun Apr 28, 2002 11:00 am
- Location: Kidderminster
I would look at this carefully, possible trojan. Might just be a stupid program but I would check up on it if i was you. Something that the owner can't uninstall looks a bit dodge to me. Stupid cracker kids will dump stuff in the windoze folder to make ppl think it's meant to be there. Damn kids!
humpf, my brian is broken
-
- level1
- Posts: 12
- Joined: Tue Jan 21, 2003 5:03 am
I like that, very well said.
And I think that sounds really weird. I'm going to browse my Windows folder tonight. Do you think it could be something Chris put into the game for us to find, maybe a test of our tracing skills? I haven't seen anything written about it... Hmmm... I'll keep you updated. Just to be safe, try running a virus scan on the file.
And I think that sounds really weird. I'm going to browse my Windows folder tonight. Do you think it could be something Chris put into the game for us to find, maybe a test of our tracing skills? I haven't seen anything written about it... Hmmm... I'll keep you updated. Just to be safe, try running a virus scan on the file.
-
- level1
- Posts: 12
- Joined: Tue Jan 21, 2003 5:03 am
-
- level3
- Posts: 420
- Joined: Mon Jun 10, 2002 5:31 am
- Location: New Zealand
- Contact:
-
- level4
- Posts: 789
- Joined: Wed Apr 24, 2002 9:38 pm
- Location: Ohio, USA
- Contact:
Sounds like it could be a piece of third party software that expects the administrator of an NT computer to be named "Administrator" (which is, as you can tell, poor coding).Quote: from BladeRunner on 11:05 am on Jan. 27, 2003[br]I had an interesting adventure today, exploration of windows. It is so~ full of surprises. For example, I found an uninstall file in the windows folder, and to my surprise, when I decided to find out what it might uninstall, I got the following message:
"You do not have sufficient permission to run this file"
In Windows NT (especially NT5, which is 2000 and XP) the operating system prevents you from doing things that might damage the system (or others that may gain access to the administrative account) so there is a good possibility that there will be things that you can't delete.This is interesting. I, the owner of this computer, am not allowed to undelete something, wtf.
There is another user for NT systems (though you can't log into it normally) called SYSTEM that literally has full control of the machine. Humans cannot access this account normally (system services can, however).
.what.
"If it cant be deleted, there is a 78% chance of it being a trojan." And why not an essential system file you REALLY don't want to lose?
(Edited by Adriac at 1:27 am on Jan. 29, 2003)
(Edited by Adriac at 1:27 am on Jan. 29, 2003)
00010001000100000000101100010111000 10110000100010001100001011111000101 10000100100000111100010000000011010 0001011000111100001000100001011
Who is online
Users browsing this forum: No registered users and 17 guests