Search found 14 matches

by h00key
Sat Dec 03, 2016 12:32 pm
Forum: Newbie Questions
Topic: Why is Malware in C++ (Hard) and not simple Python
Replies: 20
Views: 29129

Re: Why is Malware in C++ (Hard) and not simple Python

I guess Python might have some use among Linux/Unix (server) malware creators. Those systems often have Python interpreter installed (unlike Windows), might be non-x86, might have slight differences in APIs (BSD vs Linux vs HP-UX...) and system level access may not be very necessary. Just my 2cents....
by h00key
Sat Dec 03, 2016 10:07 am
Forum: Tools/Software
Topic: Windows Spyware KB List
Replies: 7
Views: 29807

Re: Windows Spyware KB List

Looks like the November 2016 cumulative security update for Windows 7 (KB3197868) installs the diagtrack service. To check: sc query diagtrack To disable: sc config diagtrack start= disabled (Note the space after "=") Or, delete: sc delete diagtrack Has anyone found out if it brings other nasty stuf...
by h00key
Sat Jan 09, 2016 8:06 pm
Forum: General Discussion
Topic: Gmail spam/phishing?
Replies: 2
Views: 8822

Re: Gmail spam/phishing?

I remember getting this sort of spam years ago. If the Gmail spam filter doesn't detect them, one quick n dirty solution is to make a filter that puts all incoming messages that have your own address as sender to trash. You don't usually need to send messages to yourself so it only affects spam.
by h00key
Sat Jan 09, 2016 8:03 pm
Forum: General Discussion
Topic: Favorite Rogue Av
Replies: 5
Views: 10418

Re: Favorite Rogue Av

Good old ErrorSafe :P
by h00key
Thu Dec 31, 2015 10:02 am
Forum: Tools/Software
Topic: Windows Spyware KB List
Replies: 7
Views: 29807

Re: Windows Spyware KB List

Besides going through the list of bad updates, is there an easy way to check the existence of the spy features? At least these can be done: 1. Check the existence of GWXUXWorker.exe as instructed by EP_X0FF (Windows 7/8/8.1): If KB3035583 failed to completely remove files - go to %systemroot%\System...
by h00key
Thu Mar 26, 2015 8:58 pm
Forum: General Discussion
Topic: [Poll] What is your home AV? (part II)
Replies: 22
Views: 35652

Re: [Poll] What is your home AV? (part II)

Avast! because it is the least bad of the 3+1 big free AVs. Unfortunately even it is not free of bloat and various kinds of social media garbage anymore.
by h00key
Thu Mar 26, 2015 8:53 pm
Forum: Tools/Software
Topic: Diaphora
Replies: 1
Views: 5842

Re: Diaphora

Sounds interesting. Does this work in the freeware edition (5.xx whatever)? Gonna test if it works...
by h00key
Wed Feb 25, 2015 1:51 pm
Forum: Tools/Software
Topic: Anti-malwares for Win98SE ?
Replies: 9
Views: 12028

Re: Anti-malwares for Win98SE ?

I suggest old versions too, as malware on W98 isn't likely very new.

Is F-PROT still available for DOS based Windows?

How about ClamAV? My friend used it on 98 a few years ago. Don't know about its detection capabilities however.

Reformatting is of course easiest.
by h00key
Sun Feb 15, 2015 11:06 pm
Forum: Tools/Software
Topic: VBoxAntiVMDetectHardened mitigation X64 only
Replies: 249
Views: 1683197

Re: VBoxAntiVMDetectHardened mitigation X64 only (14/02/15)

Has anyone considered forking VBox source and removing the "hardenings" to make a version suitable for malware analysis? It would cause problems with driver signing I guess? And of course lots of work as well.

Just my random 2 cents...