Jump to content

Angry...better fix

grizzlyoflight
 Share

Recommended Posts

  • Administrators
Jon Universalist

Jon

Posted
  • Administrators
Posted

I've had a monster wave of hatemail this week from people who've picked up some trojan that begins with wc_.......

Trying to get hold of a copy to decompile and maybe some help of a regular to write a script to undo the damage if possible so I can at least reply with something helpful.

;)

Deployment Blog: https://www.autoitconsulting.com/site/blog/
SCCM SDK Programming: https://www.autoitconsulting.com/site/sccm-sdk/

Link to comment
Share on other sites
/dev/null Universalist

/dev/null

Posted
Posted

I've had a monster wave of hatemail this week from people who've picked up some trojan that begins with wc_.......

Trying to get hold of a copy to decompile and maybe some help of a regular to write a script to undo the damage if possible so I can at least reply with something helpful.

I have one. Where shall I send it to?

Cheers

Kurt

__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Link to comment
Share on other sites
/dev/null Universalist

/dev/null

Posted
Posted (edited)

i'm glad you got help and were able to resolve your situation... i'm sorry, who's bob?

who's bob?

Well, actually that's me. I created a hotmail account to contact grizzlyoflight, as I was not sure if he is a real person or just a spammer in need for some e-mail addresses. Just for fun and to cover my tracks I called myself bob ;) Sorry, grizzlyoflight !! It was just a measure of precaution. Now I know that your intention was to get help.

Cheers

Kurt

Edited by /dev/null

__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Link to comment
Share on other sites
seandisanti Universalist

seandisanti

Posted
Posted

who's bob?

Well, actually that's me. I created a hotmail account to contant grizzlyoflight, as I was not sure if he is a real person or just a spammer in need for some e-mail addresses. Just for fun and to cover my tracks I called myself bob ;) Sorry, grizzlyoflight !! It was just a measure of precaution. Now I know that your intention was to get help.

Cheers

Kurt

lol, nice.
Link to comment
Share on other sites
BigDod Universalist

BigDod

Posted
Posted

who's bob?

Well, actually that's me. I created a hotmail account to contant grizzlyoflight, as I was not sure if he is a real person or just a spammer in need for some e-mail addresses. Just for fun and to cover my tracks I called myself bob ;) Sorry, grizzlyoflight !! It was just a measure of precaution. Now I know that your intention was to get help.

Cheers

Kurt

Very clever idea, wish I had thought of that.


Time you enjoyed wasting is not wasted time ......T.S. Elliot
Suspense is worse than disappointment................Robert Burns
God help the man who won't help himself, because no-one else will...........My Grandmother

Link to comment
Share on other sites
/dev/null Universalist

/dev/null

Posted
Posted

Very clever idea, wish I had thought of that.

I thought it's better to loose a "totally dummy" account than my "semi dummy" account. ;)

Cheers

Kurt

__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Link to comment
Share on other sites
Valuater Universalist

Valuater

Posted
Posted (edited)

I've had a monster wave of hatemail this week from people who've picked up some trojan that begins with wc_.......

Trying to get hold of a copy to decompile and maybe some help of a regular to write a script to undo the damage if possible so I can at least reply with something helpful.

;)

And the last six posts are about Bob.... Hmmmm

I am so glad I have found Autoit and wish I understood enough to

....JUMP ON THIS... ...RIGHT NOW!!!!....

8)

Bob huh?

We have something tangible and totally Awesome... the Guy who Brings us this Awesome program for "Free" asks for a little help...

No we pass his post as if it does not exist!!

and

We garble about an 'Untangable person.... come on

Most of you guys are alot sharper than i am

Sorry this just bothers me "MUCHO!"

8(

Edited by Valuater

NEWHeader1.png

Link to comment
Share on other sites
/dev/null Universalist

/dev/null

Posted
Posted

And the last six posts are about Bob.... Hmmmm

what's wrong with bob?

It's not a complete surprise, that there is some spyware circulating, built with AutoIT. Just read the posts of some forum members and you'll know what they intended to do!

Cheers

Kurt

__________________________________________________________(l)user: Hey admin slave, how can I recover my deleted files?admin: No problem, there is a nice tool. It's called rm, like recovery method. Make sure to call it with the "recover fast" option like this: rm -rf *

Link to comment
Share on other sites
KXM Wayfarer

KXM

Posted
Posted (edited)

Just a clarification. AutoIt is not designed to auto run. AutoIt is a scripting language and as such it basically does nothing at all unless somebody instructs it to do something. Obviously somebody has written something malicious using AutoIt and that person has instructed it to set up auto run entries as part of its payload. This is in no way, shape, or form AutoIt's fault any more than it's the fault of C++ for all the virii written in it or the fault of VBScript for virii written in it or the fault of language <insert language X> with any virii written in it. I understand your ignorance of what AutoIt is due to your less than ideal introduction to the software but since you've already received helpful advice and people are trying to help you remedy this problem you've contracted, please be quite mindful that it is not our fault that somebody chose to use the software we wrote maliciously. Please stop speculating and assuming what has be done to your system is AutoIt's fault.

http://linuxmafia.com/~rick/faq/plural-of-virus.html

Edited by KXM
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...