What is the world coming to?

Discussion in 'NZ Computing' started by Howard, Sep 30, 2003.

  1. Howard

    Howard Guest

    .... when cleverly social engineered trojans with anti firewall tech
    such as this one http://www.lover-spy.com/ are _sold_ as bona fide
    applications!

    The tech FAQ claims the following:

    "The software does NOT
    show up on the Startup folders.
    show up on the Registry Startup Programs.
    get detected by the MsInfo32 utility.
    load on Autoexec.bat or Config.sys files.
    load as a driver.
    attach itself to other executables.

    This makes Lover Spy 100% covert. It is impossible to detect by 99.9% of
    users our there, to do so would take LOTS of LUCK, and a
    professional-level, dedicated software engineer!"

    So, hoping that this ng contains the top 0.1% of users, and assuming the
    FAQ is not just hot air, just how would this program get started?
     
    Howard, Sep 30, 2003
    #1
    1. Advertising

  2. Howard

    Craig Shore Guest

    On Tue, 30 Sep 2003 20:10:31 +1200, "Howard" <>
    wrote:

    >... when cleverly social engineered trojans with anti firewall tech
    >such as this one http://www.lover-spy.com/ are _sold_ as bona fide
    >applications!
    >
    >The tech FAQ claims the following:
    >
    >"The software does NOT
    >show up on the Startup folders.
    >show up on the Registry Startup Programs.
    >get detected by the MsInfo32 utility.
    >load on Autoexec.bat or Config.sys files.
    >load as a driver.
    >attach itself to other executables.
    >
    >This makes Lover Spy 100% covert. It is impossible to detect by 99.9% of
    >users our there, to do so would take LOTS of LUCK, and a
    >professional-level, dedicated software engineer!"
    >
    >So, hoping that this ng contains the top 0.1% of users, and assuming the
    >FAQ is not just hot air, just how would this program get started?


    Load up from a .dll into svchost.exe?
     
    Craig Shore, Sep 30, 2003
    #2
    1. Advertising

  3. Howard wrote:
    > ... when cleverly social engineered trojans with anti firewall tech
    > such as this one http://www.lover-spy.com/ are _sold_ as bona fide
    > applications!
    >
    > The tech FAQ claims the following:
    >
    > "The software does NOT
    > show up on the Startup folders.
    > show up on the Registry Startup Programs.
    > get detected by the MsInfo32 utility.
    > load on Autoexec.bat or Config.sys files.
    > load as a driver.
    > attach itself to other executables.
    >
    > This makes Lover Spy 100% covert. It is impossible to detect by 99.9%
    > of users our there, to do so would take LOTS of LUCK, and a
    > professional-level, dedicated software engineer!"


    So it's a service, then? Check your list of services in Computer management
    :).

    Cheers,
    Nicholas Sherlock
     
    Nicholas Sherlock, Sep 30, 2003
    #3
  4. Howard

    Peter Ingham Guest

    On Tue, 30 Sep 2003 08:54:11 GMT, (Craig
    Shore) wrote:

    >On Tue, 30 Sep 2003 20:10:31 +1200, "Howard" <>
    >wrote:
    >
    >>... when cleverly social engineered trojans with anti firewall tech
    >>such as this one http://www.lover-spy.com/ are _sold_ as bona fide
    >>applications!
    >>
    >>The tech FAQ claims the following:
    >>
    >>"The software does NOT
    >>show up on the Startup folders.
    >>show up on the Registry Startup Programs.
    >>get detected by the MsInfo32 utility.
    >>load on Autoexec.bat or Config.sys files.
    >>load as a driver.
    >>attach itself to other executables.
    >>
    >>This makes Lover Spy 100% covert. It is impossible to detect by 99.9% of
    >>users our there, to do so would take LOTS of LUCK, and a
    >>professional-level, dedicated software engineer!"
    >>
    >>So, hoping that this ng contains the top 0.1% of users, and assuming the
    >>FAQ is not just hot air, just how would this program get started?

    >
    >Load up from a .dll into svchost.exe?


    impersonate a standard dll?
    >


    --
    Please remove '_SpamTrap' when replying. You know why :-(

    Peter Ingham
    Lower Hutt
    New Zealand
     
    Peter Ingham, Sep 30, 2003
    #4
  5. Howard

    bt Guest

    On Tue, 30 Sep 2003 08:54:11 GMT, (Craig
    Shore) wrote:

    >>So, hoping that this ng contains the top 0.1% of users, and assuming the
    >>FAQ is not just hot air, just how would this program get started?

    >
    >Load up from a .dll into svchost.exe?


    Either that or it names itself after some system file, and then runs
    that system file after it is loaded and run...


    Brendan (Avatar)

    --
    ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸

    Check out my cool Water Cooling Project! http://www.computerman.orcon.net.nz/WaterCooling1.html

    Email: corum.usenet@myrealbox (dot com). No Timewasters. No UCE.
    My comments are IMHO, IIRC, FYI, and Copyright.
     
    bt, Sep 30, 2003
    #5
  6. Howard

    Dogg Guest

    On Tue, 30 Sep 2003 20:10:31 +1200, "Howard" <>
    wrote:

    >... when cleverly social engineered trojans with anti firewall tech
    >such as this one http://www.lover-spy.com/ are _sold_ as bona fide
    >applications!
    >
    >The tech FAQ claims the following:
    >
    >"The software does NOT
    >show up on the Startup folders.
    >show up on the Registry Startup Programs.
    >get detected by the MsInfo32 utility.
    >load on Autoexec.bat or Config.sys files.
    >load as a driver.
    >attach itself to other executables.
    >
    >This makes Lover Spy 100% covert. It is impossible to detect by 99.9% of
    >users our there, to do so would take LOTS of LUCK, and a
    >professional-level, dedicated software engineer!"
    >
    >So, hoping that this ng contains the top 0.1% of users, and assuming the
    >FAQ is not just hot air, just how would this program get started?


    If it loads as a service or runs as a dll, hopefully Zone Alarm would
    ask permission for a "Changed program" which might raise an alarm
    bell?
     
    Dogg, Sep 30, 2003
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Um9k?=

    Firewall warning keeps coming up...

    =?Utf-8?B?Um9k?=, Jun 8, 2005, in forum: Wireless Networking
    Replies:
    4
    Views:
    4,559
    kapil [MSFT]
    Jun 9, 2005
  2. Loane Sharp

    limited functionality coming out of standby

    Loane Sharp, Jan 2, 2006, in forum: Wireless Networking
    Replies:
    0
    Views:
    464
    Loane Sharp
    Jan 2, 2006
  3. =?Utf-8?B?bTByaw==?=

    what is the world coming to?

    =?Utf-8?B?bTByaw==?=, Aug 8, 2005, in forum: MCSE
    Replies:
    9
    Views:
    850
    hustfy
    Aug 9, 2005
  4. =?Utf-8?B?Q0QtUGlscw==?=

    The world cup reflects the real world!

    =?Utf-8?B?Q0QtUGlscw==?=, Jul 12, 2006, in forum: MCSE
    Replies:
    2
    Views:
    543
  5. Dave Doe
    Replies:
    7
    Views:
    441
    Malcolm
    Jun 19, 2008
Loading...

Share This Page