• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Be careful before you use a cracked OS...

HannibalX

HannibalX

Diamond Member
Guy at work brought me his notebook to take a look at. I very, very rarely look at people's personal hardware anymore but he's a friend. He had done a "clean" install last night with a copy of Windows 7 he found on a torrent site. Moral/ethical issues aside, I told him I would take a look. He wasn't sure what was wrong but the machine felt slow and buggy.

We have a seperate VLAN at work we use for hardware testing and hardware we think might be compromised. I plugged the notebook into the network and booted it but didn't touch anything else, then let ePO take a look "under the hood". Three seperate keyloggers were running and sending info out. I did a traceroute on one of the addresses - it went to Iran. :awe: There were two bots running, probably gathering data, not sure what. They were trying (and failing) to talk to IPs which I think are (or were) in Yemen.

Also, there were DNS redirects for major sites like PayPal, eBay, and various banks (we tried his bank, BOA and it redirected as well). They looked remarkably like their official counterparts, I doubt most people would have noticed.

Long story short, you should be very careful when using a "cracked" or "jacked" OS you find floating around the net. Better yet, don't use them. I'm not saying they are all compromised but certainly some of them are.
 
Main reason I stay away from pirated software in general. It'd be so easy for someone to add some nefarious code if they wanted to.

edit: That works Crusty, until you need to download an activation hack or patch that does god knows what to the clean install.
 
frostedflakes said:
Main reason I stay away from pirated software in general. It'd be so easy for someone to add some nefarious code if they wanted to.

edit: That works Crusty, until you need to download an activation hack or patch that does god knows what to the clean install.
Click to expand...

There are legitimate uses for downloading it as a torrent, such as losing your media.
 
Crusty said:
There are legitimate uses for downloading it as a torrent, such as losing your media.
Click to expand...

Legitimate ISOs which haven't been cracked or otherwise fooled/tampered with aren't in question.

Like frosted said though, even with a clean ISO who knows what the third party crack/activator is doing.

Your average user doesn't have the knowledge to know what's safe, what isn't, what should be there, what shouldn't.
 
iFX said:
Legitimate ISOs which haven't been cracked or otherwise fooled/tampered with aren't in question.

Like frosted said though, even with a clean ISO who knows what the third party crack/activator is doing.

Your average user doesn't have the knowledge to know what's safe, what isn't, what should be there, what shouldn't.
Click to expand...

You can get these ISOs directly from Microsoft - there's no need to go to illicit third parties.

Edit: Average idiot users who don't know shouldn't be dealing with things like this, but if they are, they deserve what they get for not educating themselves first.
 
I'm always weary of this type of stuff now... I bought my own copy of Win7 X64.

Back in the Win98 days.. Pirating was just a matter of using someone else's CD key and everything still worked. Lame.
 
No surprise at all. I havent downloaded an MP3 in 7 years either because every one comes with a nice trojan. Cheaper and easier to legally buy the stuff.
 
luv2liv said:
what's ePo?? never heard of it.
Click to expand...

ePolicy Orchestrator - McAfee ePolicy Orchestrator® 4.5 is the only enterprise-class, open platform to centrally manage security for systems, networks, data, and compliance solutions. With end-to-end visibility and powerful automations that slash incident response times, ePolicy Orchestrator dramatically strengthens protection and drives down the cost of managing security.
 
MP3s don't contain executable code.

Now if you download a "song" and it's an .exe and you run it, well... you probably deserve what you get, heh. :awe:

edit: Jules, who's that in your avatar? It isn't Stern is it?
 
I got in on the $35 education Windows 7 deal. Last time I checked it was now up to ~$65. Using a cracked OS is very, very stupid.
 
genx87 said:
no surprise at all. I havent downloaded an mp3 in 7 years either because every one comes with a nice trojan. Cheaper and easier to legally buy the stuff.
Click to expand...

lol

Like the guy said above, you probably deserve it if download anything other than a .mp3 and expected it to be a song.
 
JulesMaximus said:
ePolicy Orchestrator - McAfee ePolicy Orchestrator® 4.5 is the only enterprise-class, open platform to centrally manage security for systems, networks, data, and compliance solutions. With end-to-end visibility and powerful automations that slash incident response times, ePolicy Orchestrator dramatically strengthens protection and drives down the cost of managing security.
Click to expand...

did you copy and paste that from McAfee?

we use to use ePO but it got to be a complete pain in the ass. I had to go to McAfee site everyday to manually download the DAT's and plug them in to Orchestrator. that was about 6 years ago. we switched to Trend-Micro and have never looked back. Trend rocks.
 
preslove said:
I got in on the $35 education Windows 7 deal. Last time I checked it was now up to ~$65. Using a cracked OS is very, very stupid.
Click to expand...

on the flip side a clean install of a legit copy of an OS can result in exactly what OP friends encountered in no time. I fix PC's for a living, I'd say most have legit copies of XP/Vista/Win 7. Yet they still have backdoors and spyware out the anus. Using a cracked OS is stupid because it's illegal, but beyond that will be 100% safe if you go thru the proper methods to check it. MD5 comes to mind, if the MD5 matches up a person has nothing to worry about.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top