Hello There, Guest!
View New Posts  |  View Today's Posts
Fake Or Real?

  • 0 Vote(s) - 0 Average


06-13-2011, 03:03 PM #1
Sam Baker
I LOVE TLF!!!
*****
BSOD Crew
Posts: 1,525 Threads:76 Joined: Jun 2011 Reputation: 40

Fake Or Real?
I have seen this "Method" to detect if your computer is infected with a Trojan or not from long long time in many Arabic forums till now
And i never thought it really detect anything
So the method is like this
You go to Start-Run-system.ini
If the system.ini file contains
EGA80WOA.FON=EGA80850.FON
EGA40WOA.FON=EGA40850.FON
CGA80WOA.FON=CGA80850.FON
CGA40WOA.FON=CGA40850.FON
Then your computer is NOT infected
But if it contains
EGA80WOA.FON=EGA80WOA.FON
EGA40WOA.FON=EGA40WOA.FON
CGA80WOA.FON=CGA80WOA.FON
CGA40WOA.FON=CGA40WOA.FON
Then your computer IS infected
Notice if you have Vista/7 it will always show the second result :eek:
So does this poop really work on XP? and if it does how this happen? and if it doesn't then why the result change from XP user and another
Thanks in advance :cheesygrin:
This post was last modified: 06-13-2011, 03:03 PM by Sam Baker.
Now i am become death,The destroyer of worlds ~oppenheimer


06-13-2011, 03:36 PM #2
The-One
Son Of Anarchy
***
Posts: 338 Threads:27 Joined: Jun 2011 Reputation: 8

RE: Fake Or Real?
If you scan your computer now and then and watch on what your are downloading you will be okay.

06-13-2011, 03:40 PM #3
Sam Baker
I LOVE TLF!!!
*****
BSOD Crew
Posts: 1,525 Threads:76 Joined: Jun 2011 Reputation: 40

RE: Fake Or Real?
I'm not asking how to protect myself from malware
I'm asking if that specific method actually works
Now i am become death,The destroyer of worlds ~oppenheimer


06-13-2011, 06:44 PM #4
AceInfinity
Developer
*******
Administrators
Posts: 9,733 Threads:1,026 Joined: Jun 2011 Reputation: 76

RE: Fake Or Real?
No this shouldn't work because system.ini is just a file that was moreso used in older Windows to load default drivers and the default windows shell. Not much to do with trojans or anything like that. It also works backwards to provide support for 16-bit applications:

Code:
; for 16-bit app support
[386Enh]
woafont=dosapp.fon
EGA80WOA.FON=EGA80WOA.FON
EGA40WOA.FON=EGA40WOA.FON
CGA80WOA.FON=CGA80WOA.FON
CGA40WOA.FON=CGA40WOA.FON

[drivers]
wave=mmdrv.dll
timer=timer.drv

[mci]

You can see that in the comment on your system.ini file.

Anything above XP really stores all the settings in the registry, which makes it a bit more secure. In older versions of windows it would store information like languages, fonts, etc.. But windows developers found out that .ini files weren't really used for storing very advanced settings. xml is even a better option than an .ini file for storing advanced or complex information.

I found that out with a few apps that i've created in the past, however, you can use ini still, as it's easier for user navigation on configuration files if that's what you intend to use one for.

As time went on, you'll notice that more and more ini files were replaced by registry entries, as it's simply a more efficient method for storing data/information.

I don't see how the file would work, as by around Windows 2000 all of the system settings that used to be stored within that file are now in the registry. It could have been possible back in Windows 95/98/ME but not anymore.


Microsoft MVP .NET Programming - (2012 - Present)
®Crestron DMC-T Certified Automation Programmer

Development Site: aceinfinity.net

 ▲
 ▲ ▲

06-13-2011, 06:51 PM #5
Sam Baker
I LOVE TLF!!!
*****
BSOD Crew
Posts: 1,525 Threads:76 Joined: Jun 2011 Reputation: 40

RE: Fake Or Real?
Cool Thanks
I remember years ago some retarded from Saudi Arabia said if you navigated to http://www.gookle.com instead of http://www.google.com you computer will be filled with Trojans
And people actually bought it
"FacePalm"
That's why I'm here now and not in http://www.TechLifeForum4Arabs.com :P
Now i am become death,The destroyer of worlds ~oppenheimer


06-14-2011, 10:07 AM #6
Styx
Meow
**
Posts: 66 Threads:6 Joined: Jun 2011 Reputation: 1

RE: Fake Or Real?
(06-13-2011, 06:51 PM)Hell Guardian Wrote:  Cool Thanks
I remember years ago some retarded from Saudi Arabia said if you navigated to http://www.gookle.com instead of http://www.google.com you computer will be filled with Trojans
And people actually bought it
"FacePalm"
That's why I'm here now and not in http://www.TechLifeForum4Arabs.com :P

Only people with inadequate browser protection will get infected from that site.


06-14-2011, 11:18 AM #7
Sam Baker
I LOVE TLF!!!
*****
BSOD Crew
Posts: 1,525 Threads:76 Joined: Jun 2011 Reputation: 40

RE: Fake Or Real?
So that site is real? :O
Now i am become death,The destroyer of worlds ~oppenheimer


06-14-2011, 11:56 AM #8
Spirit
One with Spirits
****
Posts: 572 Threads:66 Joined: Jun 2011 Reputation: 13

RE: Fake Or Real?
(06-14-2011, 11:18 AM)Hell Guardian Wrote:  So that site is real? :O

The site is real... I'm not sure if it's up to date...
Just a week ago, I needed to clean a system that was infected, the last entry in the history was gookle... and the system had all symptoms described here... :D
http://www.f-secure.com/v-descs/googkle.shtml

My advice, watch out what you type, I once landed on a porn site because I spelled google wrong.

06-14-2011, 12:57 PM #9
Sam Baker
I LOVE TLF!!!
*****
BSOD Crew
Posts: 1,525 Threads:76 Joined: Jun 2011 Reputation: 40

RE: Fake Or Real?
Lol i always thought it's a troll :D
Thanks for the Info +1
Now i am become death,The destroyer of worlds ~oppenheimer


06-14-2011, 02:55 PM #10
Fr4g.
Junior Member
**
Posts: 25 Threads:1 Joined: Jun 2011 Reputation: 0

RE: Fake Or Real?
Even I though that gookle was a troll!
Thanks for letting me know that it is indeed true. Good that I didn't visit it.
But since almost most people know that gookle is spreading poop, doesn't FireFox flag it as harmful content?




Forum Jump:



Users browsing this thread: 1 Guest(s)