Spyware Challenge! You Got The Guts There, Nerd Master!?!? (free Prize Inside)

[zachj]

That 4890 "real" hits is much nicer than anything posted thus far, but I think we've not scratched the surface on this one . . . After seeing everything I've seen, you're gonna' get a lot more if you keep at it. Just don't accidently unfreeze or anything (lose power) and you're well on your way, unless there are a few that haven't posted in order to surprise us at the end.

Z

 

[I.M.O.G.]

I'm wondering myself who's holding out... If I had a secondary rig I could beat up rather badly, I would probably hold out until the very end so that no one ripped off my logfile I worked so hard to build up. If you knew exactly what to get - it wouldn't take long to get down and dirty.

 

[ghettocomp]

Bad Thunderstorm, Bad!! BaaDD!!
<*:-crash of thunder-:*> and Yer OUT! Power losss and I have to start again, Shoulda had my UPS fixed but then I haven't done that for over 2 years. Kinda like playing Poker with the Devil.. and you know that you're going to lose. Can't do anything to prove the 20K+ I had.

 

[I.M.O.G.]

Should have backed up your spyware.

 

[joelb79]

I win!!!

Logfile, rightclick save as

 

[zachj]

That's pretty derned impressive, but 74,000 Netsky infections has to come out of that, plus 7 thousand of something else to call it a "real" infection. But you may well win the "pure number" category. I'm thoroughly impressed. How long did that take? And did you "help" Netsky or not?

Z

 

[gustav]

I win!!!


[/url]

LOL! Good job. I don't have the time to compete with that!

 

[joelb79]

I helped netsky infection by sharing the entire harddrive and also creating some other folders named shared to increase the amount of files that it creates to mimmic the shared item.

Plus i set a variable in the system that made My Shared Folder = C:\Program Files

so yeah.. netsky was going ape**** for a while untill it crashed.

overall its an impressive virus infection with a TON of toolbars and other spyware that i looked up on lavasoft and symantec security response. This took 3 days to install, and 1 night of 100% cpu usage of netsky.

This was done in vmware. very easy to use for this..

should have done windows 98 much more vunerable.

 

[I.M.O.G.]

Somewhat hoaxed, but fairly impressive anyways...

 

[zachj]

Should have used a real PC instead of VMWare . . . That 100% CPU usage would have meant a lot more Still, a lovely infection.

Z

 

[I.M.O.G.]

I wanted to mention that I wasn't trying to discount that infection BTW... Despite "netsky" and "other" padding/hoaxing his total count through the file system manipulation, he has approximately 64 families of infections.

I am not certain, but considering there aren't a ton of official entries, I believe he is winning the "legitimate infection" category at 64 infections.

Pretty damn impressive.

 

[zachj]

I agree . . . But I hope you didn't delete your VMWare hard disk image, because now that you've posted it, you've given away some of your secrets and given people a number to shoot for. I think you're going to have to stick with it

Z

 

[joelb79]

who said i was done? im just unwinding. im just getting started!

 

[fraug]

Let's kick it up a notch ..

Since you guys are just getting started, here's a little something to get you motivated:

Logfile

Just for giggles:

Get a cup of coffee, you have some work to do

 

[Sjaak]

omg...1/3rd of that computer is spyware

Whats the boot time of that rig

 

[I.M.O.G.]

We're getting there now... While thats another impressive number, I'm slightly dissappointed that I haven't seen anyone break out anything big besides netsky.

Ehh, I can't even work with that logfile on my friends PC here... The whole computer goes to crap when I try to use wordpad to open a 40MB file.

Will post something on this later after I take a closer look... For now, it looks like 140,000 of those are netsky files.

 

[fraug]

Yes it is mostly NetSky.C. I figured since that's the direction everyone seems to be heading, that I would do the same. I think now it has kind of turned into a contest of who can get the most NetSky.C infections and still have the system stable enough to run a scan

To answer the previous poster's question, it actually boots fairly quickly, but once it hits startup items it pretty much comes to a halt. I had to remove those just to be able to run Ad-aware (hence the 0 processes/modules). This is all on a 1GHz laptop.

I was also going to see how much I can get without NetSky.C at all...

Here's a snip for those that can't open the logfile:

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
AdDestroyer(TAC index:5):12 total references
Alexa(TAC index:5):48 total references
BroadCastPC(TAC index:7):4 total references
Claria(TAC index:7):37 total references
CometSystems(TAC index:7):191 total references
ConfuSearch(TAC index:5):4 total references
CoolWebSearch(TAC index:10):6 total references
CustomToolbar(TAC index:7):2 total references
Dogpile Toolbar(TAC index:3):2 total references
eAcceleration(TAC index:7):1 total references
eUniverse(TAC index:10):11 total references
EzuLa(TAC index:6):136 total references
FreeScratchCards(TAC index:3):7 total references
IBIS Toolbar(TAC index:5):41 total references
iSearch Toolbar(TAC index:3):12 total references
istbar(TAC index:6):1 total references
iWon(TAC index:5):73 total references
MRU List(TAC index:0):24 total references
MyDailyHoroscope(TAC index:5):20 total references
NetworkEssentials(TAC index:7):15 total references
Other(TAC index:5):9692 total references
Possible Browser Hijack attempt(TAC index:3):6 total references
SecondThought(TAC index:4):11 total references
Softomate Toolbar(TAC index:9):8 total references
Tracking Cookie(TAC index:3):175 total references
VirtualBouncer(TAC index:5):23 total references
Virtumundo(TAC index:10):14 total references
VX2(TAC index:10):38 total references
WebHancer(TAC index:9):34 total references
WhenU(TAC index:10):18 total references
Win32.Netsky.B(TAC index:10):1 total references
Win32.Netsky.C(TAC index:10):141991 total references
Windows(TAC index:3):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

[Sjaak]

Other(TAC index:5):9692 total references

 

[DMac]

Fraug, that it totally hilarious! That screenshot of your browser is awesome.

 

[joelb79]

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
180Solutions(TAC index:8):30 total references
2020Search(TAC index:4):35 total references
AdDestroyer(TAC index:5):13 total references
AdRoar(TAC index:6):1 total references
Alexa(TAC index:5):124 total references
BargainBuddy(TAC index:8):114 total references
BlazeFind(TAC index:5):24 total references
BonziBuddy(TAC index:7):227 total references
BookedSpace(TAC index:10):5 total references
BroadCastPC(TAC index:7):17 total references
Claria(TAC index:7):125 total references
ClearSearch(TAC index:7):29 total references
ClickSpring(TAC index:6):28 total references
CometSystems(TAC index:7):427 total references
CoolWebSearch(TAC index:10):129 total references
CrackSpider(TAC index:4):25 total references
DyFuCA(TAC index:3):83 total references
e2give(TAC index:7):32 total references
eUniverse(TAC index:10):40 total references
ExactSearchBar(TAC index:5):25 total references
EzuLa(TAC index:6):277 total references
Favoriteman(TAC index:8):20 total references
FlashTrack(TAC index:7):29 total references
FreeScratchCards(TAC index:3):8 total references
Golden Eye(TAC index:5):1 total references
HungryHands BHO(TAC index:3):15 total references
IBIS Toolbar(TAC index:5):253 total references
ImIServer IEPlugin(TAC index:5):49 total references
IPInsight(TAC index:7):4 total references
istbar(TAC index:6):70 total references
iWon(TAC index:5):193 total references
Lycos Sidesearch(TAC index:7):33 total references
Marketscore(Netsetter)(TAC index:7):4 total references
MicroGaming(TAC index:4):1 total references
MRU List(TAC index:0):17 total references
MyDailyHoroscope(TAC index:5):38 total references
NavExcel(TAC index:5):33 total references
NetPal(TAC index:9):9 total references
Other(TAC index:5):7606 total references
PeopleOnPage(TAC index:9):37 total references
Possible Browser Hijack attempt(TAC index:3):87 total references
Powerscan(TAC index:5):13 total references
PromulGate(TAC index:5):9 total references
RBase01.ath(TAC index:8):2 total references
Roings(TAC index:5):20 total references
Scratch and Win(TAC index:6):31 total references
SecondThought(TAC index:4):15 total references
ShopNav Hijacker(TAC index:8):32 total references
SideFind(TAC index:5):54 total references
Softomate Toolbar(TAC index:9):7 total references
TIB Browser(TAC index:4):13 total references
TopMoxie(TAC index:3):9 total references
TopPicks(TAC index:6):95 total references
Tracking Cookie(TAC index:3):73 total references
Transponder(TAC index:10):4 total references
VirtualBouncer(TAC index:5):25 total references
VX2(TAC index:10):165 total references
WebHancer(TAC index:9):79 total references
WhenU(TAC index:10):157 total references
Win32.Adverts.TrojanDownloader(TAC index:6):5 total references
Win32.Kwbot.C(TAC index:8):6 total references
Win32.Netsky.C(TAC index:10):74706 total references
WinAD(TAC index:7):8 total references
Windows(TAC index:3):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Mine is longer. GG tho. To beat you all i would have to do is clean netsky and re-infect myself with it, only this time i will make sure i have alot more folders and a cleaned out msconfig so it can copy itself all night before crashing.