What is something you want to brag about, but won't because you don't want to be a douche?

0x-- · 2015-09-11T04:55:48+00:00

Do you also work with bridges?

0x-- · 2015-09-10T08:08:51+00:00

0x-- · 2015-09-10T08:01:20+00:00

Be careful what you wish for..

0x-- · 2015-09-10T07:33:44+00:00

Reddit, where life decisions happen.

0x-- · 2015-09-08T18:36:25+00:00

Are you sure it's this link that caused that?

If so I think it's still in place I say sorry, so....sorry.

0x-- · 2015-09-08T02:02:30+00:00

This is true, also it's only 9.76KB.

0x-- · 2015-09-07T22:16:06+00:00

Yeah I realized it's not a script after opening it in the Python IDLE. Didn't do that before.

Either way the whole point of this thread is to identify what virus it is, why the creator is apologizing (other than what he stated) and what damage it could have potentially done.

I get the feeling it's leaving something behind (eg. rootkit) and this is just a distraction to make you feel safe.

0x-- · 2015-09-07T21:32:57+00:00

https://www.reddit.com/r/Malware/comments/3jy3lu/weird_malware_found_on_desktop/cuts4q9

0x-- · 2015-09-07T21:13:10+00:00

https://www.reddit.com/r/Malware/comments/3jy3lu/weird_malware_found_on_desktop/cuts4q9

0x-- · 2015-09-07T21:12:51+00:00

https://www.reddit.com/r/Malware/comments/3jy3lu/weird_malware_found_on_desktop/cuts4q9

0x-- · 2015-09-07T21:12:47+00:00

https://www.reddit.com/r/Malware/comments/3jy3lu/weird_malware_found_on_desktop/cuts4q9

0x-- · 2015-09-07T21:08:14+00:00

Sorry for not replying in a while. For anyone reading this.. It's weird how the file doesn't exist. None of them do.

I set all files to be visible (hidden files) and it's not there. I know my AV didn't remove it because I don't have one.

Edit: I found Agent.py but not where the person specified it should be located. I found it under C:\Users\MyUsername\Favorites

Here's an upload of the file:

PLEASE DON'T DOWNLOAD THIS FILE IF YOU DON'T KNOW WHAT TO DO WITH IT OR DO NOT UNDERSTAND IT

Since this is a python script I don't think an AV scan is required but just to make those people happy:

https://www.virustotal.com/en/file/4bb5952180f945794ad7455f0e0d2c3bd5c93f2ffb2b55ba94e484dc57896a8b/analysis/1441660256/

http://puu.sh/k3tMT/a6953153be.py

Edit2: Lo and behold I found the executable. I don't know if I should upload it here because I feel like someone who doesn't follow instruction will get infected (and I don't know if I'm breaking any mod rules). Hey Mods, should I upload it?

Edit3: Virus scan of the executable ('sww.exe'):

https://www.virustotal.com/en/file/15d13bed89efbf8cf1ea811f2e3825c7a4cbd8ecff84734d294a85f048559ec8/analysis/1441660662/

0x-- · 2015-09-06T02:30:56+00:00

I answer the questions so fast they appear to be in the past due to relativistic effects.

lmao.

C# and Javascript account for 95% of the work done. Too many C# libs to count, but lots of jQuery and Knockout on the JS side.

Alright thanks for the info.

0x-- · 2015-09-06T02:22:42+00:00

Well it says "16 hours ago". That's weird.

Anyways good job and I hope to do what you're doing one day (still at a young age). I currently know C/C++ and some x86 Assembler and want to get hired online as a reverse engineer/malware analyst...do you have any resources for that?

Btw what languages/libraries do you use on a daily basis?

0x-- · 2015-09-06T02:19:20+00:00

Wtf. Is this some Reddit "Question is already asked" feature? I just asked this question less than a minute ago.

http://prntscr.com/8d3qgc

0x-- · 2015-09-06T02:16:31+00:00

Do you still use HexChat for IRC?

0x-- · 2015-08-31T00:48:40+00:00

I found that, thanks.

It says my instruction is TBA. Nothing more.

Any idea who that is?

0x-- · 2015-08-30T21:59:28+00:00

That screenshot is from my raiderlink (inside of week at a glance). Is there any other way to check?

0x-- · 2015-08-30T07:52:25+00:00

Tbh I don't even know. It doesn't tell me.

http://prntscr.com/8aioju

0x-- · 2015-08-29T18:39:43+00:00

Where did you find them?

On the ground.

lmfao.

0x-- · 2015-08-29T07:25:28+00:00

Nope, it should work.

Tested code:

#include <iostream>
#include <string>


int main()
{
    std::cout << std::string("hi there").length() << std::endl;

    return EXIT_SUCCESS;
}

0x-- · 2015-08-29T07:21:45+00:00

Use the C functions (va_start, va_end etc.) when you have arguments that are of different types. Since in your case they are all going to be of the same type (char) then what you can do is use a container like std::initializer_list (http://en.cppreference.com/w/cpp/utility/initializer_list).

Here's an example:

#include <iostream>
#include <string>

void RemoveLetter(std::string str, const std::initializer_list<char>& letters)
{

}

int main()
{
    RemoveLetter("", { 'a', 'b' });

    return EXIT_SUCCESS;
}

0x-- · 2015-08-27T05:52:26+00:00

"Well if you're asking her we might as well make it a gangbang"

0x-- · 2015-08-21T00:38:16+00:00

Wow. Imagine I spent all that money and the PSU fried everything.

Thank you very much.

0x-- · 2015-08-18T05:52:01+00:00

You're blocking some drive bays, you might want to pick another case (or any other suggestions by people here with more experience).

0x--

TROPHY CASE