dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
3139

sweetnoob
@optonline.net

sweetnoob

Anon

Daz bootloader

i have a feeling this popular win bypass can be a major botnet.

The application itself injects a SLIC (System Licensed Internal Code) into your system before Windows boots; this is what fools Windows into thinking it's genuine.

can someone explain how that works in the first place? what is the application doing? what is it modifying exactly.

norwegian
Premium Member
join:2005-02-15
Outback

1 edit

norwegian

Premium Member

Same question was asked here - very similar question too.
»Daz Loader

Read this on HAL:
»en.wikipedia.org/wiki/Ha ··· traction

Understand HAL instead of API. Once you start to read a little it may help you google certain questions you have.

As the loader manufacturer has a forum, you may want to ask them, as there are certain protocols the forum and moderators here may question?
»forums.mydigitallife.inf ··· s-Loader

therube
join:2004-11-11
Randallstown, MD

therube

Member

> Same question was asked here

Same OP, you think ?
(The mod's should be able to determine at the least if they were using the same IP to post.)

Lagz
Premium Member
join:2000-09-03
The Rock

Lagz to sweetnoob

Premium Member

to sweetnoob
said by sweetnoob :

i have a feeling this popular win bypass can be a major botnet.

Put a firewall between the machine that is running this and the internet and check outbound connections.

DrStrange
Technically feasible
Premium Member
join:2001-07-23
Bristol, CT

1 recommendation

DrStrange

Premium Member

said by Lagz:

said by sweetnoob :

i have a feeling this popular win bypass can be a major botnet.

Put a firewall between the machine that is running this and the internet and check outbound connections.



Or run a packet sniffer.

Anything that can hook into the hardware at that level could certainly be used to hijack computers into a botnet. It's comparable to the TDL-rootkit protected malware that made the rounds last year, some of which used custom boot sectors. One of the final things I do before returning a machine that was rooted, if the owner didn't want to format, is 'play with it' for a day or so on my [hardware-firewalled] home network while I sniff packets. Machines that look clean aren't always as clean as they look.

ashrc4
Premium Member
join:2009-02-06
australia

ashrc4 to sweetnoob

Premium Member

to sweetnoob
said by sweetnoob :

i have a feeling this popular win bypass can be a major botnet.

»Possible for malware to covertly hide on harddrive sector

I'm guessing that you have been attempting a clean install of a pirated OS and repeatedly finding it infected.
said by sweetnoob :

can someone explain how that works in the first place? what is the application doing? what is it modifying exactly.

Because i what i assume......NO!
ashrc4

ashrc4 to sweetnoob

Premium Member

to sweetnoob
If you had an OEM original and it got infected you really need the original key and possible the correct install CD/DVD.
The shop where you bought it from could provide that.
Failing all this i would recommend you instal a free copy of one of many Linux CD's/DVD's.
I'm sure it's against BBR policy to advise any further.