Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BleepingComputer moderator concealed forensic tool and log


  • This topic is locked This topic is locked
5 replies to this topic

#1 badBiosVictim

badBiosVictim

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 26 April 2014 - 11:07 AM

On 4/26/2014, Myrti refused to disclose the forensic tool that she used to scan my uploaded DOC files. She refused

to produce a log. She refused to use the ExeFilter and tools in REMnux live DVD I requested. She refused to ask

another moderator to use them.

In my thread, I requested others to post their LibreOffice DOC files. I stated I would ask developers of

LibreOffice to comment and would post their comment. I was going to give today's evidence that my LibreOffice was

hacked and that live DVDs have persistent storage. Myrti closed my thread. Below is the reply I would have posted

had my thread not been closed. I am requesting my thread to be reopened

http://www.bleepingcomputer.com/forums/t/532198/badbios-infected-word-doc/

Myrti's actions imply that BleepingComputer are not using the most effective tools to perform forensics on DOC and

PDF files. If BleepingComputer moderators are not using ExeFilter and tools in REMnux, they may be giving false

negatives. I believe Myrti gave a false negative and covered it up by closing my thread.

I have not received a reply to my other thread on BadBIOS infected files. Is BadBIOS being censored?

http://www.bleepingcomputer.com/forums/t/532130/badbios-pdf-files-infection/?hl=%2Bbadbios

BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,768 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:12:37 PM

Posted 26 April 2014 - 11:09 AM

Your thread isn't closed and was never closed. Please show me where I "refused" to do anything.


is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 badBiosVictim

badBiosVictim
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 26 April 2014 - 11:13 AM

No longer is there a reply body to type in or a post button to click on.

Below is what I wanted to include in today's reply. After developers of LibreOffice comment, I need to include their comment.

On 4/25/2014, I booted offline to live PCLinuxOS FullMonty DVD and left my computer on overnight. I had logged in as guest. This morning, the configure menu popped up and asked for the root password. I entered the root password. LibreOffice Manager 4.0.2 popped up:

"Old startup script detected and deleted. Please run LibreOffice Manager again. If you get this message again:

(a) as root: remove the file: /tmp/xsulomanager

( B) as normal user: run LibreOffice manager"

The above is evidence that offline live DVDs have persistent storage. It is also evidence that crackers responded to this post by altering the startup script of LibreOffice Manager. Apparently, the crackers have previously altered the startup scripts of apps and caused the tampering to be persistent.

Edited by badBiosVictim, 26 April 2014 - 11:13 AM.


#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,768 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:12:37 PM

Posted 26 April 2014 - 11:20 AM

This is the link to write a reply in your thread: http://www.bleepingcomputer.com/forums/index.php?app=forums&module=post&section=post&do=reply_post&f=103&t=532198

Let me know if that works.


is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,752 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:03:37 AM

Posted 26 April 2014 - 12:38 PM

One other thing to clarify here. Myrti is not a moderator. She is one of the two admins of the malware removal teaching component we have here at Bleeping Computer.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#6 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,752 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:03:37 AM

Posted 26 April 2014 - 05:58 PM

Member being helped here: http://www.bleepingcomputer.com/forums/t/532130/badbios-pdf-files-infection/

To avoid confusion for everyone and possibly duplication or conflicting information this topic is closed.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users