[Tutorial] How to make a stealthy Virtual Machine

Подписаться 4,3 млн

Просмотров 860 тыс.

50% 1

This is a tutorial, so no scambaiting here this time. If you want to avoid scammers picking up that you're baiting them with a Virtual Machine, this is how to make it really stealthy.
You'll need the following Registry Point:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum
Search for the following 4 GUIDs:
{4d36e967-e325-11ce-bfc1-08002be10318}
{4d36e968-e325-11ce-bfc1-08002be10318}
{4d36e965-e325-11ce-bfc1-08002be10318}
{4d36e96f-e325-11ce-bfc1-08002be10318}
You can download the VMware Tools stealthy registry files from :
s000.tinyupload.com/?file_id=2... (v14+)
OR
mega.nz/#F!PlMihRxR!09SdR7r09... (v8-v13)
This will work for Windows 7, 8, 8.1 and 10 with VMware tools 10.10
I'll do a VBOX/WIn7 version soon.
Happy scambaiting!

Опубликовано:

10 фев 2017

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 1,8 тыс.

@thomasc.8274 6 лет назад

Or change your grandma's computer to look like a vm so she's immuned

@buggsy5 5 лет назад

Microsoft should include a VM in all their releases and install them. It should then be relatively easy to make it appear to scammers that the machine is in VM mode, even when it isn't. Then until they figure out a way to get around the common VM software versions, they would have to treat all intended victims as if VM was not in use.

@gmonkman 5 лет назад

ha, i like your thnking

@primeplatypus1799 5 лет назад

BEST IDEA EVER

@Nash1a 5 лет назад

It is a great idea until enough people do it and the tech scammers get wise to it.

@m_jr7066 5 лет назад

Nash1a but then you could use vm and they wouldn’t say anything...ITS NEVER ENDING

@tosgem 5 лет назад

The way he says "Give yourself ownership, give yourself permission" sounds like some kind of new-age motivational speech / self improvement

@sasodoma 4 года назад

I always find it amusing when Windows tells me to request permission from myself.

@nadurokorte9917 4 года назад

"Obama giving himself an medal"

@rayjaymor8754 4 года назад

@Max Raider I'm honestly looking forward to an actually decent DE coming out that will make Linux completely noob friendly. I'm only using Windows to play very specific games these days. Everything else is via Ubuntu.

@Rickety3263 4 года назад

tosgem reflecthost=“true”

@Asocial_Ace 4 года назад

@@rayjaymor8754Linux Mint is very user friendly for a windows user. Most desktop environments are extremely customizable as well. I find kde to be one of the easiest to customize out of the box.

@alpitu21 5 лет назад

2 gb of ram, 500gb samsung ssd, nvidia gtx 1080. noice.

@vendybirdsvadl7472 4 года назад

vm computer: why you gave me 2 gb of ram?

@tactical_slime4608 4 года назад

my 4gb intel hd laptop: FINALLY A WORTHY OPPONENT

@alexandernicholas5309 4 года назад

And single core processer at 17:10

@Technology_2020 4 года назад

and NEC

@souta95 4 года назад

@@alexandernicholas5309 ...A single core Phenom II X4 CPU... ;-)

@speedyJ0hnny 5 лет назад

Me: (Never Planning to do any scambaiting) Interesting

@dsfuidsfiojausefdsfsee3331 4 года назад

Me Want but can't yet be bothered to do it with VMware and via emails

@fnacoo 4 года назад

@@informalmods6044 now 206 likes

@Daniel-tg5tm 4 года назад

@@fnacoo now 207

@eeejajduanenakdnnae 4 года назад

@@Daniel-tg5tm now 230

@Crazyclay78YT 4 года назад

i would love to, but my machine doesn't let vmware run, or rather I get a thing t the bottom of the settings page that says, "hardware virtualization is not supported by host machine" and I turn it off and the alert is still there.

@DoubleU555 7 лет назад

Honestly the best way to create convincing looking VM is to make the desktop look like as if it's really used by a typical scammer's victim. You know, fill it with some documents, shortcuts, and a tacky looking wallpaper on top of it.

@cm0s 7 лет назад

I agree with what you said except the wallpaper part, since it doesn't really matter as most remote desktop software will disable the wallpaper while the connection is active.

@santosic 7 лет назад

That would be my next step after doing the stuff in this tutorial. To take away that whole too new look, I'd just install a lot of the apps I use on my actual machine, and have their icons on the desktop. Would legitimize it even more (especially if the scammer DID in fact open the installed programs dialog, they'd see a lot of them installed)

@TR2000LT 7 лет назад

Keg LOL

@ips7 7 лет назад

I just died laughing.. So wrong though. So wrong!

@MisterMander 7 лет назад

Double thanks for the advice pal

@zech6846 5 лет назад

GTX 1080 + phenom + 2Gb of RAM. At least scammers aren't smart.

@DandelionYudeul 5 лет назад

Sir in addition to our 50$ gold package we can take your graphics card for free and change it with a better one for your cpu.

@delectantix2830 5 лет назад

Or even better AMD Threadripper and a NVidia 9600m... Who had also an laptop with this card?

@JonnyInfinite 5 лет назад

You have best configuration..

@HappyBeezerStudios 4 года назад

Actually not that bad, considering that we pretend to got infected with everything under the sun.

@tuomollo 4 года назад

Single core Phenom x4 ;)

@benedict8720 5 лет назад

Idk why but I feel like I can trust this guy with my life

@michaelmullen3923 5 лет назад

You're not alone

@alexrawson8492 4 года назад

But can you trust him with $20?

@TheHiroClaw123 4 года назад

@@alexrawson8492 he'll probably spend it on bestbuy only for him to tell the female worker to cancel the shipment and freeze the 20 dollar bill

@TheHiroClaw123 4 года назад

and I would be ok with that

@love999cats 4 года назад

But you wouldn't want to be his enemy

@cactoidjim1477 3 года назад

The fact that they're at the point where they are checking for VMs means that ScamBaiting is working.

@orkhepaj 3 года назад

i dont get why they dont write some scripts , it would look more professional too

@jnawk83 3 года назад

@@orkhepaj that would require they be professional. no professional would work for them.

@phildenfer 2 года назад

It's about escalation. They scam, we scambait. They check for scambaiter VMs, we use stealth VMs. They'll have to check that we are bad at acting, we'll take acting lessons to get better at faking to be potential targets :D And then.... We clone Jim Browning, that's the AI project to create fake victims with AI. Might waste their time.

@itzlqmer6084 2 года назад

@@orkhepaj they do, idk about 1year ago but nowadays they do

@CuttheropeTutorials Год назад

@@itzlqmer6084 the scammer i called today had their “bank server” be a batch file, not just notepad or cmd.

@strawloki7133 7 лет назад

*scammers taking notes*

@MidnightHabit 7 лет назад

Only the few smart ones. I'm guessing the majority aren't really that savvy.

@mdamaged 7 лет назад

boom!

@ionymous6733 7 лет назад

just as Jim took note of them checking the hard drive name

@primemeow 6 лет назад

Or just directly copy it from your host's Device Manager.

@therealb888 6 лет назад

TCOM Reborn It's always safe to keep your host as anonymous as possible.

@georgemorley1029 5 лет назад

“Oh! I see that! Alright...” Like a slug retreating from salt.

@typingcat 4 года назад

"Thank you, come again." would be my response to his retreat.

@Sprinkleycakes 3 месяца назад

Hahahaha underrated comment.

@retropcs88 4 года назад

I would have way too much fun with this. The VM would look like this: Computer: IBM PC AT RAM: 2Mb Video Card: Plantronics Color+ HDD: Seagate ST-225 Disk drives: Mitsumi High Density Floppy drive Processor: Intel 286-16

@loominatrx 4 года назад

lmao

@preinstalleduser2309 4 года назад

Retro PCs CPU: intel 8086, RAM:512mb,

@CNETech 4 года назад

@@preinstalleduser2309 512MB RAM is shit of 2004, ya dingus

@froschgrosch5247 4 года назад

And running Windows 10

@choco-kun7221 4 года назад

Lolll

@AcessDBpro 5 лет назад

14:56 A savvy scammer will notice that your new file name does not have the same icon as the other two files of the same name, and will also probably notice the huge discrepancy in file size. I suggest using another installed executable that is not like the other files it is trying to emulate. I would also throw on a bunch of various files that don't contain personal information, or better yet, a lot of files with your fictitious alias' name/family/employment information that typical users would have after frequent usage on their computer.

@hul8376 3 года назад

@Cipheiz lol

@bufordmaddogtannen 3 года назад

I'd avoid all the fuss and just remove the entry from HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall Although iirc there should be a visibility flag that can be toggled to make an uninstall entry appear or disappear at will.

@marshallpieri3737 3 года назад

@@bufordmaddogtannen thanks man

@DayTripperID 7 лет назад

Did my first scambaiting call today after going through all the vm preparation, stealthing & weathering to make it look used, and the dude didn't even do any checks for VM!

@mikejameson7678 6 лет назад

jeep What an idiot the scammer was... Did you remember to refilter with Documents, and files?

@wasserruebenvergilbungsvirus 5 лет назад

Let me guess, you use Arch btw? :D

@internalscreaming9538 5 лет назад

“And that’s why arch will always be the best” the neck beard says after scratching the dorito dust off his glob of a chin.

@TheTheninjagummybear 5 лет назад

@@internalscreaming9538, The fuck?

@ignat340 5 лет назад

@@internalscreaming9538 h-h-hey shut up

@williamm.1412 7 лет назад

Hi again Jim. I was blown away by this tutorial. Excellent work! At first I thought too many of your viewers would have a hard time comprehending everything. But no....it was just me, lol I read all the comments and was impressed with everyone's feedback. Obviously this will be useful to many of your viewers.Well done!!

@NickolaySheitanov 6 лет назад

William M. Its not hard if you aren’t repulsed by computers and have a bit of an open mind you’ll see how easy it is. Really not complicated.

@ericmiller3284 4 года назад

Another exceptional video, clear, concise and to the point and extremely informative to the viewer. I can't thank you enough for all your hard work and time you put into creating this exceptional video!

@grady.stu.8300 4 года назад

I'm over halfway through all your videos. Not only are you the first channel to do that but I also watch them in entirety. I really enjoy your videos man.

@frgging 7 лет назад

If you have a windows 10 VM, go to task manager, click performance tab and click cpu on the left. You'll see 'Virtual Machine: Yes' at right bottom. And there's no L1,L2,L3 cache.

@bitelaserkhalif 6 лет назад

Louis Lu one reason why I'm using XP VM

@kjl3080 5 лет назад

Louis Lu this needs mdre likes

@Freeak6 5 лет назад

If you use VMWare, just activate "Virtualize Intel VT-x/EPT or AMD-V/RVI" in the settings of the VM, and this will be gone and you will have L1,L2,L3 cache :)

@robbinklg9 4 года назад

@@Freeak6 I am in the VM settings but I can't find the setting.. -Edit found it, it's under hardware, processor

@user-bn2kn8cb1v 4 года назад

For people using libvirt, add in cpu tag.

@alexbrooks6141 7 лет назад

Thanks for this, your advice helped! It's surprising to see them becoming so smart, today I called one company up and before assisting they did very vigorous checks to see if the computer was not a virtual machine! I use VirtualBox so some of the steps I had to implement.

@hernanipereira 3 года назад

Jim, i personally i have great admiration and respect for the work u do in this channel, scamming the scammers, reporting them to the autorities, etc, and this video is another example of it. One of the best of this kind (scambaiting, tech-savy stuff etc). Thank you for another informative and useful video!

@xdramen538 3 года назад

this guys understanding of technology is scary, i’m glad he’s on our side.

@ahmedsalman3294 3 года назад

I wish to have more tutorials from you. This is brilliant stuff. You are a hero jim.

@preinstalleduser2309 4 года назад

This was one of the best videos you’ve done in my honest opinion. Teaching other people how to scam the scammers is a great way to lessen the number of scammers. Wasting their time “safely” is key.

@InfinityBS Год назад

@reapiu8316Get a VPN 🙂

@crylune Год назад

@reapiu8316 they can't do jack shit with an IP address. cookies, maybe. but the IP threat is meh. I regularly give out my public IP to people threatening to "DDOS" me and see what they do. As expected they do nothing.

@WoodyWilliams 4 года назад

Love your instruction style. 1st time through I was hooked on every word. Perfect pace.

@c9rm3n 3 года назад

I started watching these videos a few weeks ago, and have thought about doing something similar to what you are doing, I'm sick of these 6 spam calls a day. Thanks for showing this, though I'm still not sure I'm going to try it. I frequently waste their (scammer's) time but what I've seen you do in video over the last week has been epic. Keep up the great work.

@TheOwlGilga 7 лет назад

I love how your channel is growing, keep it up Jim! Good stuff!

@TheOwlGilga 7 лет назад

Also shows how ententertaining it is to watch someone absolutely dismantle them hahaha

@timroberts69 7 лет назад

It reflects just how pissed off we are at these guys ripping off elderly people and computer non-savvy people. And how sick we are of the repeat phone calls from these scumbags.

@Tailss1 4 года назад

4:45 Save all that with permissions and make sure you are either logged in as local administrator or the account you are logged in with is in the administrators group. Registry objects belong to owner Administrators group by default.

@daddykool3290 2 года назад

Jim's instructed are quite clear. This is a virtual machine so it’s OK to poke around the registry but it’s even more important that you only change the registry if you know what you’re doing especially on a non virtual machine. Thanks Jim.

@useemehere2 3 года назад

I love your channel and you are a Hero for me because you help a lots of people specially those seniors who have a little knowldage about PC and I'm so happy that you are teaming up with other RU-vidr like Pierogi (ScammerPayback) and some other who are really very helpful in combating this plague of society. More power to you all. We are your fan and thank you for your service.

@Weezerr420 5 лет назад

i love at the beginning he sees the VM ..."oh...alright" and hangs up lol gives up

@SireSquish 7 лет назад

Do the reverse on your tech naive family/friend's computers as a backup in case they are fooled by scammers :)

@roddydykes7053 4 года назад

Awesome idea, as a “why not” kind of thing

@KaleshwarVhKaleshwarVh 3 года назад

I really felt it when you said ' please comment and subscribe because it gives me MOTIVATION to do these kinda videos '. I have subscribed long back I start with liking the video and then watch it. But that hit me. Thank you for spreading awareness.

@GhostCrypto-tm1tl 3 года назад

Really first time to see something like this in VM .Thanks a lot for the detailed and comprehensive explanation :) .

@chrisangel7383 7 лет назад

thank you for what you do, and helping us keep up with the ever changing environment!

@NithinJune 3 года назад

Jim: "I have to go out to programs, and back to programs and features to see the changes" Refresh button: "Am I a joke to you?"

@curiouscollectiblesAU 3 года назад

Having to click refresh button to see new changes F5 hotkey:

@kabo0m 9 месяцев назад

I came back for this on my NEW PC! Thanks Jim as always!

@Rickety3263 4 года назад

Please do more of these! I’ve discovered proxmox and NoMachine and scam baiting or not, you have a lot to offer viewers with your knowledge of VM’s.

@HDnoober 7 лет назад

I love you. Keep making more shit please.

@MichelePeach 7 лет назад

Another extremely well presented and informative piece. Thank you for your generosity in sharing, Jim.

@RingZero 5 лет назад

Truly brilliant Jim! Good work 👍🏼

@penelopeplimsoul3617 4 года назад

Love your vids and you, man! Kudos for all the good work. Enjoying binge watching your vids!!

@mick7909 7 лет назад

love that they know we are playing with them... I hope loads of them watch this vid, tell their scum friends and they all start checking... the more time we make them use up every time ... the less cslls they take.

@ShaunDobbie 7 лет назад

Can you please do a tutorial on capturing the data in wireshark?

@ShaunDobbie 7 лет назад

Thanks, could you also tell me what websites give these scam popups? I had one with an 0800 number and lost the number.

@rosalieivady1886 7 лет назад

Pirate Bay??? Really? Gosh, I go there quite often, but never seen one.. True as it is I just ignore all irrelevant content there - and now that I check this post is 5 months old :D

@hasnieking 6 лет назад

In Wireshark go to the tab capture, then options. A window will open with your network cards. Select the one you're using and click start. That's all.

@mikejameson7678 6 лет назад

Enter Wireshark (not legacy). In the "...using this filter:" command box, write 'udp'... The box will turn green. After that, click on "VirtualBox/VMware Host-Only Network." Or "Wireless Network". Thats it.. You get many IP's. But if some are unrelated to "192." 'Series', its a secondary connection, comming from a website, or direct connection between two Computers. That aren't from the same network.. No Problem!

@VulcanOnWheels 6 лет назад

If you want to know more about Wireshark, then watch this playlist: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-6X5TwvGXHP0.html

@lgarcia67 3 года назад

This is awesome, the more people fighting back the better. Listening to those conversations I can tell that they have some very basic knowledge of computers and dos commands. They know enough to scam old people.

@renmikandhevaryndaypi Год назад

Even though this tutorial is designed for virtual machines, it helped me fix an issue with HID devices on my real system. Thanks, Jim.

@darynkatano 4 года назад

A better way to change the device names, which also works with other virtual machine software is to open device manager, and for each device that gives away that it's a VM opening its properties, opening the "Details" tab, copying the "Driver key" value, searching the registry for it, and changing the "Friendly name" values, or creating them, after giving yourself permission to edit the keys

@EUHUGOROGER 8 месяцев назад

WOW THANKS FOR THIS COMMENT! HELPED ME OUT A LOT!

@YourMommasDaddysBro 7 лет назад

Thank you for all that you do

@Suburp212 6 лет назад

Love these videos. Very useful. Always makes me realize how little I know about my pc...

@MrKbtor2 5 лет назад

This is awesome! Thanks! And I believe I saw another video (you might have done) on disabling syskey. Also good work.

@zorsenothorse 4 года назад

Presses windows key, starts typing VMware, "sir you are on a virtual machine"

@elephystry 4 года назад

I think that’s only if you have Tools

@HassanSelim0 4 года назад

it's trivial to delete vmware from your start menu list, it's just shortcuts.

@weirdscix 7 лет назад

Great tutorial, thanks Jim

@meatsamurai1911 7 лет назад

Jim Browning Thanks for the tutorial. Btw I manage to get into a scammers and saw a interesting spreadsheet with 10 phone numbers along with their name and I managed to call them and most of them did not know that it was a scam.

@danejurus69 4 года назад

Oh, I'm gonna have so much fun. Thanks a ton, Jim!

@ninjashinobi2413 2 года назад

Fantastic stuff mate, I have time on my hands I may just indulge myself doing this kinda thing, thanks for all you do bro.

@adrasx6999 3 года назад

So in order to improve the security of my family members I just need to rename their devices to VMWare. That's a nice idea :D

@obfuscated3090 2 года назад

If your family members have thin clients connecting to a VM server you get ease of administration further improving their security. Used thin clients are often very reasonable and powerful enough to be thick clients if you want that.

@feelx92ger 4 года назад

Dear Jim, there's still the services by VMware, however a tiny program called Resource Hacker can be used to rename those. I suggest you put an addendum in the video description. Otherwise, great work as always. :)

@chunntv 3 года назад

Super informative and easy to follow, thanks so much for the tutorial!

@tomdebie2486 3 года назад

Nice work Jim! Learning a lot from you and others ;)

@Okurka. 6 лет назад

17:08 That AMD Phenom II X4 965 having 1 core is a dead giveaway.

@rorymorgan6091 4 года назад

Scammers aren't smart though 👁️👃👁️

@ThackshilaUdage 3 года назад

Exactly my thoughts!!

@pipbaxter5286 6 лет назад

I would really like to see you getting into all the machines on their network and transferring horrendous viruses that will take ages to get rid of.

@alexanderdelguidice4660 4 года назад

I've been working on something that takes advantage of AnyDesk's file transfer system that does what you described. It doesn't infect every computer on their network but it takes their computer down. It's on github and is simply called "Fake AnyDesk Update"

@HassanSelim0 4 года назад

@@alexanderdelguidice4660 The instructions say "connect to the scammer's pc using AnyDesk", but doesn't the scam usually involve them connecting to me and not the other way round? How do you get the files to their PC?

@ultimatedude5686 4 года назад

Hassan Selim He has some way to reverse the connection idk how

@followthemoney1466 3 года назад

Im 9 months late to this, but it seems BossMan takes care to not infect them, just call them on their BS. He also occasionally mentions the legality of what he is doing....does that concern any of you guys with infecting them? ....easy, easy, I dont need the lecture..the thieving scamming sunsabeaches should get everything they deserve every day of the week, and twice on Sunday...just asking for input from other viewers ...and yah, make their computers hotter than radioactive sludge, serves the mofos right....if you care to hehe

@lenders1164 3 года назад

Jim you are a gift to humanity my dude. Keep it up good sir.

@MadWitch 5 лет назад

New sub!!! Your videos are great; helpful and fun! Keep up the good work of trolling these scammers!!!

@narektorosyan863 5 лет назад

A real Samsung SSD does not label itself as "Samsung 500GB ATA", it's something like "SAMSUNG MZNLN128HCGR-000L2".

@GibusWearingMann 5 лет назад

Yeah, but most tech support scammers aren't that sophisticated.

@SleepyDudu 5 лет назад

@@GibusWearingMann still tho

@64bit72 5 лет назад

Maybe a fake one will show it like that

@Daunlouded 4 года назад

My Samsung SSD's are shown almost exactly like that: "Samsung SSD 850 EVO 500GB". However Seagate's HDD is shown as "ST4000VX007-2DT166" so it shows only the model number and nothing else. This is running Windows 8.1 Pro, so I dunno if it makes a difference when running other OS.

@kenny-ph9dw 4 года назад

rename

@Frog-ko6uu 3 года назад

Beautiful video man! I use VirtualBox from time to time, and making it look like a real computer might come in handy. This is what makes Windows so amazing IMO, you can change just about anything about it. That also means you can screw it up and have to start over, but that’s a nice thing about a VM.

@woodywoodlstein9519 5 лет назад

Excellent tutorial Jim. This is valuable

@kadanv8974 5 лет назад

Jim you are so smart thank you for making this vid normally I would just prank call the scammers but now I waste there time even more and you should be working with Microsoft you are really intelligent

@nichderjeniche 3 года назад

7:49 "...let's try Nvidia" and almost typed NVindia 😅 Jim is cursed

@jonathanrose829 6 лет назад

Your computer needs fixation before you can go to the goat house.

@ScienceAlliance 3 года назад

Congrats on 3 MIL!

@RCFunEveryday 3 года назад

Jim, I've literally watched all of your videos and just noticed I am now all the way back in 2017!

@maurogori5425 5 лет назад

To make it realistic, download some random files in the vm, so it looks like it's used

@F4LDT-Alain 4 года назад

I've just hit by accident a French language (my native language) equivalent of these fake "Critical Windows Alert" pages today. I've made a quick call, someone picked up so the number still is active. It's a grey and slow week-end so I'm going to have some fun with them too. But before this I shall use this helpful information to carefully disguise my VM, thanks. Now up to playing amateur Jim Browning too!

@followthemoney1466 3 года назад

It is 9 months later, hoping you got them better than they got you

@GR-gy4uf 4 года назад

Jim I'm learning so much from you thanks man.

@olrusty6822 3 года назад

just found this video, its a great tutorial. i wish i had the technical skills to do what you do. good job getting them scammers :)

@the_synack 7 лет назад

+Jim Browning To make Windows 10 not report that its running under a hypervisor, you'll have to add this to your vmx file. cpuid.1.ecx="0---:----:----:----:----:----:----:----" This will mask out the bit in the CPUID that lets the OS know its running under a hypervisor, otherwise it'll say in the task manager under performance -> CPU that its a virtual machine, which could blow your cover. Not sure what the performance impact is, but I'm sure it probably isn't much if any at all. Also, msinfo32 will also report that the machine is running under a hypervisor unless you change this.

@robertkarpel5569 6 лет назад

Love how your channel is growing, keep it up Jim! Good stuff!

@PhillipBlanton 4 года назад

Wonderful video. Thanks for taking the time to make it.

@xPurpBoyyx 5 лет назад

Great video! This helps me a lot because I didn't know how to Regedit side of being stealthy

@usernamenotfound4047 7 лет назад

Alternatively you could just make the scammer unable to even check those entries in the first place. I also suggest setting the registry entries from an Admin command line instead of changing permissions in the registry. But great tutorial. (Name your Devices "Tech Scammer detected!" and see what they do :D ) I also wonder how Tech Scammers deal with Linux machines

@grandpied 7 лет назад

Scammers are allergic to penguins.

@therealb888 6 лет назад

The_Matrix, linux is also much more open than windows. Don't be a linux fanboy. Once u have the root password linux is far less secure than windows. Check out that channel that has a guy's mother who tries new oses. Their videos go like "Mum tries to destroy ubuntu" or something.

@bitelaserkhalif 6 лет назад

b888 sudo rm -rf --preserve-root

@shadowsinsomniacs9943 6 лет назад

Also the point of this is to waste the scammers time, if you have linux they will just hang up...

@whydohandlesexistAAA 6 лет назад

b888 "once u have root password" You would need to get it from the actual user since linux doesn't store passwords in plain text. Considering people don't randomly tell people with malicious intentions their root passwords, windows doesn't stand a chance in terms of security. You usually don't encounter ransomware which use leaked NSA backdoors on linux.

@kluchaklepana8371 7 лет назад

7 scammers hate this

@XxalightnerxX 6 лет назад

Fuck i fell for your picture

@mbocco83 6 лет назад

I came here to write too, I thought I had a damn scratch on my screen.

@Blobbo 6 лет назад

26*

@robbievermillion5101 6 лет назад

@BillAnt 6 лет назад

And 34 likes your comment ;)

@randamchills 4 месяца назад

amazing video .. even though this is 7 years old I just built a computer using old stuff and a fresh hard drive to start scam baiting .. and followed these steps. The only thing you didnt cover was the stupid vmware logo in the my computer area which i've found other videos for but they seem to not work as i can't find the 6006 file that needs to be edited .. thanks for everything you do Jim!!!

@JohnSeto 5 лет назад

This is just the video i've been looking for. I have a basic VM for scammers to probe around

@roccoranallo4027 3 года назад

Hey Jim question, everything has worked beautifully until I get to the point when I install the Stealthy registry key as Admin and it installs the new file you have titled Microsoft C++ but it does not remove the VM Ware tools form installed programs how do I fix this?

@BrianB.-lb8du 5 лет назад

Jim... did you ever do a VBOX/WIn7 version ? If so, I can't seem to find it. Link? Thnx bro

@HippieInHeart 2 года назад

you probably know this by now but just in case anyone else comes along who doesn't know it: f5 to refresh does not only work in the browser, it also works in normal folders and windows. so instead of always having to go out and back in to the installed programs window, you can simply hit f5 and it should refresh automatically. can't test this myself right now unfortunately, but i'm fairly certain it'll work.

@AlexXanderMarketing 4 года назад

Awesome tutorial Jim!

@MrSaemichlaus 4 года назад

Leave a tab with a Jim Browning video open on your granny's pc. Scammers will know and leave.

@danielabrahams4061 3 года назад

Or have a 'scam baiting' desktop background - or set a text message for the background like 'I know this is a scam' :)

@CyberQuickYT 4 года назад

Windows: so you need regedit edit these fields which are found using this weird key. Linux: just fucking sudo nano /etc/whatever

@undefinednotfound 4 года назад

@top text Nano is the best

@Tamramsy 4 года назад

Justinas nano is the best but vim is superior for editing code

@undefinednotfound 4 года назад

@@Tamramsy vim is too confusing

@undefinednotfound 4 года назад

@top text???

@markwilkinson3375 4 года назад

vim gang represent

@bo49685 5 лет назад

OMG, you are AMAZING with computers. I’ve NEVER seen anybody better than you!!👍👍👍

@Gmon750 3 года назад

I run a lot of Windows VM's on my Mac, including bare-bone Windows VM's, perfect for scammers to get into. I actually enjoy answering phone calls from scammers, but haven't yet gotten far enough for them to try connecting to my computer as they usually hang up on me the moment they realize I'm not as gullible as they first believe. I like this. May try it down the road.

@royal__twistt12cringealert91 6 лет назад

One thing, if you go to Task Manager and go to Performance, it says “Virtual Machine: Yes”

@DeRockMedia 6 лет назад

does anyone know a way to change the BIOS part with Oracle VirtualBox? thats the only part i think i need with that VM program.

@nororlol4life819 5 лет назад

there is a patch

@sinaramzi5448 3 года назад

This is really helpful 👍 thanks Jim like always you are awesome ❤️✌️

@naivsupr 3 года назад

Great work, great video, as always. I'll just recommend checking out the long forgotten "Windows 8" as your VM-guest OS of choice. It is _the_ worst OS ever to remote into! With Charms menu coming and going on the right, and the near impossible WinX / right click down in your left corner.

@RandomPersonBruz 4 года назад

the most technical comment section i have ever seen on youtube

@proxeIO 3 года назад

Scammer that can identify the vm after this, can probably just get a job.

@henrikhansen1023 3 года назад

Most of them can - which I told one. Then he hung up

@Leopr1 4 года назад

This is great information! Thank you!

@IsaacOLEG 4 года назад

Excellent description, thank youi

@TechSquidTV 4 года назад

Had an interesting situation where a scammer connected and was somehow immediately alerted to the fact he was in a VM. What ever "custom" remote tool they used "bogar" had some kind of VM detection.

@mgjk 4 года назад

Bomgar?

@ErraticSteel09 5 лет назад

I noticed that having 1 core on a phenom X4 chip was a dead give away. Is that something we can hide? Or can we convince the VM that it has more cores than what we've given it?

@TheMinecraftNerd2014 5 лет назад

In the Enum folder, you should see a folder starting with "GenuineIntel" or "AuthenticAMD". You have to go into the folder relating to the CPU you use. There may be a variable amount of folders in there, you have to go in each one and change the FriendlyName entry to the CPU name that you want. This only affects the Device Manager, so other places like My Computer displays the actual CPU name at the bottom and not the name you chose.

@jnawk83 3 года назад

why not just give the VM more cores? its not like they gonna be mining bitcoin

@honestinsky 4 года назад

Excellent teaching video JB, thanks for posting, much appreciated. You are doing the Lord's work my wise and talented brother : )

@a2thezizzo425 4 года назад

Hey, saw this video to help me set up a VM in virtual box and it was very helpful! Just wanted to point out I found references to virtual stuff in add/remove programs and services that I also removed using regedit. I don't think they're likely to be found but they're there. Cheers!