Jump to content

gunny1963

Members
  • Posts

    4
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Having a self contained and UPDATED program I can run from a non-writable CD or lockable flash drive would absolutely rock. And what about that TDL3 rootkit! Malwarebytes, GMER, HJT, SAV, RootReveal, MSRT, AVG, ComboFix and Hitman Pro. Not a single one can stop my client's search engine redirection. Plus NONE of those updateable programs can update. Not a one. I can copy rules.ref onto the infected PC but it won't update. And lastly, get rid of the version info on your executable folks!!!!!!!!!! The bad guys notice it and BAM, process killed. Easy to fix so fix it please. Renaming the executable is easy enough but change the version info often to keep ahead of these creeps please. You do this and I can sell a TON of this product for you!!!!!!!! I have over 300 clients.
  2. Renaming the file is actually one of the things I did. Without the changing of the version info within the actual executable, changing the extension to .com still gets the process killed. As a matter of fact so did naming it explorer.exe, wuauclt.exe, wuauclt.pif, etc. All still get killed unless the file version is hacked. Thanks for the link though! I love ammo. I DID find the three traces were in a restore point and Malwarebytes couldn't remove them so I went into safe mode and turned off System Restore, rebooted the laptop and went back into normal mode and turned it back on. Don't know why it couldn't. Oh well. They're gone now.
  3. It's quite simple really. The issue has been the process being killed within seconds of launch and the folks around here have said "well then rename the executable". Sorry. Wrong answer. Well, partly wrong. You folks have forgotten one minor detail. The VERSION INFO OF THE EXECUTABLE!!!!!!! It refers to Malwarebytes Corporation. And guess what the virus is ALSO checking??????? Duh. So, get yourself a file info modifier (I use Resource Tuner) and go on ahead and change that version info to anything you please. Save the mods then restart the program and voila. Wanted to give props to Malwarebytes while I'm at it. I just looked over my shoulder and it's discovered 3 objects almost immediately and this is after running Combofix, Hitman Pro, GMER's Rootkit Tool, MSRT by Microsoft AND a full scan with Symantec Corporate Antivirus. Now, if it can REMOVE the threats I'll be even more impressed. At least it found them. Later all, Gunny
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.