Well hopefully going to take alook at this tool later today but as precaution uploaded it to sandbox/VT service for mal checking;D...
I think Baz can correct me if wrong but it is new Kasp technology coded into latest version that's doing the trick as far as i'm aware f-secure...
Not at the moment but give Nick sometime and maybe he will write new detection module as he did for MBR kit recently;) F-secure will not see...
Welcome back comrade it is not only Russia that produces some of the finest software engineers ....there are others too! But for example when...
Just head's up to interested party's ITW Rustock swapping mailing operations;)...
well it the same for the defenders as it is for the attackers;) Anything that executes can be cracked!
Well the Kaspersky article certainly tied up a lot of lose ends reguarding this bot;D Here is ntldrbot merged to its own Agent downloader(...
Nah M$ bought sources for 4.1 vx and Unreal series rootkits(POC's) from EP. EP is still deving RKU but no longer available for public use....
More than likely archived droppers from some time back:shifty: winfixer2005....bit of a giveaway;) That said this is not fair comparison...
Well screenshots would suggest software is in action but as you might well all be aware they can be faked:o...
Ok have you tried uninstalling RKU,rebooting and then reinstalling again.This usually resets settings back to default;)
hehe;D but thats old one...gotta love them private tools;) now with added view memory region module [ATTACH] Longboard...M$ no have the...
Don't think it will happen folks;) but just for ya dreamers out there8) [ATTACH] PS No u can't have it!!!
the following quote Dr web cure it detects based on signatures-+new module for detection sometimes of this stealth bot....it does NOT detect...
ErikAlbert if that was case then PC review mags would be reviewing handful of private tools and dr web's cure-it only....so your statement is...
Wayne, Welcome back and first of a huge thankyou for PG free,its this malware hunters prefered weapon of choice when collecting...
So You had a fake alert icon in your toolbar flashing away trying to goad you into downloading and buying rogue brand X to clean what it claims is...
GMER:thumb: or Dr Web Cure it:thumb: http://www2.gmer.net/beta/ http://www.freedrweb.com/cureit/
Hi Nick, Have you upgraded your scanning engine because i have quite a few MBR samples archived including 3rd & 4th evo's?
Oh so true,the VT bit about samples made me chuckle....some folks forget that VT uploads are sent out on the wire as received to the participating...
Hi C. GMER ADS flag will copy the file from the stream and not what it is attached too:thumb: [attach] I will test HJT ADS scan when i...
Todays testing. CounterSpy 2.5.1043 **Due to update bug i was unable to upload to current detections file.This has no bearing on the testing...
Maybe being picky but realtime protection does not remove "deeply rooted malware" from a system it simply offers checkpoints to stop malware from...
C'mon Philippe try a bit harder;) The application updater which is only *usable* by clicking on the bug icon in the task bar and selecting...
Todays testing. a2 free(3.1) No ADS scan option so deep scan selected. [ATTACH] [ATTACH] The 2 inactive files are detected but the...
Separate names with a comma.
