Jump to content

razoreqx

Honorary Members
  • Posts

    98
  • Joined

  • Last visited

Reputation

0 Neutral

About razoreqx

  • Birthday 01/30/1915

Profile Information

  • Location
    OHIO
  • Interests
    Malware Research | OSCP| CEH | Metasploit | Malwarebytes | OSINT
    Find me on Twitter @razoreqx

Recent Profile Visitors

6,570 profile views
  1. Im no expert but isnt that keygen for bypassing copy protection?
  2. Here ya go. Thanks for the help MrC!! Result.txt
  3. Thanks TDSSKiller.2.7.33.0_28.04.2012_11.55.32_log.txt
  4. Case.zip DDS Attach Report[1] - From RogueKiller RK_QT folder case.zip
  5. I'm not convinced this wasn't just a file transfer to my machines public share from another infected machine on my /user/public directory. Mbam turned up a bunch of PUP on the other machines but no banker bots. Anyone see anything in those log files i'm missing? Ran a full scan with MSSRT Apr 2012 and saw nothing. Ran FRST64 which I have also attached. FRST.txt
  6. Pretty sure I got it all but calling on the experts for a 2nd opinion. Was Trojan.Banker. DDS.7z
  7. Dear Heavenly Father thank you for this diet coke and bag of chips my stomach is about to receive. Father, thank you for keeping me and my family safe. And especially Father, thank you for Malwarebytes, may you continue to watch over them as they continue to write code to protect my ‘ass’ ets and persistently make me look like a prodigy among my peers. Amen
  8. Thanks for the welcome and after 22 years working in this field one thing I've continued to do is listen I’ve never stopped learning. I still think (what to call them?) "Commercial Security Packages" belong in a corporate environment where there are more controls over the applications and OS privileges, and policies to govern over them. I think what drove me to my opinion about AV / security suites was more my experience with home use. Often the products completely consume the resources of the machine (sometimes even worse than malware) making legitimate applications run slowly. They also inundate the user with pop up messages and warnings, most of which are not understood, and often ignored or answered incorrectly. Let’s take my wife as an example. I’d call her your average social media sponge, with a fairly average appetite for online shopping....In the past year I’ve had at least three "AV Security Solutions" installed on her PC. I’ve had these products at various “recommended” security protection levels and spent hours whitelisting legitimate sites and applications. What I would call “good husbandry” of all the false positives she had uncovered. . I’ve tried various OS level account privilege settings, browser settings, NOSCRIPT addons, and other safe browsing techniques, but find many of them alter sites to the point of being broken and unusable or displayable, and many of their pages fail to function. To date she’s had Fake.AV infections at least six times, encountered countless undetectable droppers and key loggers.. The first few times she was infected I did some investigation as to how this was allowed to happen. When asked if the computer warned her about the activity I was informed she merely clicks on the boxes until they go away. So in the last few months I have resorted to Home Server with “working” images for each of my family member’s computers. When I come home from work only to be greeted with complaints about a computers performance or inability to browse the Internet I merely drop in a bootable CD and within minutes the computer is back up and running again.
  9. Thanks for the link David. I do understand the difference between AV and Malwarebytes. I guess my point was AV is kinda like Intrusion detection systems, old and outdated. Who really writes Virus code anymore? 99% of the malicious code I see traffic from 22,000 users is Malware. Either phishing click hijacking, CSS, or browser exploit or a combination thereof... Once in a while our AV solution (to remain nameless) will stop an execution but most of the time its detected by heuristic activity and by then you're already infected..
  10. I run Malwarebytes period... I dont believe in host based firewalls and Antivirus anymore
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.