Windows Recovery Malware Removal vid
Watch it here!
Malware Sample Download Locations
Dec 18, 2011
Still ISO a complete ZeroAccess malware sample… But thought I would share a few spots I’ve found to pick up various malware samples for others in their search… A lot of people know of www.malwaredomainlist.com a site listing infected domains. Unfortunately all but the most recent entries on the site are usually already taken down or no longer spread infection. Then there is http://www.offensivecomputing.net/ where you can directly download samples. I have several notes for you on this site....
ISO: Malware samples, especially ZeroAccess
Dec 18, 2011
Please email me your COMPLETE samples (I want a nice full infection here, no stubs!) Prefer you compress in 7z format, and password protect the archive. Then rename to a non-standard file extension. I don’t need my email provider rejecting important mail! Trying to collect good samples with which to make some new Youtube vids demonstrating removal techniques with D7. Thanks!
D7 v4.8.1 & Missing Non-Plug and Play Drivers in Device Manager
Nov 10, 2011
First, I hope you know that D7 has ALWAYS done the set devmgr_show_nonpresent_devices=1 environment variable bit before launching Computer Management in the Windows tab, so you can simply select Show Hidden Devices in the Device Manager and see actual missing devices and the Non-Plug and Play Devices category. That feature is a given, and has been around since long before D7 went public. The Missing Non-Plug and Play category in Device Manager: However,...
ZeroAccess Malware Removal prompts new D7 features!
Oct 13, 2011
D7 v4.6.4 now includes special methods related to deleting the reparse point created by this malware on the Tweaks tab > NTFS Junctions. The new function is “Destroy Junction” which will be able to delete the junction point on top of the directory where the malware hides, allowing you to then delete that directory. Haven’t seen this malware before? I’m talking about what some call “zeroaccess” and it can be easily identified because you will...
Quickbooks takes 10+ minutes to load a company file on a network share…
Oct 8, 2011
Never forget DNS! Had this issue recently, where QB literally took 10 minutes to load the default company file. When no company file was loaded by default, QB started almost instantly. Network traffic was nil, and I could access the appropriate share without issue. It took me a minute to add two and two. Note by “server” I mean any machine hosting your Quickbooks company file, and by “workstation” I mean any PC with...
Outlook freezes / cannot connect to Exchange / no error message.
Oct 5, 2011
Exactly as it sounds. Outlook freezes for a bit, after 5-10 minutes finally displays “disconnected” from Exchange server. Cannot connect, and any attempt to do so will freeze it up again until it finally fails. No error messages. The Fix: correct the system time! Turns out this client’s system time was set to a MERE 40 minutes into the future. Imagine that – it causes Outlook to freeze up when trying to connect to Exchange....
Windows Installer Error 2203 – Revisited (and Security Essentials Error 0x80070643)
Sep 27, 2011
So I ran into this issue again, (see my previous post here), and again after a TDSS rootkit and other malware removal… but my previous “fix” of taking ownership/permissions of the user’s %temp% directory didn’t work this time. After numerous attempts at fixing the issue with trying to take permissions on various locations suggested in various articles, I gave up. But I fixed it. By “gave up” I mean, I assigned new permissions to...
Windows Installer error 2203
Aug 31, 2011
When installing any app using the Windows Installer service, you get error 2203 either by the app’s installer or in the system event logs reported by Windows Installer. You’ve probably got a permissions issue. Microsoft and various articles suggest you don’t have all the appropriate permissions to the “install” directory. This is different for every app and is typically CREATED with default permissions, unless it already exists, so what gives?! Some articles suggest the “installer”...
VB6 + Manifest Creation and Embedding.
Jan 11, 2011
First, what I’m trying to accomplish is not XP Visual Styles or any of that mess. I’m only after ensuring that the application runs as Administrator on Windows Vista-10 boxes, so it functions properly. I’ve found numerous resources on manifest creation and embedding, all in various locations with some different techniques, all seem to involve a convoluted process of embedding the manifest, and even creation is wacky with padding the manifest to an even 1k...
Latest News
-
CryptoPrevent v23.5.5.0 just released! v23.5.3.0 Fixed an issue sending email with Office 365 SMTP...
Read More -
d7x v23.1.12 Release Notes Resolved an issue where DataGrab would backup everything except your...
Read More -
d7x v22.8.10 Release Notes Resolved an issue with the “Reset Networking” and “Repair Winsock”...
Read More -
d7x v22.8.9 Release Notes Resolved an issue with the “Set Time Zone” feature on...
Read More -
d7x and Tweaky – Set Time Zone issue with Windows 11 (UPDATED Aug 9th 2022) UPDATE: this issue has been resolved in d7x v22.8.9 and...
Read More -
d7x v22.2.23 Release Notes It appears that d7x was not applying hidden file and...
Read More -
d7x v22.1.16 and v22.1.17 Release Notes Added Microsoft OneDrive integration for d7x Reports storage (see the...
Read More -
d7x v22.1.15 Release Notes Added a user requested option to change the Info Report...
Read More -
d7x v22.1.14 Release Notes A new ‘d7x Release Notes (RSS)‘ window will display the...
Read More -
d7x v22.1.7 Release Notes Added new d7x feature to show system info on the...
Read More