Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by DjLizard

  1. lol @ http://www.foxiekb.com/ ("everybody deface it, that sux, noobs") edit: holy s***, it's got a rip-off of CCleaner too! http://www.getfoxie.com/img/cleaner.gif <- someone cross-post this to CCleaner forums
  2. I used to use POV-Ray when I was working at Canon (between calls, when I was bored), as well was tinkering with Terragen. I do all of my real development in Delphi :P
  3. Most of them already are pngcrushed. I've tried to crush many of the ones that aren't already crushed and they dropped by only a handful of bytes. If you play your palettes right, you can often beat GIF's tiny filesize with a properly made PNG.
  4. That's an actual infection. It seems to belong to Look2Me. http://www.atribune.org/content/view/28/
  5. Well it's not an acronym, so stop calling it a MAC :sick:
  6. TheNotifier is now v0.0.0.33. It is now fully Unicode.
  7. A very large number of known entries has been whitelisted, so there's not even much left to find (except spyware )
  8. Just released: v0.60.0.13 Dial-a-fix beta wiki entry
  9. Ok, I should be more specific - which will run even within "Safe mode command prompt only"? AppInit_DLLs and Winlogon both attack early, and will keep you infected even within S.M.C.P.O.. Since most programs can easily target and delete files that belong to all of the other autostart sections, I am not concerned unless there is a file that can't be deleted from within Safe mode w/command prompt. I have a Native API program on the way that is able to schedule the deletion of Winlogon/etc entries - this is going to beat the pants off having to delete the file from some other environment edit: Winlogon\System is next.
  10. For now, I'm targeting things that can run even in safe mode. Do either of those keys pose a threat if you're in safe mode? I am considering lots more tabs :sick:
  11. It's pretty rare that you'd see anything in AppInit_DLLs. There are only a few known legitimate entries for it, which I'll be building into the program shortly.
  12. DjLizard

    ISO Files

    Most CD burning programs, such as Nero, can do disc to disc copy. Norton Ghost ftw
  13. Updated first post with a new version and the changelog link. Check it out! :sick:
  14. DjLizard

    ISO Files

    I use UltraISO, and yes, you can make an ISO from a CD and then burn the ISO. You could have also used Nero to make an .NRG from a disc (using the Nero's Image Writer) or just straight copy disc to disc.
  15. I'm working on a prototype program that will (eventually) help fight one type of spyware infection - it's called TheNotifier, and it targets Winlogon/Notify attacks. Download: TheNotifier v0.0.0.33 (242KB, *.exe) Changelog: DjLizard.net I need everyone who uses Windows 2000 Professional, XP, Server 2003, or Vista to run this program. All it does (for now) is: Lists all Winlogon/Notify entries Lets you jump to a Winlogon/Notify registry entry Allows you to filter out the “known-good” entries What I need people to do is: Click "Known-good". Reply to this thread and let me know the Key and the DLLName of anything that still shows up (unless someone has already mentioned yours) Edit: if you get nothing, you don't have to post to say it Thanks!
  16. Just wanted to clarify for those that were confused: csrss.exe isn't supposed to show up in HJT. It was probably a trojan with a UNICODE name that made it look like the real spelling. The trick is that the malware authors are using cyrillic letters (like Russian) that look exactly like their English counterparts, but in code, don't count the same as English letters. They usually end up at the bottom of directory lists because they are characters that have a higher value than Z. You might find more of them if you do the following: Start > Run > cmd.exe cd \ cd %systemroot%\system32 dir /a At the bottom of the list, if you see anything with question marks in the filename, let us know what they are. Do not try to delete them.
  17. DjLizard

    RAM. Question

    Right. You will want to upgrade your RAM to 1 GB in the future though.
  18. DjLizard

    RAM. Question

    Well, being that you don't have 4GB of RAM, that article is irrelevant (I guess you didn't even read it, Tarun! It repeatedly talks about 3 & 4 GB of RAM ). Anyway, unless you have a separate video card, then your motherboard is using system RAM as video RAM for its onboard video chipset. It's using 24 MB right now. If you have an intel motherboard using one of Intel's latest graphics chipsets, this number may fluctuate up and down as your system demands more video RAM. You also may be able to adjust the amount of RAM it uses in system setup/BIOS (don't reduce the amount though).
  19. There were two main reasons why SP2 wouldn't install on certain machines when it first came out: malware, and buggy BIOS code. You should check for a BIOS upgrade from your computer or motherboard manufacturer as many systems that would not boot after SP2 was installed will suddenly boot fine once a BIOS flash has been performed. I know it for a fact, because I've had machines not boot after installing SP2, and a simple BIOS flash made them boot again. I've fixed tens of thousands of computers in my life, and I have installed SP2 on every machine that's ever come across my bench. None have left my shop without SP2, and none of them had any issues installing SP2 after a BIOS upgrade was performed.
  20. well it IS an import.... par for the course
  • Create New...