Closed error0x1337 closed 3 weeks ago
I think its not working properly after reboot. i manually ran service64.exe and it only hide explorer.exe but everything is visible everywhere. like services task schedulers and regedit names
Oh. mb i run it with uac and it worked. srsry. (but startup pw command is still detected. by wd)
its not fud dumbass its malware
its not fud dumbass its malware
im not saying its fud u brain fucked
THATS WHY U A BRAINFUCKED <3 bro made a rootkit removal
Not sure whether Windows Defender starts detecting r77 again after it didn't detect it for the past 6 months.
Either way, open source solutions will never be FUD. And I can't help you either, because I can't be fixing detection issues all day long. All I can do is to implement the installation process in such a way that it's entirely fileless and easy to FUD it yourself, if you need to.
@bytecode77 and can you tell me why testconsole throws this error ?
basically u fucked up code and u need to fix it
basically u fucked up code and u need to fix it
i didnt do anything lol
Guys... Please stop fighting. Let's be constructive:
@error0x1337 I can't say anything about the error message, because I didn't encounter it. If I did, it would have been fixed long ago...
And from experience I can tell that you made no attempt to debug it. The professional way to handle it is to debug the issue before posting. That way, you may even be able to fix it immediately yourself. The "premium behavior" in the open source world would be to post the issue and cause so that I can fix it for future users.
Anyway, please debug the issue, otherwise this is just one of a dozen posts / emails I receive throughout the week. I simply can't respond to 100% of them.
Okay, AMSI has been updated on Defender 11 not sure about 10 but im sure it will be coming soon enough so the reason it's detected is because the AMSI Module has been updated meaning AMSI Bypass is most likely broken and/or getting detected
Yes, of course any bypass will eventually be broken. From time to time I look into the reasons why a bypass no longer works. Although I don't bother with signature based detection on the Powershell snippet, I do implement fundamental evasion techniques, such as the polymorphism on the Powershell, which kept Windows Defender away for a whopping year...
Hello again. service cant run at startup bro. av is blocking it. At line:1 char:1
Any suggestions?