Yeah, sort of but will use registry persistence to bypass registry notifications.

Or a botkiller may not remove it but simply quarantine it via unhooking it's rootkit using custom LoadLibrary() function. Then suspend the process via filtering the EIP so that the EIP will never land on the Process memory space to prevent any binary execution from happening.

Obviously removing is better but I did make the above feature too, useful for debugging.

I've just looked at the image in the first post and skipped all the pages.
And that's what I found:

SpaceWorm wrote:

Yeah, sort of but will use registry persistence to bypass registry notifications. Or a botkiller may not remove it but simply quarantine it via unhooking it's rootkit using custom LoadLibrary() function. Then suspend the process via filtering the EIP so that the EIP will never land on the Process memory space to prevent any binary execution from happening. Obviously removing is better but I did make the above feature too, useful for debugging.

Now, how the **** did you reach this topic.

LOL... No idea but still seems a good discussion right?

We were just talking about how DDOSing and stuf could down the internet then we came into Botnets then into the technicality of how a Malware works.

LOL

Who reported EssGeEich's awesome post? It's awesome, why would you report it?

Maybe someone really hates the word '****'?

Also "wtf" contains the word "fuck".
But I don't see it being reported, here.


...I have a bad feeling.

@LB Because they are idiots with thin skin. That is why they reported it.

Maybe they mistook it for a thumbs-up button.

EssGeEich, mine, and firedraco's posts have all been reported for no reason :(

It's an aftereffect from breaking the internet.

Now, how the fuck did you reach this topic.

Such is the mystery of the Lounge.

Who knows what marvellous adventures live within those previous pages.

Who dares even look?!

Maybe they are forever lost in the Cplusplus.com triangle. Never to be seen again.

Shouldn't it be easy to triangulate their position...?

I just realised:
If you have an object's distance form a single point, the object could be in an infinite number of places all on the circumference of a circle with the distance's radius.
If you have an object's distance from two points, it could only be in one of two places.
If you have an object's distance from three points, you have its exact location.
If you have an object's distance from n points (n>3) you will still have its exact location.
That is a massive scale down: infinity, two, one, one, one....

Script Coder wrote:
If you have an object's distance from two points, it could only be in one of two places.

Nope.
You will have a full bidimensional circle of probable positions, it could be on any point on its circumference.

EDIT: And with three points, you may still have more than one probable position.

Going to show you once I get GIMP installed on ubuntu.

Hope this is clear enough...?
https://dl.dropboxusercontent.com/u/83943521/Screens/f/cplpl/expl.png

You will have a full bidimensional circle of probable positions, it could be on any point on its circumference.

Please point out the flaw in my logic: If you have tow intersecting circles, then they only intersect at two points. True/False

Also, we are assuming that we know the location of the "towers" right?

EDIT: Would you mind labeling your diagram please

EssGeEich, your diagrams don't make sense. The distances are constant, you can't stretch the lines to draw pretty shapes.