Jump to content
xisto Community
georgebaileyster

Urgent Advisory Undetectable malicious code threat

Recommended Posts

This is an urgent advisory to all of you out there. The issue is surrounding reader_s.exe and the false information on removal.

 

This file is not the issue, it is the product of the issue..... In simple terms, reader_s.exe is not a virus upon initialization which is why your Anti-virus and firewall can't find it. I have taken the time to produce a full explanation in simple english and instructions on how to remove it as well as re-building the system safely without re-infection occuring.

 

You can freely download the PDF file from our sub-site at http://forums.xisto.com/no_longer_exists/ - this is not a joke but a genuine and serious responce to a genuine and serious threat. I will not be posting this info on any other forums or sites so leave it to the good people out there to pass the message on.

 

This infection installs itself as part of your anti-virus and firewall and therefore, all other trojans, worms and viruses it downloads and installs are also invisable.....

 

Suffice to say, if you choose to ignore and you catch a cold then so be it. Sorry for being cold on this one but am fed up with all AV companies and Adobe for ignoring information provided to them and leaving the Internet public blind.....

 

Good Luck. :D

Share this post


Link to post
Share on other sites

Although it would help to provide more information about this threat such as how can people get it, what names does it go by and such stuff like that, of course it would be better to provide a better crediable removal website then the one you provided since all we know is your site could be booby trapped with it.

So to help those understand this threat more check out the following sites:

Site #1

Site #2

Alternate Removal Site

Share this post


Link to post
Share on other sites

Although it would help to provide more information about this threat such as how can people get it, what names does it go by and such stuff like that, of course it would be better to provide a better crediable removal website then the one you provided since all we know is your site could be booby trapped with it.
So to help those understand this threat more check out the following sites:

Site #1

Site #2

Alternate Removal Site


Saint Michael,

I appreciate your comments and understand why you say this. However, the whole point is this:-

We were infected with this little problem some three weeks ago and, obviously, searched for all credible sites and answers to the problem. All we got was re-infection...... What happens is this. Some twit downloads something they shouldn't, then, the first section of the installer is the one writeing to the windows folders and registry as part of the program installation - following so far - As their is no virus at this point in time, their is no protection. Next, system reboots during which the cloned windows files are written just before power down and registry entries made - at this point in time ALL windows applications INCLUDING windows itself have already quit - so, when restarted, the registry and cloned files now exist in place of the originals and by the time windows has started - particularly if you have xDSL or similar, you have already downloaded and installed at least half a dozen trojens.... these also run un-discovered as they first one is registered as part of your anti-virus and firewall apps.

Aside from that, you don't get viruses from PDF files (not yet at least). We have reported the issue to numerous AV majors as well as Adobe with no response. It took 7 days and 5 nights to get this all tracked, traced and debugged.

The reason I cannot give a list of known files is simply we do not the full origins as yet, only the reader version of which i can tell you version 6 was released last week - am just analysing the files as I write this...

I have attached the PDF to this post as at weekends the African xDSL actualy provides more than 400bytes per second...

Warmest regards

George

reader_info.pdf

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.