Windows 10 Conquer Loader Windows Defender

Page 1 of 4 1 23 Last »
11/23/2016 12:59 desiredphoenix#1
So it is apparant that the conquerloader.exe has "malware". This file was submitted to microsoft 3 weeks ago as a sample file. The past week I have been persisting with removing the false from windows defender.

As of Yesterday there is a new update for windows 10. This also includes the removal of the false positive. So I have been informed. Can someone please check if this is true? I can update to windows 10 but not right now as Visual studio is consuming most of my ssd.

I am almost certain that this update contains the removal of the false detection due to my persistence and close workings with Microsoft. I have the files if anyone wishes to try it. Alternatively "Malware has been Detected" and will be removed.

Once I am finished with VS this week, I will update to win10. In the meantime, if someone can see if this is now cleared, I will start sending the file to every AV listed as detected via virustotal
11/23/2016 13:35 Super Aids#2
Disable Windows Defender. It sucks anyway.
11/23/2016 14:55 desiredphoenix#3
Yea I know but i cant tell everyone who joins my Pserver to do that
11/23/2016 17:23 Spirited#4
No. It is a virus, for the client. It hooks and modifies code for the client executable. Holy Duh is it going to be flagged.
11/24/2016 05:04 desiredphoenix#5
Not if I have anything to do about it
11/24/2016 08:01 Super Aids#6
Quote:
Originally Posted by desiredphoenix View Post
Not if I have anything to do about it
You don't, because you're not the mastermind behind every single AV that exist.
11/24/2016 08:06 desiredphoenix#7
No but I can contact those on the virus total report dumb shit
11/24/2016 08:22 turk55#8
Quote:
Originally Posted by desiredphoenix View Post
No but I can contact those on the virus total report dumb shit
What part of it act like an virus did you not understand ?
11/24/2016 08:35 Super Aids#9
Quote:
Originally Posted by desiredphoenix View Post
No but I can contact those on the virus total report dumb shit
And then what? They should allow any process that acts like Conquerloader???? Brilliant idea.
11/24/2016 08:48 Spirited#10
Quote:
Originally Posted by desiredphoenix View Post
No but I can contact those on the virus total report dumb shit
Please refrain from calling members extremely ironic terms. No, that is not how that works. Even if you directly modified the executable itself, the executable is signed. It would require resigning which is expensive and doesn't even guarantee that it passes by anti-virus programs. Code injections, network drivers, etc - all detectable by anti-virus programs. And contacting anti-virus companies is the largest amount of snake oil I've ever heard of. Stop it. Shoo.
11/24/2016 09:52 desiredphoenix#11
Its not signed. Resigning isnt expensive and it does if you hand them your pfx file. You stop it. Youve been fucking trolling me since the fucking start.

You don't even know what your talking about

Dont you think I already tried digitally signing it you nub
11/24/2016 10:13 pintinho12#12
Maybe the signature ended, but it still have it.
[Only registered and activated users can see links. Click Here To Register...]
Even tho it's not expensive, forgive my inexperience, how the fuck you will do it with a program that you don't fucking own?

You can get a cracked Conquer.exe if there is any out there, check what they NOPED with a disassembler and try to do your own cracked Conquer.exe.
"What an amazing idea, how did I never think about it?"
11/24/2016 14:12 desiredphoenix#13
Ha, You think its that easy? Try and nop the 5517 exe. They changed the memory edits dumb dumb

Its like saying you can still edit server.dat LOL
11/24/2016 16:41 pro4never#14
Quote:
Originally Posted by desiredphoenix View Post
Ha, You think its that easy? Try and nop the 5517 exe. They changed the memory edits dumb dumb

Its like saying you can still edit server.dat LOL
..... I run a 5517 server and that's how we did it. I would never, ever try to use a loader for a publicly hosted server because by definition such a program behaves like a virus and therefor SHOULD be blocked/detected by any competent AV program.

Bypass the decryption in the .exe to load a plain text server.dat file (works perfectly)

Edit the server.dat encryption keys in the client so that you can re-encrypt your own (works perfectly and blocks users from editing server.dat)


Neither method will have any issues with AV programs but keep in mind most conquer.exe files themselves get flagged.
11/25/2016 03:36 desiredphoenix#15
So then how do I go about redistribution?, I've asked you for the slightest bit of help and you wouldn't, I know your running a server as I seen it in releases. The least you could so is let me pay you (with money I dont have yet) for a tiny bit of help. Instead you completely ignored my pm. I'm forced to take this shit to microsoft for example

Im forced to sift through code day and night, I'm forced to find alternatives outside my skill range. I only needed a few hours of your time and you post here as if the shit is actually possible for someone who hasn't had years of experience. Not only that, my pc is running with less then 1gb of its solid state memory left.... so I need to buy a new computer and format this one fir the hundreth time
Page 1 of 4 1 23 Last »