View Single Post
Old 9th April 2016, 01:04   #12
Hugh
Junior Member
 
Join Date: Apr 2016
Posts: 11
I agree, but as this is a customer request, we would like to investigate its feasibility. A configurable temp directory isn't a terrible idea neither, given how historically Cryptolocker and a few other malware seem fairly inflexible in this regard. That could certainly change, but most of them continue to rely on the system temp dirs and this 'fix' seems to provide some comfort to these companies.

I'm trying to understand how the _?= parameter works...is it part of the script, or supplied via the command line? I assume you supply a path following '=', what path should be supplied? I've tried supplying the installation dir in the command line, and while it does prevent the creation of the temp uninstaller in the system temp directory, it also messes up the uninstallation source directory. If I provide the correct directory (with spaces) with quotes (single or double), it fails to start; if I provide it without quotes, it appears to be entered correctly but the uninstallation actually fails to remove most of the files. The uninstaller also takes a parameter to specify the temp directory used by the script, which hopefully doesn't interfere with this parameter.

When you mention to start 'Exec '"$localappdata\uninsthack.exe" _?=$instdir'', do you mean to insert the line at the beginning of a different script?
Hugh is offline   Reply With Quote