Virusburst
in [Spyware]
|
From: Φ Kwatu Φ on 19 Dec 2006 10:28 pcbutts1 wrote: > Also you are forgetting that Spyerase is just a tool that targets a certain > type of Malware only not the whole shebang. That's why it works better for > that type of spyware. > Then why do reply to almost every post with this reply when clearly a when no zlob trojan is evident ? Reason: You have no understanding of the underlying problem and just willy nilly post this in reply.
From: Dustin Cook on 4 Jan 2007 02:02 "pcbutts1" <pcbutts1(a)fuckleythosthestalker.com> wrote in news:UdidnTYAJKBF6RrYnZ2dnUVZ_rylnZ2d(a)giganews.com: > Yes I do. The Zlob variants that Spyerase targets only generates a > certain pattern of various file names and only in certain directories. > After adding all those file new names it is very easy to see the > pattern. It is the very basics of how the signature detections work > except it is more direct. It removes the files from the folders and > the registry. There are a lot it removes that others miss including > SAS. As much as I don't like Nick I still send him samples that I find > that SAS misses. > Sorry for the huge delay in a reply, I have been out of state... I've taken another look at your batch file, and it can easily delete innocent files should one or more of them happen to be named as in your script. Your batch file relies on file name and location only to determine if the file is malware or not. No further checking is done by you. This puts the user in a very bad situation, imho as you offer no way to undo the damage. -- Dustin Cook Author of BugHunter - MalWare Removal Tool -V2.0 web: http://bughunter.it-mate.co.uk email: bughunter.dustin(a)gmail.com.removethis Last updated: January 4th, 2007
From: pcbutts1 on 4 Jan 2007 19:34 Before those files are added to Spyerase they are checked and confirmed not to be system files on 4 different systems Win2000, XP, server, both laptops and desktops. We are now running tests with Vista. There have been zero reports from anyone so far but we do keep backups just in case. We even fix the damage caused by the real thief's roguefix file. -- Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads The list grows. Leythos the stalker http://www.leythosthestalker.com, David H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz, Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell "Dustin Cook" <spamfilterineffect.see.sig(a)nowhere.com> wrote in message news:Xns98AE14779E725HHI2948AJD832(a)69.28.186.121... > "pcbutts1" <pcbutts1(a)fuckleythosthestalker.com> wrote in > news:UdidnTYAJKBF6RrYnZ2dnUVZ_rylnZ2d(a)giganews.com: > >> Yes I do. The Zlob variants that Spyerase targets only generates a >> certain pattern of various file names and only in certain directories. >> After adding all those file new names it is very easy to see the >> pattern. It is the very basics of how the signature detections work >> except it is more direct. It removes the files from the folders and >> the registry. There are a lot it removes that others miss including >> SAS. As much as I don't like Nick I still send him samples that I find >> that SAS misses. >> > > Sorry for the huge delay in a reply, I have been out of state... > > I've taken another look at your batch file, and it can easily delete > innocent files should one or more of them happen to be named as in your > script. Your batch file relies on file name and location only to determine > if the file is malware or not. No further checking is done by you. This > puts the user in a very bad situation, imho as you offer no way to undo > the > damage. > > -- > Dustin Cook > Author of BugHunter - MalWare Removal Tool -V2.0 > web: http://bughunter.it-mate.co.uk > email: bughunter.dustin(a)gmail.com.removethis > Last updated: January 4th, 2007
From: Dustin Cook on 4 Jan 2007 19:48 "pcbutts1" <pcbutts1(a)leythosthestalker.com> wrote in news:5PSdnRSupPG5AADYnZ2dnUVZ_qWvnZ2d(a)giganews.com: > Before those files are added to Spyerase they are checked and > confirmed not to be system files on 4 different systems Win2000, XP, > server, both laptops and desktops. We are now running tests with > Vista. There have been zero reports from anyone so far but we do keep > backups just in case. We even fix the damage caused by the real > thief's roguefix pcbutts, The point I made was the fact your script is hard coded to look for filenames, not content. A malicious program could easily (if one should be so inclined) rename valid system files as something from your script; if the user uses your script, his/her system would be at risk of harm. Not only from whatever malicious software they've acquired, but your script's attempt to remove it could have dire consequences. While this would have to be a targetted attack, the fact remains it could be done. You really, should not, rely on a filename to tell you what the file actually is. -- Dustin Cook Author of BugHunter - MalWare Removal Tool -V2.0 web: http://bughunter.it-mate.co.uk email: bughunter.dustin(a)gmail.com.removethis Last updated: January 4th, 2007
From: Chaz P. Klinder on 4 Jan 2007 19:52
pcbutts1 wrote: > Before those files are added to Spyerase they are checked and confirmed not > to be system files on 4 different systems Win2000, XP, server, both laptops > and desktops. We are now running tests with Vista. There have been zero > reports from anyone so far but we do keep backups just in case. We even fix > the damage caused by the real thief's roguefix file. > More lies from the habitual liar and more defamation. There is no "we". There is only Christopher Butts. There are NO backups made by SpyErase. It uses the DEL comamnd freely w/o "quarantining", renaming or other False Positive prevention problem prevention. Stuart did not steal from you, you stole from Stuart and plagiarised the code of RogueFix. Christopher Butts you are a liar, a thief, a all around low-life. It is bad enough that you plagiarised RogueFix to fisrt create SuperFix and then rename SuperFix to SpyErase but to constantly defame the true author, the one YOU stole from, will not be tolerated. Your own actions will catch up with you. You will pay for your actions, abuse, plagiarism, lies and other misdeeds. This is NOT a threat - this is a promise as we know who you truly are and you will be held accountable. |