From: Rhonda Lea Kirk Fries on
In news:Xns9C7CEA41E2101HHI2948AJD832(a)69.16.185.247,
Dustin Cook <bughunter.dustin(a)gmail.com> wrote:
> "Rhonda Lea Kirk Fries" <rhondaleakirk(a)earthling.net> wrote in
> news:7gcqkaF2ll975U1(a)mid.individual.net:
>
>> One of the posters on a skydiving site I frequent is having a pop-up
>> problem (but only on the skydiving site). The first pop-up he
>> received said "welcome to sophalo.com." Of course, sophalo.com
>> doesn't exist. Now he's getting this page:
>>
>> hxxp://shop2.forless.com/?pid=559&keywords=skydive
>>
>> No one else on the site has admitted to having a problem, so I
>> suggested he try MBAM. No joy. He is, even as we speak, trying SAS,
>> and I told him I would ask around about his problem in the meantime.
>>
>> I did some googling, and the two most interesting threads are these:
>>
>> http://www.windowskb.com/Uwe/Forum.aspx/windowsxp/266392/Pop-Ups
>>
>> http://www.windowskb.com/Uwe/Forum.aspx/windowsxp/266392/Pop-Ups
>>
>> I was hoping someone here might have some helpful input, and if so, I
>> would appreciate hearing from you. Thanks much.
>
> I'd suggest he visit the forums at malwarebytes and post for help. One
> of our expert malware personal should be able to assist him with
> whatever issue the person is having.
>
> http://www.malwarebytes.org/forums/

Apparently he only did a quick scan the first time. I heard back today that
when he did a full scan, it found five items. He removed those items, and
the popups are gone.

--
Rhonda Lea Kirk Fries

The right to be heard does not automatically include
the right to be taken seriously. Hubert H. Humphrey


From: Dustin Cook on
"The Real Truth MVP" <trt(a)void.com> wrote in
news:TMGdnZaEGsTifD_XnZ2dnUVZ_r6dnZ2d(a)giganews.com:

> You can't do a heuristic scan of my file, the commands used are simple
> every day dos batch commands. You can try but all it will do is cause

Sure I can, easily. Any file containing links to your website, or your
handle/nick. Hell, that's a hueristic by itself that will cause low false
positives.

> an inconvenience to your users such as the length of time the scan
> takes, which is longer than other types. Also, depending on data since

As your not actually a programmer of any sort, you obviously wouldn't
know this, but it wouldn't take me 2 seconds on an old p3 cpu to scan and
identify all lines in your batch file with the name pcbutts; if that is
found AND a link to your website, AND it's a batch file (I can figure it
out by the structure, hueristics again); it's stolen junk from you most
likely and can be flagged, despite whatever lame little changes you make
to evade detection.

> it is only a batch file an increased number of false positives will
> occur. You know that will happen because there is nothing malicious
> about my files.

I disagree. Your batch file will delete a required key disabling
malwarebytes software; You will specifically rename our definitions file
to fuckyou.ref, and create an empty definitions file; disabling our
software's ability to protect the users. You also modify the users hosts
file and disable our software from acquiring a replacement/legitimate
definitions file. Those are all malicious actions on your part.


--
Dustin Cook [Malware Researcher]
MalwareBytes - http://www.malwarebytes.org
BugHunter - http://bughunter.it-mate.co.uk
From: Dustin Cook on
"Rhonda Lea Kirk Fries" <rhondaleakirk(a)earthling.net> wrote in
news:7gfr8jF2piccjU1(a)mid.individual.net:

> In news:Xns9C7CEA41E2101HHI2948AJD832(a)69.16.185.247,
> Dustin Cook <bughunter.dustin(a)gmail.com> wrote:
>> "Rhonda Lea Kirk Fries" <rhondaleakirk(a)earthling.net> wrote in
>> news:7gcqkaF2ll975U1(a)mid.individual.net:
>>
>>> One of the posters on a skydiving site I frequent is having a pop-up
>>> problem (but only on the skydiving site). The first pop-up he
>>> received said "welcome to sophalo.com." Of course, sophalo.com
>>> doesn't exist. Now he's getting this page:
>>>
>>> hxxp://shop2.forless.com/?pid=559&keywords=skydive
>>>
>>> No one else on the site has admitted to having a problem, so I
>>> suggested he try MBAM. No joy. He is, even as we speak, trying SAS,
>>> and I told him I would ask around about his problem in the meantime.
>>>
>>> I did some googling, and the two most interesting threads are these:
>>>
>>> http://www.windowskb.com/Uwe/Forum.aspx/windowsxp/266392/Pop-Ups
>>>
>>> http://www.windowskb.com/Uwe/Forum.aspx/windowsxp/266392/Pop-Ups
>>>
>>> I was hoping someone here might have some helpful input, and if so,
>>> I would appreciate hearing from you. Thanks much.
>>
>> I'd suggest he visit the forums at malwarebytes and post for help.
>> One of our expert malware personal should be able to assist him with
>> whatever issue the person is having.
>>
>> http://www.malwarebytes.org/forums/
>
> Apparently he only did a quick scan the first time. I heard back today
> that when he did a full scan, it found five items. He removed those
> items, and the popups are gone.
>

Normally shouldn't be required, I'll let Bruce know about it; Glad to
hear it worked out in the end tho. Thanks for keeping me updated on it.


--
Dustin Cook [Malware Researcher]
MalwareBytes - http://www.malwarebytes.org
BugHunter - http://bughunter.it-mate.co.uk
From: Dustin Cook on
"The Real Truth MVP" <trt(a)void.com> wrote in
news:rq-dnY3SrNq2CzjXnZ2dnUVZ_gadnZ2d(a)giganews.com:

> If you want me to take it out then have Marcin email me directly
> because I'm sure you lied to him about me and my software because you
> started detecting mine first. He needs to know truth. I'm also getting
> ready to partner with a competitor of yours who does not like your
> company very much and they are very interested in what Remove-it will
> soon be able to do.

*I* didn't speak to Marcin concerning you. Your application came up in the
experts forum, discussion took place, analysis followed, your program was
added. Nobody lied to anyone about anything. I personally, speaking only
for myself, don't care if you continue attacking our software or not. Your
userbase doesn't concern me. Marcin may feel differently, but I don't speak
for him.


--
Dustin Cook [Malware Researcher]
MalwareBytes - http://www.malwarebytes.org
BugHunter - http://bughunter.it-mate.co.uk
From: JD on
Dustin Cook wrote:
> "The Real Truth MVP" <trt(a)void.com> wrote in
> news:rq-dnY3SrNq2CzjXnZ2dnUVZ_gadnZ2d(a)giganews.com:
>
>> If you want me to take it out then have Marcin email me directly
>> because I'm sure you lied to him about me and my software because you
>> started detecting mine first. He needs to know truth. I'm also getting
>> ready to partner with a competitor of yours who does not like your
>> company very much and they are very interested in what Remove-it will
>> soon be able to do.
>
> *I* didn't speak to Marcin concerning you. Your application came up in the
> experts forum, discussion took place, analysis followed, your program was
> added. Nobody lied to anyone about anything. I personally, speaking only
> for myself, don't care if you continue attacking our software or not. Your
> userbase doesn't concern me. Marcin may feel differently, but I don't speak
> for him.
>
>

Is there any way the two of you could take this and the other ongoing
and pointless discussion to e-mail or just end it? You can't win with
butts. MBAM is respected, butts is not respected.

He seems to live for this bull$hit. No matter what you say to him he
will come back with more senseless bull$hit.

Have you been reading along with the other threads? He's tried to
convince me that these two pictures are him:

http://www.frontpageagency.co.uk/ "Sara x"

http://www.shorthaircutstrends.com/tag/blonde-hairstyles/
"Chic Blonde Hairstyle"

He's a female model?

Please. 8-)

--
JD..
First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4 5
Prev: 9710_7840_MOSCHIP_MSUninst
Next: MalwareBytes & BitComet