[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <b7bc1b1f0409230954193aefb8@mail.gmail.com>
From: uberguidoz at gmail.com (GuidoZ)
Subject: Rootkit For Spyware? Hide your adware from all Adware removers and Anti-viruses
> It is quite possible to hide processes, reg keys and files, and is often
> done by various malware.
Aye. I didn't word my statements correctly. (Was tired... =P ) You are
very much correct.
I guess I was trying to speak along the lines of AV detection and
forensics. I've yet to find a rootkit, spyware, or malware that is
COMPLETLY hidden, in every aspect, from the user. There is always a
way to find it. Granted, they can bypass the "usual means" (regedit,
taskmanager, etc) in Windows, however there are specialized tools
(process viewers for example) that show hidden processes. What I meant
to express is they seem to claim being able to hide from everything.
(Even if an AV solution detected the very program they use as an
installer.) That, I doubt.
To save someone else from saying this, I'll reply to my own comment. =)
> I've yet to find a rootkit, spyware, or malware that is
> COMPLETLY hidden, in every aspect, from the user.
Well, DUH. How could you find it if it was COMPLETELY hidden? ;)
Clarification: The user and a sysadmin that has a clue are two very
different people.)
--
Peace. ~G
On Thu, 23 Sep 2004 14:38:34 +1000, Matt <matt@...temlinux.net> wrote:
> GuidoZ wrote:
> > Interesting indeed. Although, I imagine this was a spam email, and I
> > never believe (nor buy) anything from spam. I wondr how credible this
> > really is. If there was such a way to do what they claim, don't you
> > think it would have been big news? >One would think you wouldn't first
> > hear about it through spam.
> >
> It is quite possible to hide processes, reg keys and files, and is often
> done by various malware.
>
> > Also - nice website they have. http://www.randexsoft.com Simply says:
> >
> > Access Forbidden -- Go away.
> >
> > I love a company who is customer friendly.
> >
> > --
> > Peace. ~G
> >
> >
> > On Wed, 22 Sep 2004 20:10:28 -0700 (PDT), Will Image
> > <xillwillx@...oo.com> wrote:
> >
> >>I recieved this in my inbox today:
> >>how long do you think this company will last?
> >>
> >>
> >>>Date: Wed, 22 Sep 2004 19:02:44 -0400
> >>>From: Jacques Tremblay <jacques.tremblay@...il.com>
> >>>To: xillwillx@...oo.com
> >>>Subject: Hide your adware from all Adware removers
> >>>and Anti-viruses
> >>>
> >>>To: Business development manager
> >>>
> >>>Subject: Hide your adware from all Adware removers
> >>>and Anti-viruses
> >>>
> >>>
> >>>
> >>>Hi,
> >>> Adware removers are gaining in popularity and
> >>>they cause a big
> >>>revenue threat to adware based businesses, as we see
> >>>our software
> >>>installations get desinstalled after a period of
> >>>time that is shorter
> >>>and shorter, we see our revenues get smaller and
> >>>smaller.
> >>>
> >>> Why would an honest adware based business
> >>>lose revenue just because
> >>>some adware remover has identifyed it as being
> >>>something to remove ?
> >>>
> >>> We beleive we have the right to hide from
> >>>these adware removers as
> >>>long as we provide a way for the user to uninstall
> >>>and that he agrees
> >>>that the software will be uninstalled only with the
> >>>provided
> >>>uninstaller.
> >>>
> >>> It is in that spirit that we created the
> >>>solution to the problem :
> >>>
> >>>
> >>>AdProtector 1.2
> >>>
> >>>
> >>> We have developed software capable of hiding
> >>>your software from all
> >>>adware removers and anti-viruses on a Windows
> >>>NT/2000/2003/XP machine.
> >>>
> >>> Basically we have filtered the windows kernel
> >>>so that we could mofify
> >>>the behavior of the system itself. So now we can
> >>>hide anything we want
> >>>from windows.
> >>>
> >>> It can : - Hide Registry Keys
> >>> - Hide Files
> >>> - Hide Processes
> >>>
> >>> By hiding these 3 key elements from windows,
> >>>your application won't
> >>>ever be detected by any adware removers.
> >>>
> >>> Interesting ?
> >>>
> >>> For more information or to resquest a Demo :
> >>> email :
> >>>hexa@...dexsoft.com
> >>>
> >>>Business is moving fast, keep ahead of the
> >>>competition!
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> >
>
--
Peace. ~G
Powered by blists - more mailing lists