BugHunt v1.6 - MalWare Removal Tool (SHAMELESS PLUG)
bughunte...@gmail.com
It's been a very long time since I've posted here. A very long time.
I'm posting again as you can clearly see. :) But, not with "VX"
attitude in mind. I've been working on a project originally designed to
assist me at work, but it's been revamped considerably and is actually
user friendly. I've had extensive alpha/beta testing done before I ever
thought of mentioning it here.
Anyways, I'm still alive and well (for those who care...heh) and here
is the program info and where to get it:
What is BugHunter?
BugHunter was designed to seek out and remove spyware/adware
components
often left behind using other removal tools. These programs are known
by
various names in the industry. CWS variants, Peper, etc. BugHunter
does
not edit the registry of the system, it simply identifies and
optionally
removes found files. As BugHunter relies on dat file technology
similar
to that of a virus scanner, updates to the datafile will be released
from
time to time on the Website.
Much like Peperfix and AboutBuster, this program is *not* designed to
replace the malware removal tools already available to you. It's
simply
designed to assist you in the removal of some pesky malware
executables
that many other applications miss. Likewise, BugHunter will very
likely
miss files the other applications find.
More information and the program can be found on this popup/advertising
free (really) website:
Thanks for your time people,
Dustin Cook
4Q
> Hi All,
>
> It's been a very long time since I've posted here. A very long time.
> I'm posting again as you can clearly see. :) But, not with "VX"
> attitude in mind. I've been working on a project originally designed to
> assist me at work, but it's been revamped considerably and is actually
> user friendly. I've had extensive alpha/beta testing done before I ever
> thought of mentioning it here.
Hi Raid (Dustin),
We missed ya. Actually Art Kopp brought your new existance to
ACV's attention a short while ago. Hmmmm. interesting to see
you have become an AVer after all your years as a hardcore VXer.
I spoke to an old VX (now AV) friend of ours recently, Benny/29A
he tells me AV will never accept old school VX no matter how
clever and skilled or how hard they try to change their leopard
spots. And he was no where nearly are VX attitude as you. :))
Still I know you are determined guy with loads of ideas and
computing skills.
>
> http://bughunter.atspace.org
>
> Thanks for your time people,
>
> Dustin Cook
*HAHAHAHA* You denied till your were blue in the face you
weren't Dustin Cook, not that it really matters. But don't
forget some of the fucko's you've crossed over the years
will never forget and try to make the VX shit stick to you.
cya goodluck
4Q / PZest
Art
>Hi Raid (Dustin),
>
>We missed ya. Actually Art Kopp brought your new existance to
>ACV's attention a short while ago. Hmmmm. interesting to see
>you have become an AVer after all your years as a hardcore VXer.
>
>I spoke to an old VX (now AV) friend of ours recently, Benny/29A
>he tells me AV will never accept old school VX no matter how
>clever and skilled or how hard they try to change their leopard
>spots. And he was no where nearly are VX attitude as you. :))
>Still I know you are determined guy with loads of ideas and
>computing skills.
Believe it or not, but I think Dustin's venture is interesting.
Apparently, his scanner works ok in plain DOS, which is nice.
I wish him well.
Art
James Egan
>Hi Raid (Dustin),
>
>We missed ya. Actually Art Kopp brought your new existance to
>ACV's attention a short while ago. Hmmmm. interesting to see
>you have become an AVer after all your years as a hardcore VXer.
>
Reported by ak but all as x years earlier by kw.
Jim.
kurt wismer
[snip]
> I spoke to an old VX (now AV) friend of ours recently, Benny/29A
> he tells me AV will never accept old school VX no matter how
> clever and skilled or how hard they try to change their leopard
> spots. And he was no where nearly are VX attitude as you. :))
> Still I know you are determined guy with loads of ideas and
> computing skills.
somehow i can't really see him caring that much about being 'accepted'
by the av industry... i may be wrong, but i suspect his motivation lies
elsewhere...
--
"they threw a rope around yer neck to watch you dance the jig of death
then left ya for the starvin' crows, hoverin' like hungry whores
one flew down plucked out yer eye, the other he had in his sights
ya snarled at him, said leave me be - i need the bugger so i can see"
kurt wismer
ummm... no offense intended, but are you channelling simon widlake?
i never could reliably parse his stuff...
James Egan
wrote:
>James Egan wrote:
>> On 20 Oct 2005 16:22:18 -0700, "4Q" <paul...@hushmail.com> wrote:
>>
>>>Hi Raid (Dustin),
>>>
>>>We missed ya. Actually Art Kopp brought your new existance to
>>>ACV's attention a short while ago. Hmmmm. interesting to see
>>>you have become an AVer after all your years as a hardcore VXer.
>>
>> Reported by ak but all as x years earlier by kw.
>
>ummm... no offense intended, but are you channelling simon widlake?
>
>i never could reliably parse his stuff...
I don't think many could parse sw's stuff very easily.
lol (not that he's dead)
For those that haven't been around so long, Kurt tagged raid as Dustin
Cook many years ago. Raid denied it then but there you go with vx'ers.
(Apart from 4Q of course who's always truthful. lol.)
Jim.
James Egan
wrote:
>> Reported by ak but all as x years earlier by kw.
>
>ummm... no offense intended, but are you channelling simon widlake?
>
>i never could reliably parse his stuff...
It's that uppercase R, isn't it?
Jim :)
Clay
wrote:
>On Fri, 21 Oct 2005 00:04:52 -0400, kurt wismer <ku...@sympatico.ca>
>wrote:
>
>>James Egan wrote:
>>> On 20 Oct 2005 16:22:18 -0700, "4Q" <paul...@hushmail.com> wrote:
>>>
>>>>Hi Raid (Dustin),
>>>>
>>>>We missed ya. Actually Art Kopp brought your new existance to
>>>>ACV's attention a short while ago. Hmmmm. interesting to see
>>>>you have become an AVer after all your years as a hardcore VXer.
>>>
>>> Reported by ak but all as x years earlier by kw.
>>
>>ummm... no offense intended, but are you channelling simon widlake?
>>
>>i never could reliably parse his stuff...
>
>I don't think many could parse sw's stuff very easily.
>lol (not that he's dead)
But he is. I miss Simon and his unique posting style. RIP good buddy.
>For those that haven't been around so long, Kurt tagged raid as Dustin
>Cook many years ago. Raid denied it then but there you go with vx'ers.
>(Apart from 4Q of course who's always truthful. lol.)
I thought it was GC who publicly claimed RaiD = Dustin. Hazy memories
though.
--
Clay mania dot com
James Egan
<one.ste...@intentionally.invalid> wrote:
>I thought it was GC who publicly claimed RaiD = Dustin. Hazy memories
>though.
Maybe. Anyway, Clueley doesn't deserve any kudos after leaving acv in
the hands of sugien, barlev et al
Jim.
Nicky
"Clay" <one.ste...@intentionally.invalid> wrote in message
news:69sgl15d4kc5ci4an...@4ax.com...
> On Fri, 21 Oct 2005 05:31:55 +0100, James Egan <je...@jegan.com>
> wrote:
>
>>On Fri, 21 Oct 2005 00:04:52 -0400, kurt wismer <ku...@sympatico.ca>
>>wrote:
>>
>>>James Egan wrote:
>>>> On 20 Oct 2005 16:22:18 -0700, "4Q" <paul...@hushmail.com> wrote:
>>>>
>>>>>Hi Raid (Dustin),
>>>>>
>>>>>We missed ya. Actually Art Kopp brought your new existance to
>>>>>ACV's attention a short while ago. Hmmmm. interesting to see
>>>>>you have become an AVer after all your years as a hardcore VXer.
>>>>
>>>> Reported by ak but all as x years earlier by kw.
>>>
>>>ummm... no offense intended, but are you channelling simon widlake?
>>>
>>>i never could reliably parse his stuff...
>>
>>I don't think many could parse sw's stuff very easily.
>>lol (not that he's dead)
>
> But he is. I miss Simon and his unique posting style. RIP good buddy.
Seconded :(
Hi Raid/Dustin
Nicky
4Q
I think a large part of our brain has evolved for the purpose
of analysing deception (and perpetrating the deed). Didn't
Desmond Morris cover some of this in one of his works? I'm guessing
Soooogmund Fraud (aka S.Freud) has taken the art much further
than most. (dammit I shouldn't kick a fucker when he's down *hehe*)
4Q
Gremlin
4Q wrote:
> Hi Raid (Dustin),
Hello King of Satire; I still frequent your site, although I haven't
had to spider it in over a year; You don't update it nearly as often as
you did.
> We missed ya. Actually Art Kopp brought your new existance to
> ACV's attention a short while ago. Hmmmm. interesting to see
> you have become an AVer after all your years as a hardcore VXer.
I'm Sorry? What new existance? I'm long retired from VX, I maintain
contact with a select few from that scene. Incidently, I'm not an Aver;
BugHunter doesn't scan for viruses. Perhaps you should check the site I
mentioned before you assume I went to the other side. Eh? Also, I'm
active in useful productive things dude, and have been for some time. I
doubt Art knows anything about it.
> I spoke to an old VX (now AV) friend of ours recently, Benny/29A
> he tells me AV will never accept old school VX no matter how
> clever and skilled or how hard they try to change their leopard
> spots. And he was no where nearly are VX attitude as you. :))
> Still I know you are determined guy with loads of ideas and
> computing skills.
Benny was a sellout. I'm not. :) BugHunter *again* does not look for
viruses. It looks for spyware/adware executables. I'm sorry pal, but
from what I've seen in the field, the virus scene might as well give it
up; The spyware scene is overtaking vxers 10 to 1. :(
> *HAHAHAHA* You denied till your were blue in the face you
> weren't Dustin Cook, not that it really matters. But don't
> forget some of the fucko's you've crossed over the years
> will never forget and try to make the VX shit stick to you.
That's the cool thing with computer crimes, Statues of limitations. :)
I've already chatted with several IT lawyers before releasing BugHunter
under my real name, and potentially admitting that I am Raid/Slam. So
no worries. :)
The BugHunter application was originally written for me at work, it
tends to catch things sysclean, stinger, fprot, adaware, spybot, and
even microshits products all miss. I suppose I have the upper hand,
seeing first hand infectees to extract live samples. :) It's my little
way of trying to undue the damage I caused several years ago.
Surprising as it is, some of us do move on and realize what a joke the
VX scene actually is. :)
Gremlin
"Believe it or not, but I think Dustin's venture is interesting.
Apparently, his scanner works ok in plain DOS, which is nice.
I wish him well. "
BugHunter is native dos based, but works great under ntfs4dos and
bartpe with msdos console support. IE: You can clean up an infected
machine pretty nicely with it. I extract live samples from computers in
for repair, After running sysclean, adaware, spybot, etc. The samples
BugHunter hunts are really the new ones not in everyones database yet.
I find ignorant customers who love to install everything to be a very
good source of spyware samples.
So yes, BugHunter is small. But, it removes those random named exes you
often find pointed too in hijackthis logs, you know, the ones your
major product missed; and that will still run when you reboot.
Besides, how many times have you found a box thats so badly infected
it's not able to run the windows scanners and cleaners? BugHunter is
handy for that.:)
Gremlin
"somehow i can't really see him caring that much about being 'accepted'
by the av industry... i may be wrong, but i suspect his motivation lies
elsewhere... "
You've got my curiosity... please, what is my motivation? You suspect
I'm still upto no good eh?
Gremlin
"I thought it was GC who publicly claimed RaiD = Dustin. Hazy memories
though. "
No. Actually your all wrong. :) Martin Overton gave me up years ago
over a silly dispute he and I had regarding one of his programs. He
took offense to my ability to completely evade his poor design. He left
his "bait" filenames in a plaintext .ini file. :)
4Q
> 4Q wrote:
>
> > Hi Raid (Dustin),
>
> Hello King of Satire; I still frequent your site, although I haven't
> had to spider it in over a year; You don't update it nearly as often as
> you did.
>
> > We missed ya. Actually Art Kopp brought your new existance to
> > ACV's attention a short while ago. Hmmmm. interesting to see
> > you have become an AVer after all your years as a hardcore VXer.
>
> I'm Sorry? What new existance? I'm long retired from VX, I maintain
> contact with a select few from that scene.
Well we were discussing trailerpark nightmoves and somehow
Art brought up your name, with reference to what you were upto.
> Incidently, I'm not an Aver;
Man, don't get so defensive. I meant AVer in a loose sense
and in a non-malware merchant (do they have another term,
security expert etc). It's a marked contrast to your old
VX image that's all.
> BugHunter doesn't scan for viruses. Perhaps you should check the site I
> mentioned before you assume I went to the other side. Eh? Also, I'm
> active in useful productive things dude, and have been for some time. I
> doubt Art knows anything about it.
see above.
Incidently I wrote a wrapper for my ipchains and squid proxy
to stop any crap hitting my browser. I nearly published the
half-baked thing too. But I though nah fuckem, lamers must
suffer. *hehehe*
> > I spoke to an old VX (now AV) friend of ours recently, Benny/29A
> > he tells me AV will never accept old school VX no matter how
> > clever and skilled or how hard they try to change their leopard
> > spots. And he was no where nearly are VX attitude as you. :))
> > Still I know you are determined guy with loads of ideas and
> > computing skills.
>
> Benny was a sellout. I'm not. :) BugHunter *again* does not look for
> viruses. It looks for spyware/adware executables. I'm sorry pal, but
> from what I've seen in the field, the virus scene might as well give it
> up; The spyware scene is overtaking vxers 10 to 1. :(
Cool, cool. I hope this work of yours goes OSS and you
do some good tutorial material.
>
> > *HAHAHAHA* You denied till your were blue in the face you
> > weren't Dustin Cook, not that it really matters. But don't
> > forget some of the fucko's you've crossed over the years
> > will never forget and try to make the VX shit stick to you.
>
> That's the cool thing with computer crimes, Statues of limitations. :)
> I've already chatted with several IT lawyers before releasing BugHunter
> under my real name, and potentially admitting that I am Raid/Slam. So
> no worries. :)
Yeah, good for you. Vecna explained his own situation over the
statues of limitations but that won't stop cunts like Jed Connors
coming after you with an axe, or some other dimbulb lynchmob.
> The BugHunter application was originally written for me at work, it
> tends to catch things sysclean, stinger, fprot, adaware, spybot, and
> even microshits products all miss. I suppose I have the upper hand,
> seeing first hand infectees to extract live samples. :) It's my little
> way of trying to undue the damage I caused several years ago.
> Surprising as it is, some of us do move on and realize what a joke the
> VX scene actually is. :)
Absolutely. I remember Evul telling me once his top three
candidates for attacting the law to themselves and VX were.
*T-2000 (rip 2001)
*Gigabyte
*Raid
Looks like you've all moved on in one way or another.
4Q
Clay
>Gremlin wrote:
[snippage]
>> That's the cool thing with computer crimes, Statues of limitations. :)
>> I've already chatted with several IT lawyers before releasing BugHunter
>> under my real name, and potentially admitting that I am Raid/Slam. So
>> no worries. :)
>
>Yeah, good for you. Vecna explained his own situation over the
>statues of limitations but that won't stop cunts like Jed Connors
>coming after you with an axe, or some other dimbulb lynchmob.
I believe that should be "Statutes" and not "Statues".
(Statutes of limitations)
4Q
*HAHAHA* You know all us malicious malware demons are
dyslexic bad spell fucks! Raidy will have to start using
a dictionary now he's going to be a pillar of the community
;]]
4Q
Clay
Heh. Normally, I wouldn't have commented but I laughed out loud at the
thought of "Statues of limitations".
Art
wrote:
You mention sysclean but not KAV. Do you use KAV with the extra defs
as well?
The reason I ask is that I had recently done some live infection work
using my Win 2K Pro machine as the goat. The malware I focused on was
primarily Adware which typically comes from various P2P and music
related sw. It was Adware that KAV detects in the install files, and I
was doing some fp testing.
I found that Spybot was effective in recognizing and removing much of
the malware .... but then afterwards, KAV would still find infested
files.
So that sort of thing ties in with what you're doing, apparently, in
trying to do a more thorough cleanup (for one thing). And thus, my
question concerning KAV and its effectiveness in your experience ...
along these lines of detecting/cleaning spyware and Adware.
The thing is, we know very little really about KAV's effectiveness
except via these litttle tests and experiences of our own. There's no
"respected" testing agencies doing comparatives that I know of.
David H. Lipman
Dustin:
I find this to be an "interesting" tool. However, I have a question.
In FIXDESK.REG you have..
"Userinit"="C:\WINDOWS\system32\userinit.exe,"
And you say it is for Win2K or WinXP. However, Win2K uses; c:\winnt
How does the software reconcile
C:\WINDOWS\system32\userinit.exe vs. C:\WINNT\system32\userinit.exe ?
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
Gremlin
"I found that Spybot was effective in recognizing and removing much of
the malware .... but then afterwards, KAV would still find infested
files. "
Sadly, I have found the same results; hence the need I thought for
BugHunter. KAV as well as Sysclean routinely find things those products
miss, but usually I still have to go and manually remove files they
missed. So BugHunter does it for me.
"The thing is, we know very little really about KAV's effectiveness
except via these litttle tests and experiences of our own. There's no
"respected" testing agencies doing comparatives that I know of. "
I don't really know of any testing agencies for this sort of material
either. I would submit bughunter for review if I did. Despite the fact
it scans for a small number of pure executables (not scripts, users can
remove those easily enough), the executables are apparently quiet
common.
Gremlin
"Hi Raid/Dustin
Nicky "
Hello :)
Gremlin
"Dustin:
I find this to be an "interesting" tool. However, I have a question.
In FIXDESK.REG you have..
"Userinit"="C:\WINDOWS\system32\userinit.exe,"
And you say it is for Win2K or WinXP. However, Win2K uses; c:\winnt
How does the software reconcile
C:\WINDOWS\system32\userinit.exe vs. C:\WINNT\system32\userinit.exe
? "
This is a screwup on my part. I didn't create the other .reg file to
assume C:\WINNT instead. One of the documentation writers has already
mentioned this, I will however add a greets to you in the thank you
section for pointing it out to me. I intend to have that resolved next
release.
BugHunter v1.7 will have some cosmetic suggested changes to logging,
one minor bug I've found fixed, and the ability to tell windows NT
systems to delete bad files on reboot like it can with win9x/me.
Regards,
Dustin
Gremlin
"Well we were discussing trailerpark nightmoves and somehow
Art brought up your name, with reference to what you were upto. "
I still don't follow. I don't really know much about trailerparks,
except how easy it is to get lost in one. :) I'm a lousy person with
directions.
"Man, don't get so defensive. I meant AVer in a loose sense
and in a non-malware merchant (do they have another term,
security expert etc). It's a marked contrast to your old
VX image that's all. "
I'm not defensive. I took your post wrong was all.
Security Expert is a neat job title I suppose. But it forces me to
always be on my toes. I sometimes do feel like i'm betraying the vxers.
I intentionally do not scan for viruses. Trojans, yes, keyloggers, yes,
dialers, yes.. spyware/adware, certainly. I hate those authors with a
passion. They make money and do it for the love of money, not the love
of the code.
I know many vx material was poorly coded, I was responsible for some
embarrasing code myself. But, spyware I'm afraid is even worse! Some of
it so unstable, I don't know how they ever expected it to spy on
people.
"Absolutely. I remember Evul telling me once his top three
candidates for attacting the law to themselves and VX were."
You know whats ironic? Evul attracted them, T-2000 attracted them after
his death, And Gigabyte was always a media wh0re anyway. Raid however,
never did meet them. :) Close, but that doesn't count.
Evul should have re-evaluated his opinion. He's met them, not me. :)
Gremlin
"Yeah, good for you. Vecna explained his own situation over the
statues of limitations but that won't stop cunts like Jed Connors
coming after you with an axe, or some other dimbulb lynchmob."
You know, that doesn't worry me. For a silly reason. I've been
diagnosed due to my childhood illness that I always knew was eventually
going to make my life here a short one. I'm already dieing bro, what
can they do? Kill me faster? :)
When your terminally ill and unsure how long you have left, but you
know the day is coming soon; You don't have time to screw off anymore.
I have to get stuff in order... my ripping group, HHI, Bughunter, etc.
I need them to survive or atleast be used for somewhat. :) I don't want
to see my group HHI go down in a ball of flames due to me. So really,
I'm no threat to you or anyone else. My days of destructive/harmful
code are long done.
Ant
> Dave,
>
> "Dustin:
>
> I find this to be an "interesting" tool. However, I have a question.
> In FIXDESK.REG you have..
>
> "Userinit"="C:\WINDOWS\system32\userinit.exe,"
>
> And you say it is for Win2K or WinXP. However, Win2K uses; c:\winnt
>
> How does the software reconcile
> C:\WINDOWS\system32\userinit.exe vs. C:\WINNT\system32\userinit.exe
> ? "
>
> This is a screwup on my part. I didn't create the other .reg file to
You can't assume the drive or directory name, but should use the
SystemRoot environment variable which contains both. For example,
mine is set to D:\WINNT
So the above reg file line would become:
"Userinit"="%SystemRoot%\system32\userinit.exe,"
Gremlin
"You can't assume the drive or directory name, but should use the
SystemRoot environment variable which contains both. For example,
mine is set to D:\WINNT
So the above reg file line would become:
"Userinit"="%SystemRoot%\system32\userinit.exe,"
Why thank you. If you wish to contact me at the email provided on the
website, I will happily give you credits in the docs as well. :)
4Q
> 4Q,
>
> "Yeah, good for you. Vecna explained his own situation over the
> statues of limitations but that won't stop cunts like Jed Connors
> coming after you with an axe, or some other dimbulb lynchmob."
>
> You know, that doesn't worry me. For a silly reason. I've been
> diagnosed due to my childhood illness that I always knew was eventually
> going to make my life here a short one. I'm already dieing bro, what
> can they do? Kill me faster? :)
> When your terminally ill and unsure how long you have left, but you
> know the day is coming soon; You don't have time to screw off anymore.
The realization that the end is coming. Like in Bladerunner when
Rutger has those last few precious moments of life. I'm welling up.
:'(
> I have to get stuff in order... my ripping group, HHI, Bughunter, etc.
> I need them to survive or atleast be used for somewhat. :) I don't want
> to see my group HHI go down in a ball of flames due to me. So really,
> I'm no threat to you or anyone else. My days of destructive/harmful
> code are long done.
Putting your house in order. Making your mark in the swirl of
atoms and particles. Interestingly after T-2000 killed himself
his creations carried on replicating in the wild. I was lucky
to catch his father looking for information about Ferdi's secret
VX life a year later and tell him about this, even though he
didn't agree with his sons VX path. He appreciated VXers still
carried a fond memory of him.
Raid, as hated as you could be sometimes. I'm sure VXers will
still remember you long after you've gone. Even, Mandragore
will put his french perfumed handkerchief to his weeping eyes.
;]]
Anyways gotta get back to mayhem, there's an Internet and
PC data to destroy out there!
4Q
David H. Lipman
David H. Lipman
|
| You can't assume the drive or directory name, but should use the
| SystemRoot environment variable which contains both. For example,
| mine is set to D:\WINNT
|
That's true. However, some Registry locations don't interpret this properly.
The following is one location that does.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
"DataBasePath"="%SystemRoot%\System32\drivers\etc"
Type; REG_EXPAND_SZ
I guess one would have to test the setting using the environmental variable.
4Q
> 4Q.
>
> "Well we were discussing trailerpark nightmoves and somehow
> Art brought up your name, with reference to what you were upto. "
>
> I still don't follow. I don't really know much about trailerparks,
> except how easy it is to get lost in one. :) I'm a lousy person with
> directions.
We were making fun of Trailerpark Sugien and discussing the
wide range of mobilehomes from the good end of the market to
the bad poor white trash end of the scale... Art jumped in and
piped up about you and your new career move (anti-malware), I
don't know why he assumed you lived in a trailerpark but he
knew it would catch attention in people mind here I guess.
Humour can be cruel even when not true.
> "Man, don't get so defensive. I meant AVer in a loose sense
> and in a non-malware merchant (do they have another term,
> security expert etc). It's a marked contrast to your old
> VX image that's all. "
>
> I'm not defensive. I took your post wrong was all.
> Security Expert is a neat job title I suppose.
Okay, but I think many people still refer to the industry
as a kind of generic AV thing. Even if the problem has
evolved in many different dirrections. Otherwise companies
like KAV (AVP) would have to keep updating their letterheads.
> But it forces me to always be on my toes.
See that ninja VX training did come in handy ;]]
>I sometimes do feel like i'm betraying the vxers.
> I intentionally do not scan for viruses. Trojans, yes, keyloggers, yes,
> dialers, yes.. spyware/adware, certainly. I hate those authors with a
> passion.
Who doesn't they are lowlife criminals mostly.
> They make money and do it for the love of money, not the love
> of the code.
Wow that sounds like MSWindows vs Linux :))
> I know many vx material was poorly coded, I was responsible for some
> embarrasing code myself. But, spyware I'm afraid is even worse! Some of
> it so unstable, I don't know how they ever expected it to spy on
> people.
Well if they don't have a passion for the code they will
probably never learn the fine art of survival in cyber-space.
>
> "Absolutely. I remember Evul telling me once his top three
> candidates for attacting the law to themselves and VX were."
>
> You know whats ironic? Evul attracted them, T-2000 attracted them after
> his death, And Gigabyte was always a media wh0re anyway.
Yeah and she attracted the fatmans attention too much, he
worked the media and used people like her to show his point.
>Raid however,
> never did meet them. :) Close, but that doesn't count.
>
> Evul should have re-evaluated his opinion. He's met them, not me. :)
True, true... The FBI took his server, however they never indited
him. Now he's faded away into VX oblivion.
4Q
4Q
> > Evul should have re-evaluated his opinion. He's met them, not me. :)
>
> True, true... The FBI took his server, however they never indited
> him. Now he's faded away into VX oblivion.
*indicted
I should add he told me his machine had been securely wiped
before they got their hands on it. I doubt Gigabyte and Coderz II
server had any such precautions. I feel sorry for all the people
that put their little secrets into a wannabe media whores hands.
<little secrets, whoever you are>
Not because of any criminality avoidance reasons but for the
philosophy of keeping secrets, secret then finding they'd
trusted the wrong muppet to keep that secret.
4Q
Art
>We were making fun of Trailerpark Sugien and discussing the
>wide range of mobilehomes from the good end of the market to
>the bad poor white trash end of the scale... Art jumped in and
>piped up about you and your new career move (anti-malware), I
>don't know why he assumed you lived in a trailerpark
I didn't. You missed the point of my barb. My weird sense of humor
made a connection between trailer park dwellers and "fly by night"
(or "drive by night") operators. The joke was supposed to be that a
vxer who starts writing anti-malware is a "fly by night" operator.
Sorry 'bout that. It was both a bad joke and unfair to Dustin who
appears to be truly done with writing viruses.
>but he
>knew it would catch attention in people mind here I guess.
>Humour can be cruel even when not true.
True.
And I think it's unfortunate that known former virus authors won't
get job offers in the av industry. The employers are no doubt scared
of potential bad publicity and "appearences". Former vxers are likely
to be exceptionally motivated to do well. And that's what it takes.
Drive, motivation and persperation.
4Q
> On 21 Oct 2005 12:19:44 -0700, "4Q" <paul...@hushmail.com> wrote:
>
> >We were making fun of Trailerpark Sugien and discussing the
> >wide range of mobilehomes from the good end of the market to
> >the bad poor white trash end of the scale... Art jumped in and
> >piped up about you and your new career move (anti-malware), I
> >don't know why he assumed you lived in a trailerpark
>
> I didn't. You missed the point of my barb. My weird sense of humor
> made a connection between trailer park dwellers and "fly by night"
> (or "drive by night") operators. The joke was supposed to be that a
> vxer who starts writing anti-malware is a "fly by night" operator.
ic
> Sorry 'bout that. It was both a bad joke and unfair to Dustin who
> appears to be truly done with writing viruses.
>
> >but he
> >knew it would catch attention in people mind here I guess.
> >Humour can be cruel even when not true.
>
> True.
>
> And I think it's unfortunate that known former virus authors won't
> get job offers in the av industry.
> The employers are no doubt scared
> of potential bad publicity and "appearences". Former vxers are likely
> to be exceptionally motivated to do well. And that's what it takes.
> Drive, motivation and persperation.
>
> Art
I've got nothing against VXers turning their coats inside out
technically, so long as they don't betray the personal confidence
of former friends. There's nothing wrong with wanting to be good
in a technical discipline whatever side of the line they stand.
It's all an evolutionary arms race, and somewhere along the line
some useful knowledge will be gained. Benny/29A for example did
some really good proof of concept stuff, now he's working on AI
heuristic detection... Great cus, he's going to be up against
some AI/VX that will make his AV useless again. Let's just hope
there isn't a lot of bandwidth energy wasting while the war
continues.
I believe I will see a true Artificial Life form(s) (AL) emerge
in the near future. See not only religion nuts can have blind
faith :))
The only true autonomous agents will be the free VX ones, all
others will be caged wannabe's ;]]
Free the VX!
</rant>
4Q
Ant
> From: "Ant" <n...@home.today>
> | You can't assume the drive or directory name, but should use the
> | SystemRoot environment variable which contains both. For example,
> | mine is set to D:\WINNT
>
> That's true. However, some Registry locations don't interpret this properly.
Ah, I didn't know that. On checking my own userinit setting, I see
that the path is in fact hard-coded. Perhaps that's the reason.
Better strike me from the credits.
> I guess one would have to test the setting using the environmental variable.
I don't think I'll try locking myself out of my system!
Incidentally, the string in that .reg file was not as posted. It
actually contained double (rather than single) backslashes in the
path. I presume this is because "\" is seen as an escape character.
David H. Lipman
| "David H. Lipman" wrote:
|
>> From: "Ant" <n...@home.today>
|>> You can't assume the drive or directory name, but should use the
|>> SystemRoot environment variable which contains both. For example,
|>> mine is set to D:\WINNT
>>
>> That's true. However, some Registry locations don't interpret this properly.
|
| Ah, I didn't know that. On checking my own userinit setting, I see
| that the path is in fact hard-coded. Perhaps that's the reason.
|
| Better strike me from the credits.
|
>> I guess one would have to test the setting using the environmental variable.
|
| I don't think I'll try locking myself out of my system!
|
I have examined that Registry key in the codings I create. One may make assuptions that if
one uses WinXP it is; C:\WINDOWS\system32\userinit.exe and if one is using Win2K it is;
C:\WINNT\system32\userinit.exe however, there are many WinXP systems using; c:\winnt and
some Win98 PCs updated to Win2K may be using; c:\windows. Therefore I haven't touched the
idea of hard coding it yet and I haven't tested that key using an environmental variable.
kurt wismer
> On Fri, 21 Oct 2005 00:04:52 -0400, kurt wismer <ku...@sympatico.ca>
>
>>>Reported by ak but all as x years earlier by kw.
>>
>>ummm... no offense intended, but are you channelling simon widlake?
>>
>>i never could reliably parse his stuff...
>
> It's that uppercase R, isn't it?
thank you... it's been a long time since someone made me laugh in this
forum...
--
"they threw a rope around yer neck to watch you dance the jig of death
then left ya for the starvin' crows, hoverin' like hungry whores
one flew down plucked out yer eye, the other he had in his sights
ya snarled at him, said leave me be - i need the bugger so i can see"
kurt wismer
no, nothing like that... elsewhere as in anywhere other than there...
the raid i knew was too much of an iconoclast to be overly concerned
with what the establishment thought of him... more likely to tell people
off than bend to their will...
my guess is you took your interest in viruses/malware/whatever and found
a new way to integrate it into who you are and what place you've found
for yourself in the world...
Art
>I believe I will see a true Artificial Life form(s) (AL) emerge
>in the near future. See not only religion nuts can have blind
>faith :))
That "near future" stuff has been around for as long as I can
remember. It never happens, and I don't think it ever will.
If you were a skeptic instead of a religious believer, you would also
have doubts that "life", "mind" and "consciousness" (qualia) will ever
be truly the properties of a machine. My own skepicism is based on
scientific studies of the paranormal. There are just too many
unexplained mysteries that the hard sciences are not equipped to
cope with.
That's not to say that machines which _seem_ to be conscious, aware,
and intelligent will not be developed. The engineering and computer
science we have now, it seems, should enable us to design such robots.
And perhaps "robot" isn't the best term to use since interesting
examples of machine creativity have been demonstrated long ago.
One test to tell whether or not some entity is AI or a living
biological being would be a test of its psychic abilities. Even
animals and birds have been shown to affect the random
generators used in psychic research. In fact, rabbits and young
chicks score much higher than most humans, presumably due to
their uninhibited nature.
You see, there does seem to be a "ghost in the machine" in the case
of biological living things. For all we know, there's a ghost in
inanimate matter ... literally every subatomic particle may well have
consiousness of its own kind. But the AI machine will not, presumably,
have a ghost wedded to its "brain". It will literally be "mindless"
and unconscious, even though seeming, for the most part, to be
alive, etc. And it will not affect the minds of truly living entities
via "paranormal" means, nor will it affect random number generators.
It also presumably won't reincarnate :)
Art
4Q
> On 21 Oct 2005 15:06:57 -0700, "4Q" <paul...@hushmail.com> wrote:
>
> >I believe I will see a true Artificial Life form(s) (AL) emerge
> >in the near future. See not only religion nuts can have blind
> >faith :))
>
> That "near future" stuff has been around for as long as I can
> remember. It never happens, and I don't think it ever will.
Okay I'm converted, fuck your good at this!
*hehehe*
I wasn't really meaning AI, but the other cousin AL
Here is a little table "Scheme of the criteria for life"
from Claus Emmeche, The Garden in the Machine.
Real Virtual
Computer Computer
Criteria of Life: Organisms Organisms
1. Patten in time/space + +
2. Self-reproduction (+) (+)
3. Self-representation + +
4. Metabolism (+) (+)
5. Organism/environment
relation + +
6. Parts in a functional
coherence + +
7. Dynamic stability (+) (+)
8. Evolution - +
9. Autonomy + -
Autonomy is here understood as defining the difference between
real and virtual computer organisms. The individual criteria
can be debated further, of course. A + sign denotes the criterion
must be fulfilled, a (+) sign is possibly fulfilled, and a
- sign as unfulfilled
</quote>
Autonomy is the key I think.
4Q
Art
I've never looked at AL research at all. AI intriqued me ever since
the late fifties when some research was going on using electrical
circuit analogs of neurons and synapses in the brain. Even back then,
neural network simulations were demonstrated to exhibit learning via
reward/punish inputs to recognize patterns, etc. It was thought then
that special ciruitry imitating the brain would lead to a leapfrog
over the emerging binary computer (or Turing machine) approach.
Stuff like that really juiced me up fifty years ago :)
Art
Gabriele Neukam
> Anyways gotta get back to mayhem, there's an Internet and
> PC data to destroy out there!
Eeew, not mine!
Well, I can sort of understand your motives, although I don't share
them. Proving one's skill, cunning, showing off (at least Gigabyte),
proving oneself in a new unexplored discipline.
But those times are over. Assembler doesn't cut it any more, it is C-
variants, J(ava)Script, and exploiting browser loops, which is in
demand. And the art of saving space isn't en vogue at all, as there are
gigabytes of ram available in every up-to-date machine.
Even the imprint on performance doesn't seem to count, seeing how many
newbies complain about a slow computer, not realizing that their 4 GHz
CPU is chewing on some remote command that makes it send mass mailings
or dDoS a server.
The Art of Coding doesn't get its appreciation any more; what is
happening now on a large scale, is just raw abuse. No wonder that you
hate it with a passion.
BTW: If you are by any means into fighting Phishings, I could send you
my special collection of Phmails that I gathered within the last six
months >:->.
From March on, there have been >560, on August 7th alone, nineteen. All
to this one account address that you see below.
(HateHateHate them)
Gabriele Neukam
--
Ah, Information. A property, too valuable these days, to give it away,
just so, at no cost.
Gabriele Neukam
> The employers are no doubt scared
> of potential bad publicity and "appearences". Former vxers are likely
> to be exceptionally motivated to do well. And that's what it takes.
> Drive, motivation and persperation.
Sometimes, security companies are taking a risk, like in the one case
when a sec company hired the Sasser programmer
Different views on the topic:
http://p2pnet.net/story/2487
http://www.enn.ie/news.html?code=9554015
But the reactions were mostly negative, as few can imagine that someone
might change his/her behaviour over time, because they rarely notice
that they did it themselves, over the years.
Laura Fredericks
Hash: SHA1
On 21 Oct 2005 06:57:45 -0700, "Gremlin"
<bughunte...@gmail.com> wrote in post to 4Q:
>I've already chatted with several IT lawyers before releasing
>BugHunter under my real name, and potentially admitting that I
>am Raid/Slam.
You'll *always* be "Raid" to me! [Slam] ;-)
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBQ1p2KaRseRzHUwOaEQKPrACg3jvp+HqRmLm5s9iU5j2nPQ+jVmgAn1lH
ZNn7q2L9JMMSa2OnFrTbzK82
=cFms
-----END PGP SIGNATURE-----
--
Laura Fredericks
PGP key ID - DH/DSS 2048/1024: 0xC753039A
alt.comp.virus photo gallery:
http://www.queenofcyberspace.com/acvgallery/
usenet flamewars:
http://www.queenofcyberspace.com/usenet/
Remove CLOTHES to reply.
Norman L. DeForest
On Fri, 21 Oct 2005, Clay wrote:
> On 21 Oct 2005 08:10:32 -0700, "4Q" <paul...@hushmail.com> wrote:
>
> >Clay wrote:
> >> On 21 Oct 2005 07:20:17 -0700, "4Q" <paul...@hushmail.com> wrote:
> >>
> >> >Gremlin wrote:
> >> [snippage]
> >> >> That's the cool thing with computer crimes, Statues of limitations. :)
> >> >> I've already chatted with several IT lawyers before releasing BugHunter
> >> >> under my real name, and potentially admitting that I am Raid/Slam. So
> >> >> no worries. :)
> >> >
> >> >Yeah, good for you. Vecna explained his own situation over the
> >> >statues of limitations but that won't stop cunts like Jed Connors
> >> >coming after you with an axe, or some other dimbulb lynchmob.
> >>
> >> I believe that should be "Statutes" and not "Statues".
> >>
> >> (Statutes of limitations)
> >>
> >
> >*HAHAHA* You know all us malicious malware demons are
> >dyslexic bad spell fucks! Raidy will have to start using
> >a dictionary now he's going to be a pillar of the community
>
> Heh. Normally, I wouldn't have commented but I laughed out loud at the
> thought of "Statues of limitations".
Your comment makes me imagine the Statue of Liberty holding up a sign
(instead of a torch) reading:
"KEEP OFF THE GRASS."
By the way, hi, Raid! "Long time, no see!", as the saying goes.
Welcome back.
Because of the way you posted helpful stuff here in the past, even while
still a VXer at that time, I tended to think of you in a similar fashion
to the way the regulars in the news.admin.net-abuse.email newsgroup
thought of the spammer, NUK. He was the only spammer I know of who was
respected by many of the regulars of that newsgroup even during the time
he was a spammer. He eventually retired from spamming (or claimed to)
without anyone ever finding out who he really is.
--
``Why don't you find a more appropiate newsgroup to post this tripe into?
This is a meeting place for a totally differnt kind of "vision impairment".
Catch my drift?'' -- "jim" in alt.disability.blind.social regarding an
off-topic religious/political post, March 28, 2005
David H. Lipman
After doing a little research...
This key uses type; REG_SZ and the Environmental variable is not expanded in this Registry
key type.
It would have to by type; REG_EXPAND_SZ to interpret the Environmental variable.
The double '\' is used when incorporated in a .REG file. I removed the extra '\' for the
sake of of this discussion and not to confuse the issue. If you were to browse the Registry
you would not see two '\' chars. If I was to have posted the content of the .REG file with
the "REGEDIT4" or "Windows Registry Editor Version 5.00" header than I would have left it as
is.
Ant
> After doing a little research...
>
> This key uses type; REG_SZ and the Environmental variable is not expanded in this Registry
> key type.
>
> It would have to by type; REG_EXPAND_SZ to interpret the Environmental variable.
Of course! <smacks forehead> Thanks for reminding me. I had forgotten
all about how REG_EXPAND_SZ works.
> The double '\' is used when incorporated in a .REG file. I removed the extra '\' for the
> sake of of this discussion and not to confuse the issue. If you were to browse the Registry
> you would not see two '\' chars. If I was to have posted the content of the .REG file with
> the "REGEDIT4" or "Windows Registry Editor Version 5.00" header than I would have left it as
> is.
Understood.
One way around this would be to have the user generate the .reg file
with the system on which they want to use it. A batch file could be
provided which echoes the lines required to the .reg file. Instead of
specifying c:\\windows or c:\\winnt in the string, one would use the
modified environment variable %SystemRoot:\=\\%
If Dustin, or anyone else is interested, I have written such a batch
file which will create the .reg file only if the system is W2k or XP
(not needed for 9x), and also create the appropriate bughunt.ini file.
This also removes the need for the bug2k.ini file.
David H. Lipman
I didn't know about that difference between REG_SZ and REG_EXPAND_SZ , I had to ask ;-)
I just knew that there were some instances where the envirionmental variables couldn't be
used in Registry keys.
Art
I don't understand all the fuss. It's a simple matter for a program to
find the actual paths string whether it's literally C:\WINNT or
D:\WINDOWS or whatever ... and then simply use that. For example,
QB4.5 has a ENVIRON$(n) string return function that gives the DOS
Environment Tables ... and it works fine on Win 2K and Win ME and
should work on any version of Windows. I haven't looked at DOS
interrupts for this sort of thing but I'm sure it could be done in
assembler as well.
Art
Ant
> On Mon, 24 Oct 2005 01:38:49 GMT, "David H. Lipman"
>>I didn't know about that difference between REG_SZ and REG_EXPAND_SZ , I had to ask ;-)
>>
>>I just knew that there were some instances where the envirionmental variables couldn't be
>>used in Registry keys.
>
> I don't understand all the fuss.
No fuss, no muss! Just learning/refreshing memory about the different
registry types, and exploring the possibilities.
> It's a simple matter for a program to
> find the actual paths string whether it's literally C:\WINNT or
> D:\WINDOWS or whatever ... and then simply use that. For example,
> QB4.5 has a ENVIRON$(n) string return function that gives the DOS
> Environment Tables ... and it works fine on Win 2K and Win ME and
> should work on any version of Windows. I haven't looked at DOS
> interrupts for this sort of thing but I'm sure it could be done in
> assembler as well.
Yes, it could be the first option on the menu:
[A] - Create config files and exit.
This option would have to be used in the environment of the (possibly)
infected system to pick up the variable settings - i.e. running it
under plain old DOS wouldn't work, and I don't know if the variables
would be set the same way in an NT recovery console.
Art
Gremlin
find the actual paths string whether it's literally C:\WINNT or
D:\WINDOWS or whatever ... and then simply use that. For example,
QB4.5 has a ENVIRON$(n) string return function that gives the DOS
Environment Tables ... and it works fine on Win 2K and Win ME and
should work on any version of Windows. I haven't looked at DOS
interrupts for this sort of thing but I'm sure it could be done in
assembler as well. "
Well, Art... The fuss as you see, is if the OS isn't booted... IE: You
booted from a bart disc or another read/write boot disc, the
environment variable will either not exist at all, or point to the cd-r
OS you booted from, not the users.
It's not so trivial to "guess" the correct operating system when your
not actually running under it.
Art
wrote:
Yes, as I said, I didn't take the alternate OS situation into account
when I wrote that.
I don't think your program would have to guess, though. Seems to
me you could accurately deduce which version of Windows is on a
drive. One method that comes to mind is the use of a
Find-First--Find-Next to check for the existence of certain
directories, subdirectories and essential files.
For one example, Dave mentioned that a Win 98 to Win 2K upgrade
will have \Windows instead of \Winnt. But Win 98 doesn't have files
like NTLDR, etc. So you simply go through a "logic tree" of tests and
deductions along these lines.
Art
Gremlin
Art wrote:
> I don't think your program would have to guess, though. Seems to
> me you could accurately deduce which version of Windows is on a
> drive. One method that comes to mind is the use of a
> Find-First--Find-Next to check for the existence of certain
> directories, subdirectories and essential files.
Ah.. I had thought of this, and then ran into this what if scenario.
What if the user has been upgrading windows, and/or reinstalling
windows into clean directories. IE: Multiple installations of windows,
but only one actually used by the user. How would I determine which is
which?
I suppose I could search for modified file dates and take a guess based
on that, but several machines in for repair are installed with non
standard install locations, and multiple OSes. For example, One box I'm
sitting beside has win2k loaded in c:\winnt, win98se loaded in c:\98se,
and windows xp pro loaded in c:\windows. The user actually uses all of
these OSes.
> For one example, Dave mentioned that a Win 98 to Win 2K upgrade
> will have \Windows instead of \Winnt. But Win 98 doesn't have files
> like NTLDR, etc. So you simply go through a "logic tree" of tests and
> deductions along these lines.
It's never a good idea to hardcode/assume an installation folder will
always be that, simply because the default is.
David H. Lipman
|
| It's never a good idea to hardcode/assume an installation folder will
| always be that, simply because the default is.
I'll second that !
Gremlin
Norman L. DeForest wrote:
> Your comment makes me imagine the Statue of Liberty holding up a sign
> (instead of a torch) reading:
>
> "KEEP OFF THE GRASS."
:) If you've downloaded BugHunter, I didn't write the docs. I wrote the
rough draft, one of my kind beta testers revamped the docs. :)
DON'T STEP ON THE GRASS, SAM
>From the 1968 release "The Second"
Steppenwolf Cover
Words and music by John Kay
Starin' at the boob tube, turnin' on the big knob
Tryin' to find some life in the waste land
Fin'ly found a program, gonna deal with Mary Jane
Ready for a trip into hate land
Obnoxious Joe comes on the screen
Along with his guest self-righteous Sam
And one more guy who doesn't count
His hair and clothes are too far out
While pushin' back his glasses Sam is sayin' casually
"I was elected by the masses"
And with that in mind he starts to unwind
A vicious attack on the finest of grasses
Well it's evil, wicked, mean and nasty
(Don't step on the grass, Sam)
And it will ruin our fair country
(Don't be such an ass, Sam)
Well, it will hook your Sue and Johnny
(You're so full of bull, Sam)
All will pay that disagree with me
(Please give up you already lost the fight, alright)
Misinformation Sam and Joe
Are feeding to the nation
But the one who didn't count counted them out
By exposing all their false quotations
Faced by a very awkward situation
This is all he'd say to save the day
Well it's evil, wicked, mean and nasty
(Don't step on the grass, Sam)
And it will ruin our fair country
(Don't be such an ass, Sam)
Well, it will hook your Sue and Johnny
(You're so full of bull, Sam)
All will pay that disagree with me
(Please give up you already lost the fight alright)
You waste my coin Sam, all you can
To jail my fellow man
For smoking all the noble weed
You need much more than him
You've been telling lies so long
Some believe they're true
So they close their eyes to things
You have no right to do
Just as soon as you are gone
Hope will start to climb
Please don't stay around too long
You're wasting precious time
Ehh, sorry your grass statement got me. :)
> By the way, hi, Raid! "Long time, no see!", as the saying goes.
> Welcome back.
Thanks Norman, glad to see you as well.
> Because of the way you posted helpful stuff here in the past, even while
> still a VXer at that time, I tended to think of you in a similar fashion
> to the way the regulars in the news.admin.net-abuse.email newsgroup
> thought of the spammer, NUK. He was the only spammer I know of who was
> respected by many of the regulars of that newsgroup even during the time
> he was a spammer. He eventually retired from spamming (or claimed to)
> without anyone ever finding out who he really is.
I retired several years ago from VX, I've left IRC vx channels, etc. I
have nothing to do directly with it, aside from collecting fresh
samples from infected computers. But that's a programming addiction. :)
I still have much respect for my friends on both sides, and I will
never betray their confidence. I do not believe I've soldout either, as
BugHunter doesn't target viruses/worms, only annoying
adware/spyware/keyloggers and such.
I've had some time to really sit and think about goals. Especially
considering i'm running against a clock. :P
Anyways, Have a good one Norman!
Regards,
Dustin Cook
Gremlin
> the raid i knew was too much of an iconoclast to be overly concerned
> with what the establishment thought of him... more likely to tell people
> off than bend to their will...
Ah yes... I'm still somewhat like that, so I'm told.
> my guess is you took your interest in viruses/malware/whatever and found
> a new way to integrate it into who you are and what place you've found
> for yourself in the world...
I just wanted to help a little bit, to try and undue some of the
mischief I've caused. Hopefully, BugHunter will do this. It's not going
to make things even by a long shot, I know the harm I've caused, but
it's a start.
> --
> "they threw a rope around yer neck to watch you dance the jig of death
> then left ya for the starvin' crows, hoverin' like hungry whores
> one flew down plucked out yer eye, the other he had in his sights
> ya snarled at him, said leave me be - i need the bugger so i can see"
Clutch?
Art
wrote:
>> One method that comes to mind is the use of a
>> Find-First--Find-Next to check for the existence of certain
>> directories, subdirectories and essential files.
>
>Ah.. I had thought of this, and then ran into this what if scenario.
>What if the user has been upgrading windows, and/or reinstalling
>windows into clean directories. IE: Multiple installations of windows,
>but only one actually used by the user. How would I determine which is
>which?
>
>I suppose I could search for modified file dates and take a guess based
>on that, but several machines in for repair are installed with non
>standard install locations, and multiple OSes. For example, One box I'm
>sitting beside has win2k loaded in c:\winnt, win98se loaded in c:\98se,
>and windows xp pro loaded in c:\windows. The user actually uses all of
>these OSes.
I'm surprised the install disks allowed this. I was under the
impression that it's necessarily a one-OS-per-partition thing, and
that's that. Weird. You learn something new every day :)
Art
Gremlin
Art wrote:
> I'm surprised the install disks allowed this. I was under the
> impression that it's necessarily a one-OS-per-partition thing, and
> that's that. Weird. You learn something new every day :)
Nope. Multiple oses can co exist on a single partition, but nobody
actually recommends doing that. :) and with obvious good reason. heh.
David H. Lipman
Yep.
I always recommend the more expensive but better method of each OS residing on its own SCSI
hard disk and then using the SCSI HotKey to select what OS you want to boot from.
Multi-boot systems complicate the issue immensely.
Gremlin
David H. Lipman wrote:
> I always recommend the more expensive but better method of each OS residing on its own SCSI
> hard disk and then using the SCSI HotKey to select what OS you want to boot from.
With SATA speeds these days, why do you still go with SCSI?
> Multi-boot systems complicate the issue immensely.
For sure. :)
David H. Lipman
Good question. I guesss because I have SCSI; CDROM, CDRW, DAT tape drive, wide SCSI hard
drives and an external SCSI chassis.
One day I may go to SATA and PATA.
BTW: I sent 'ya some email.
Gremlin
David H. Lipman wrote:
> Good question. I guesss because I have SCSI; CDROM, CDRW, DAT tape drive, wide SCSI hard
> drives and an external SCSI chassis.
>
> One day I may go to SATA and PATA.
>
Ahh.. Good reason. I was going to do with scsi back in the day, but my
finances couldn't afford it. so I remained with IDE technology for
years. Now that I use SATA too, I couldn't get away from it. It's so
nice. :)
Thanks for the heads up in the email Dave!
And thanks again for not holding my prior life against me!
You've made it easier to come clean... heh.
kurt wismer
>>the raid i knew was too much of an iconoclast to be overly concerned
>>with what the establishment thought of him... more likely to tell people
>>off than bend to their will...
>
> Ah yes... I'm still somewhat like that, so I'm told.
that's something you should probably keep...
>>--
>>"they threw a rope around yer neck to watch you dance the jig of death
>>then left ya for the starvin' crows, hoverin' like hungry whores
>>one flew down plucked out yer eye, the other he had in his sights
>>ya snarled at him, said leave me be - i need the bugger so i can see"
>
> Clutch?
flogging molly, actually...