Re: Caution SONY Music CDs have trojan Malware
Dustin Cook
relic wrote:
> Ignore Dustin, he's a self-appointed expert on things he knows little about.
Psst. Relic, get a clue, son. Look up raidslam virus writer. I know wtf
viruses are, rootkits etc, I've authored many of them, you freaking
idiot. :)
Checkout virusbulletin sometime if you don't believe me, I'm known by
fucking name (Dustin Cook/Raid) as the author of Toadie virus, Irok
virus, Krile, Creed, Kremlin, etc etc etc.
Better yet, Ask alt.comp.virus who I am, and if I know wtf i'm talking
about. I'll make it easier, I've crossposted it to them, you fucking
idiot.
Okay.. Off my soapbox now...
Regards,
Dustin Cook
Dustin Cook
Sony Music CDs install Malware wrote:
> No, it's SONY that should be ashamed. You should read the lic. agreement for
> the nasty thing. There's no way anyone would realize they were installing
> software that uses sophisitcated rootkit techniques. And, yes, it is very
> difficult to remove. Simply deleting the files [once their cover's been torn
> off] usually renders the CD-ROM drive unusable. One "fix", for instance, was
> recently published by SONY, but it didn't actually remove it .. it simpled
> made the super-hidden files visible. So, no shame on the Register .. shame
> on SONY.
Do you know what the hell a rootkit even is? It doesn't really apply to
Windows, Unix has root user, not windows. As for a virus, the sony
modules do not replicate. They have no worm ability, they have no viral
infection ability. IE: They aren't viruses.
If you remove the files by force, and you can easily; they can't very
well hide if windows isn't running, now can they? Nope, they can't.
Various CDs are available to boot windows with full access to ntfs
without RUNNING YOUR OS. Which means, NO hiding anything. Files can be
done what you like with. When you reboot, yes, your cdrom drives are
busted. Several other apps break them, it's a known problem with them
and windows. Clone cd, easy cdcreator, hell, even a bad uninstall of
nero will break them. It consists of two registry keys to fix it.
Delete them, and reboot.
now aside from a general end user not knowing how to boot from a cd
such as a bart disc, or knowing how to use the registry editor, WHERE
IS THE DIFFICULTY?
Regards,
Dustin Cook
http://bughunter.atspace.org
Doug Chadduck
remove what they put into peoples machines. Check their website it says
Sony Music CDs install Malware wrote:
> Mr. Cook:
>
> We know already it's not necessarily a true virus. I put the term in my sig,
> more to get attention because "rootkit" wouldn't mean a thing to anyone
> whereas "virus" means lousy malicious software. For now on I will refer to
> the SONY software as "malware" or "diseased shitware".
>
Dustin Cook
Sony Music CDs install Malware wrote:
> Hi Dustin - thanks for the reply:
>
> Well, it has been demonstarted it doesn't replicate .. yet. A better
> discription might have been "diseased shitware" rather than virus. My
> mistake.
diseased shitware sounds fine to me. DRM typically wouldn't have a need
to replicate. Replication is a pain in the ass, for compatability
reasons. Sony did what was best in terms of overall compatability for
windows. I'm not defending the stunt mind you, only respecting the
intent.
> I don't know what you are blabbering on about vis s vis rebooting computers.
> The SONY diseased shitware doesn't boot the computer, rather, it infests the
> computer. When the authors wrote the diseased shitware they employed rootkit
> techniques.
First of all, the blabbering was a pretty straight forward way of
removing the offending software; The software cannot hide if you use
ultimate boot cd, knoppix, bartpe, etc. The reason it cant hide is
because your computer is operating from that cd's OS, not it's own.
Since it's own OS was never loaded, neither was the offensive software.
None of it.
Second, It doesn't infest anything. The method it uses is actually
pretty clean, and a design of windows. The software is malicious only
in the sense you don't know what it's actually upto; Probably aren't
warned it's installed, and it can be a slightly tedious task of
removing it. But it's harm to your system isn't. It reroutes your cdrom
access thru it's own drivers. CloneCD does this as well. :) If you
remove it's drivers, windows disables cdrom; It isn't going to load
just any drivers, if it cant load the ones the registry says to; no
cdrom.
To remove it is a matter of cleaning up the files, theirs really no
need to play cat and mouse with it if you don't boot the host OS.
bartpe is a nice time saver. Once the files are gone, you can run
regedit from bart and mount the software hive, remove the offending
keys, unmount the hive, and reboot to the host OS. Windows will reset
your cdrom access back to it's own default drivers. If you have burning
software, you may need to reinstall it to re-enable burning features.
That's what I was blabbering about. :)
Graham...@gmail.com
> Okay.. Off my soapbox now...
get back on that soap box man.... makes entertaining reading.
G
Geo
Dustin Cook wrote:
> To remove it is a matter of cleaning up the files, theirs really no
> need to play cat and mouse with it if you don't boot the host OS.
> bartpe is a nice time saver. Once the files are gone, you can run
> regedit from bart and mount the software hive, remove the offending
> keys, unmount the hive, and reboot to the host OS. Windows will reset
> your cdrom access back to it's own default drivers. If you have burning
> software, you may need to reinstall it to re-enable burning features.
And you think this is 'straight forward and easy', I've got no idea
what you're talking about, I don't even know what a 'hive' is let alone
how to [un]mount it !!!!
Towelie
prove your perceived intellectual superiority over others? Inferiority
complex? Can't handle being contradicted?
Virus writers: idiots who think they're clever cos they can write 3
lines of javascript.
Virus writers who loudly claim "credit" for their supposed creations:
even bigger idiots.
People who claim to be virus writers when they obviously are not, then
use this imaginary "skill" to present themselves as smarter than
everybody else: the biggest idiots of all.
Did I just hear a virus writer calling somebody "lamer"? Now that's
very funny indeed. Why do people stick with writing viruses? Because
its so ridiculously easy. Doesn't even require any coding skills or
understanding of programming techniques whatsoever. So obviously anyone
who trumpets his own virus-coding skills doesn't have any.
BTW anyone who thinks the Sony DRM thing is an issue needs to google
"NSA key".
James Egan
>And you think this is 'straight forward and easy', I've got no idea
>what you're talking about, I don't even know what a 'hive' is let alone
>how to [un]mount it !!!!
You can pick it up easily enough from regedit help which tells you the
locations of the registry hive files. Editing with (bartpe) regedit is
simply a matter of selecting one of the files and loading it to a
temporary name of your choice. Edit using regedit in the normal way to
make the changes and unmount it simply by clicking on
File->Unload_Hive.
Jim.
James Egan
<trunk@.box.suitcase> wrote:
>Dustin is Wrong 1. That's not 'easy' removal DustinThat's skilled removal by
>someone who knows the system and registry very well as well as some of the
>tools that are available.
Actually, he did say "aside from a general end user not knowing how to
boot from a cd such as a bart disc, or knowing how to use the registry
editor" before saying it was easy. With those qualifications, it *is*
easy.
>
>Dustin is Wrong 2. And it is an infestation if special tools are needed for
>a removal.
You won't find many (if any) in acv agreeing with that definition of
malware "infestation".
Jim.
Dustin Cook
Towelie wrote:
> Dustin - so don't buy Sony. Your choice. Why use the issue to try to
> prove your perceived intellectual superiority over others? Inferiority
> complex? Can't handle being contradicted?
What in the world are you talking about? I'm not trying to prove any
superiority, I'm simply wanting some individuals who should know
better, like the register, from reporting inaccurate information, thats
all.
> Virus writers: idiots who think they're clever cos they can write 3
> lines of javascript.
> Virus writers who loudly claim "credit" for their supposed creations:
> even bigger idiots.
javascript? Kiddo, Mine were exe/com infectors. I don't need to claim
credit, I'm already published by name in virusbulletin, damn near 6
years ago.
> People who claim to be virus writers when they obviously are not, then
> use this imaginary "skill" to present themselves as smarter than
> everybody else: the biggest idiots of all.
When they are obviously not? Sigh. I don't know how to make this any
simpler for you, I am Raid; I am a former well known virus writer. Why
in the hell would anybody claim to be this individual of all people, if
they were not? If you were a coder, you could see for yourself.
BugHunter is a legitimate application, but all programmers like bomb
makers have a certain signature. You'd find the coding style used on
BugHunter matches the coding style used on viruses and other malware
(war dialers, etc) written by Raid (me).
> Did I just hear a virus writer calling somebody "lamer"? Now that's
> very funny indeed. Why do people stick with writing viruses? Because
> its so ridiculously easy. Doesn't even require any coding skills or
> understanding of programming techniques whatsoever. So obviously anyone
> who trumpets his own virus-coding skills doesn't have any.
Indeed. If your writing scripts, like javascript. :) I don't.
Incidently, you don't read so well; I'm retired. Have been for a very
long time now. Aside from maintaining contact with some old friends on
both sides, I have nothing to do directly with the Vx scene. My
interests are in malware removal, not it's creation.
> BTW anyone who thinks the Sony DRM thing is an issue needs to google
> "NSA key".
I do not feel the sony thing is that big of an issue. It's sneaky, but
something similiar was already released on the new foo fighters. It
just didn't make such an effort to hide itself.
Regards,
Dustin Cook
Dustin Cook
James Egan wrote:
> On Fri, 4 Nov 2005 07:15:43 -0500, "Sony Music CDs install Malware"
> <trunk@.box.suitcase> wrote:
>
> >Dustin is Wrong 1. That's not 'easy' removal DustinThat's skilled removal by
> >someone who knows the system and registry very well as well as some of the
> >tools that are available.
>
> Actually, he did say "aside from a general end user not knowing how to
> boot from a cd such as a bart disc, or knowing how to use the registry
> editor" before saying it was easy. With those qualifications, it *is*
> easy.
heh. Hi James. Long time. :)
> >
> >Dustin is Wrong 2. And it is an infestation if special tools are needed for
> >a removal.
>
> You won't find many (if any) in acv agreeing with that definition of
> malware "infestation".
Nope.. He sure won't. Laugh Laugh. Poor slob doesn't know what a virus
even is. Nor a rootkit, nor a worm. Sony's amusing little program
doesn't meet the criteria of any of them.
Art
<bughunte...@gmail.com> wrote:
>I do not feel the sony thing is that big of an issue. It's sneaky, but
>something similiar was already released on the new foo fighters. It
>just didn't make such an effort to hide itself.
I thought it was the lack of a uninstall that was the big issue. Has
that been fixed? If a typical consumer/user is faced with having to
pay a expensive repair bill to have (possibly buggy) sw removed from
his PC, I'd say it's a big deal indeed.
Other issues such as continual added overhead (cpu/RAM useage) are
perhaps minor issues which most wouldn't consider a big deal nowdays
... providing they are minor.
Art
Gabriele Neukam
> Nor a rootkit, nor a worm. Sony's amusing little program
> doesn't meet the criteria of any of them.
I've seen it being named "rootkit" (behaviour) on a reputable German
site, the heise newsticker (something like register for Germans). They
used this term a bit loosely, because the original version was meant to
hide all processes and threads from the system, that begin with $sys$
That isn't exact science, of course, just meant to alert the readers
about this scumware.
Gabriele Neukam
--
Ah, Information. A property, too valuable these days, to give it away,
just so, at no cost.
Dustin Cook
Art wrote:
> I thought it was the lack of a uninstall that was the big issue. Has
> that been fixed? If a typical consumer/user is faced with having to
> pay a expensive repair bill to have (possibly buggy) sw removed from
> his PC, I'd say it's a big deal indeed.
Not the uninstall per say, just the fact the program makes an active
effort to conseal some of it's files it needs. Of course, Sony didn't
tell anybody they intended to install this wonderful little program.
That probably irked most users.
Rebecca
> Towelie wrote:
>
>> Dustin - so don't buy Sony. Your choice. Why use the issue to try to
>> prove your perceived intellectual superiority over others?
>> Inferiority complex? Can't handle being contradicted?
>
> What in the world are you talking about? I'm not trying to prove any
> superiority,
That's good. You'd be laughed out of town if you did.
Dustin Cook
Rebecca wrote:
> That's good. You'd be laughed out of town if you did.
Do you honestly think anyone on these newsgroups shares your opinion?
This isn't alt.trolls, idiot. If you don't know IT, you don't belong
here. :) And uhh, we both know you don't have any IT skills. heh..
Google user posting history, nice feature no?
I enjoyed roasting your friend Relic over the coals. It was alot of
fun. Where's he been anyhow? I haven't seen a response. He hasn't
listed any viruses to his credit, come to think of it, he hasn't listed
any actual code to his credit. Oops, maybe that's because he's not a
coder; he's just a fucktard dimwit much like yourself who wanted to
play troll flaming games with the wrong person. You just never know
who's going to post on usenet. Flame on, you non coding little pissant.
Dustin Cook
Gra...@nospam.com wrote:
> Go Dustin GO!!!!!!!!!!!!!!!!!!!!!!!
Heh. I got a bit carried away. I've never been tolerant of stupid
people. And to think, I had full intentions of just being a "nice" guy
on usenet. Never showing people up for the snotnosed little slimeballs
they might be. And what do you know, some retarded non coding little
lamer by the silly name of Relic (like the fuckin movie, you tard?)
wants to run his mouth about things he has no clue on. Coding for one,
viruses for another. heh. He could have saved so much time and
embarrasement, how many more clues about Raid and Dustin being the same
person does one need before it sinks into their thick dimwitted skulls?
Wasn't it a huge topic of discussion here some years ago? Heh. A little
bit of research goes a long ways.
Have some crow Relic, you snotnosed little fucktard. I hear it's great
this time of year.
Dustin Cook
James Egan wrote:
> You can pick it up easily enough from regedit help which tells you the
> locations of the registry hive files. Editing with (bartpe) regedit is
> simply a matter of selecting one of the files and loading it to a
> temporary name of your choice. Edit using regedit in the normal way to
> make the changes and unmount it simply by clicking on
> File->Unload_Hive.
I'm beginning to think after reading/responding to the posts in the
last few days, The people have only gotten dumber since I retired;
certainly not wiser. Dumb and mouthy...Stupid is as stupid does as they
say. They don't read before hitting post, they don't check "help" at
all, They don't do any background checking before they claim you don't
know this or that. They are helplessly stupid individuals.
Damian
While your self-analysis is spot-on, don't be so hard on yourself.
Er... on second thought, with all that self-loathing, why don't you just go
neck yourself?
bughunte...@gmail.com
Damian wrote:
> While your self-analysis is spot-on, don't be so hard on yourself.
Your trolling skills are wearing a bit thin. If you go too much lower,
I'll need my nephew. He's 5. He would know more about rubber/glue crap
then I remember. Seems his skills and yours are about the same tho. I'm
not sure, I think he might outsmart ya. :)
relic
You couldn't roast anyone, you're too insignificant.
Where did you form the idiotic notion that claiming to be a coder has made
you something to be in awe of? I was fixing code when you were in diapers. I
have no inner need to try to impress like you... as I've said before, fuck
off twerp.
--
Come to us with a problem only if you want help solving it.
That's what we do. Sympathy is what your girlfriends are for.
Dustin Cook
relic wrote:
> Where did you form the idiotic notion that claiming to be a coder has made
> you something to be in awe of? I was fixing code when you were in diapers. I
> have no inner need to try to impress like you... as I've said before, fuck
> off twerp.
There you go again with the claiming. You and your ignorant trolling
little pissant friends are the only idiots who haven't got a clue. Do
you have any idea of the amusement your providing for alt.comp.virus?
Heh. You know, you could just oh, hell; google dustin and raid. The
results would have saved you alot of egg. :) You were coding while I
was in diapers huh? For some reason, I doubt it. But, I could be wrong.
So what code have you written then? I'm asking, point blank. Show me
the code, fucknut.
Rebecca
> You know, you could just oh, hell; google dustin and raid.
Why would anyone but you give a shit. Fuck off.
Damian
I'll bet you'd enjoy seeing how much of a fool he has made of himself if you
googled Groups. Surely, his posts have always been as revealing as they are
now.
relic
At first I just thought your reading comprehension was poor, now I believe
you actually can't even read. Take a remedial reading course, I'm not going
to explain what was written for you.
Dustin Cook
relic wrote:
> Dustin Cook wrote:
> > relic wrote:
> >
> >> Where did you form the idiotic notion that claiming to be a coder
> >> has made you something to be in awe of? I was fixing code when you
> >> were in diapers. I have no inner need to try to impress like you...
> >> as I've said before, fuck off twerp.
> >
> > There you go again with the claiming. You and your ignorant trolling
> > little pissant friends are the only idiots who haven't got a clue. Do
> > you have any idea of the amusement your providing for alt.comp.virus?
> > Heh. You know, you could just oh, hell; google dustin and raid. The
> > results would have saved you alot of egg. :) You were coding while I
> > was in diapers huh? For some reason, I doubt it. But, I could be
> > wrong.
> >
> > So what code have you written then? I'm asking, point blank. Show me
> > the code, fucknut.
>
> At first I just thought your reading comprehension was poor, now I believe
> you actually can't even read. Take a remedial reading course, I'm not going
> to explain what was written for you.
I left the entire quote simply for the amusement factor. It's painfully
obvious your grasping at straws. Your unable to defend anything I've
said about you. I'm still not sure whether I should call you a fucktard
or a fucknut, or just a fucking moron. Either way, You've made my point
hit home far harder then if I hit a homerun myself. Good job, you
fucking non-coding trolling pile of shit.
Damian
He nailed you perfectly, dustbin. Fuck off.
Dustin Cook
Damian wrote:
> He nailed you perfectly, dustbin. Fuck off.
Yea. He sure did man, Silly me. How dare I think otherwise. /sarcasm.
Regards,
Dustin Cook
Dustin Cook
Sony Music CDs install Malware wrote:
> Dustin is Wrong 1. That's not 'easy' removal DustinThat's skilled removal by
> someone who knows the system and registry very well as well as some of the
> tools that are available.
Another poster already pointed out the sheer ease in which someone
could remove the sony material. I appreciate the compliments tho. I
don't share the concept. I don't believe what I layed out is only for
those who are skilled. If you think that's skill, then I'm sorry for
you.
> Dustin is Wrong 2. And it is an infestation if special tools are needed for
> a removal. A while-the-system-is running Reg key delete and file delete is
> simple removal .. what you are describing is not .. what you are describing
> is removing a diseased infection.
Nobody in alt.comp.virus would agree with that. You need to learn what
infection is.
Art
<bughunte...@gmail.com> wrote:
I see Sony has offered a remover:
http://cp.sonybmg.com/xcp/english/updates.html
The other concern I've seen has been the security vulnerability
issue, which Sony, of course, disclaims. Also, I have no idea how real
or valid this might be, but the fear is that if a user is hit with
another root kit the resulting low level conflicts will render the PC
unuseable. If this is true, it would seem we're heading for eventual
legislation banning so-called cloaking technology.
Dustin Cook
Art wrote:
> I see Sony has offered a remover:
>
> http://cp.sonybmg.com/xcp/english/updates.html
>
> The other concern I've seen has been the security vulnerability
> issue, which Sony, of course, disclaims. Also, I have no idea how real
> or valid this might be, but the fear is that if a user is hit with
> another root kit the resulting low level conflicts will render the PC
> unuseable. If this is true, it would seem we're heading for eventual
> legislation banning so-called cloaking technology.
Yes. That's what bothers me. the cloaking technology per say isn't bad.
What happens if I'm using a modified copy of VNC, and It doesn't appear
in task manager? This "rootkit" nonsense would make it illegal.
Art, refresh my memory if you don't mind. Didn't we used to call
applications that hid their presence, stealth? When did this rootkit
terminology replace that?
Rebecca
> Damian wrote:
>
>> He nailed you perfectly, dustbin. Fuck off.
>
> Yea. He sure did man, Silly me. How dare I think otherwise.
Your admission that you can't comprehend what was written is noted.
Art
<bughunte...@gmail.com> wrote:
I don't think stealth has been replaced by root kit and cloacking. The
old stealth viruses are still stealth viruses, for example. I suppose
one might consider root kits as a subset of stealth malware just as
some view worms as a subset of viruses. But that's just my impression.
I don't recall seeing a terminolgy discussion/debate on that subject
here.
Art
Jeffrey A. Setaro
Art; what Sony/BMG is offering is not an uninstaller... It's a
de-cloaker. The patch removes the rootkit driver but leaves the DRM
software behind.
Read Mark Russinovich latest blog entry for full details.
<http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloaking.html>
Cheers-
Jeff Setaro
jasetaro@SPAM_ME_NOT_mags.net
http://people.mags.net/jasetaro/
PGP Key IDs DH/DSS: 0x5D41429D RSA: 0x599D2A99 New RSA: 0xA19EBD34
Art
<jasetaro@SPAM_ME_NOT_mags.net> wrote:
>>I see Sony has offered a remover:
>>http://cp.sonybmg.com/xcp/english/updates.html
>Art; what Sony/BMG is offering is not an uninstaller... It's a
>de-cloaker. The patch removes the rootkit driver but leaves the DRM
>software behind.
You're right. Terminology twist. I was thinking of the "uninstall" of
the cloaking portion.
>Read Mark Russinovich latest blog entry for full details.
>
><http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloaking.html>
Art
Dustin Cook
relic wrote:
> Well I'll be... even though I knew he was lying about his "famed" past
> exploits, I didn't think him intelligent enough to send spam. At least not
> without using his real mail address.
Sigh. I'm using google. The address is the same as listed on Bughunter
support website. I haven't exactly tried to hide a contact point,
unlike yourself. :)
As far as lying goes, I'm well aware you know better. Do I intimidate
you son? I'm harmless. I don't write viruses/worms anymore, and haven't
in sometime. I'm only interested in malware in the form of
spyware/adware. Do you really think you impress anybody by avoiding my
questions? Did somebody tell you, if someone asks you a question you
cant answer, avoiding it is the best policy? If so, you should smack
them. They lied to you.
I could ask you questions about code all day long, knowing you couldn't
answer any of them. Well, aside from a "I told you to fuck off" comment
or something similiar. I didn't see you make any posts discussing the
sony drm garbage, aside from cheap flamer bait antics towards myself.
And for what? Heh, because I chewed an end user who could have helped
himself and others out of a jam? He's still complaining whatever the
file belongs too is asking for it. Did it ever occur to you, that file
he erased might have had the information on it's host? Configuration
data. Something that could tell me or someone else what is still
lurking on his box asking for it. Oh, that's right; You aren't a coder.
You wouldn't know that , would you... heh.
So really, Other then tit for tat flaming, what have you accomplished
in the past few days?
Do you really think these messages trading shots.. Well, not really
trading; seems your shooting blanks..somehow bothers me? I checked out
your posts under relic, it would have been wise for you to checkout the
ones i mentioned days ago before we got this far. It would have saved
you some time and trouble. Since you can't be bothered tho, I'll save
you the trouble. I don't back down for anyone. I'm not intimidated by
anyone here now or when I was more active as a Vxer years ago. Oh, and
one more thing, The reason I love coding so much, is it's so easy to
prove or disprove what someone claims with it, you gain nothing in the
long run by stealing others code. It's a good way to keep some of us
honest.
I'm not here nor really interested in continuing pointless postsall
over the place. I'm here to lurk and occasionally post. To help if I
can. I've wasted enough time with this. I apologized already for
"spamming" in one group announcing the program, and I've apologized for
daring to ask for a sample to help someone.
Good Day kiddo,
Dustin Cook
http://bughunter.atspace.org
Simon.
>On Fri, 04 Nov 2005 19:13:42 -0500, Jeffrey A. Setaro
><jasetaro@SPAM_ME_NOT_mags.net> wrote:
>
>>>I see Sony has offered a remover:
>>>http://cp.sonybmg.com/xcp/english/updates.html
>
>>Art; what Sony/BMG is offering is not an uninstaller... It's a
>>de-cloaker. The patch removes the rootkit driver but leaves the DRM
>>software behind.
And you would be willing to install MORE software that SAYS it will decloak the
old software?
What if this program simply replaced the old software with something even worse?
Are YOU going to trust SONY after the mess they made first time?
I think not ...
>You're right. Terminology twist. I was thinking of the "uninstall" of
>the cloaking portion.
>
>>Read Mark Russinovich latest blog entry for full details.
>>
>><http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloaking.html>
>
>Art
>
>http://home.epix.net/~artnpeg
--
Simon.
'Be Seeing You.
Who is number one?
I will not be pushed, filed, stamped, indexed, briefed, de-briefed or numbered.
Registered Linux User #300464 Machine Id #188886
Linux Counter - http://counter.li.org/
Remove the s.p.a.m to reply
relic
>
>> Well I'll be
Fudk off dustbin. You are a fool and no one gives a fuck what you think.
Gabriele Neukam
> I suppose
> one might consider root kits as a subset of stealth malware just as
> some view worms as a subset of viruses. But that's just my impression.
> I don't recall seeing a terminolgy discussion/debate on that subject
> here.
Then it is bound to happen now. Few have an idea, what Stealth is, and
although I have been interested in virus question for nearly ten years,
I may be wrong.
I remember that stealth viruses would be sitting in the MBR, putting
the content of the original one into a different place, and when a
scanner would come along and try to read the MBR in order to check for
unwanted things, the (memory resident) virus would intercept this query
and present the scanner with the stored original MBR content as a
"result".
This is kind of hiding, too, although it isn't cloaking as in "run a
driver that makes everything that begins with $sys$ unnoticeable".
But the idea behind it is similar. Yet, the stealth virus would only
behave in one specific, determined way, while a driver allows for
interesting side effects, like the one that circumvents the Warden
memory scanning.
Gabriele Neukam
--
Ah, Information. A property, too valuable these days, to give it away,
just so, at no cost.
Dustin Cook
Gabriele Neukam wrote:
> I remember that stealth viruses would be sitting in the MBR, putting
> the content of the original one into a different place, and when a
> scanner would come along and try to read the MBR in order to check for
> unwanted things, the (memory resident) virus would intercept this query
> and present the scanner with the stored original MBR content as a
> "result".
Thats an MBR stealth infector.
> This is kind of hiding, too, although it isn't cloaking as in "run a
> driver that makes everything that begins with $sys$ unnoticeable".
No, but memory resident exe/com stealth infectors could. :)
They were able to prevent anything from noticing changes made to the
host executable, should something come along and want to scan it. It
did this by intercepting findfirst/findnextf routines. This is quiet
similiar to a windows system driver service.
> But the idea behind it is similar. Yet, the stealth virus would only
> behave in one specific, determined way, while a driver allows for
> interesting side effects, like the one that circumvents the Warden
> memory scanning.
The concept is close. The hidden driver sony installs is remapping a
few api calls to stealth items found during findfirst/findnextf
routines. It's filtering. And useful for things beside sony. heh.
Regards,
Dustin Cook
Dustin Cook
Rebecca wrote:
> Dustin Cook wrote:
> >
> >> Dustin - so don't buy Sony. Your choice. Why use the issue to try to
> >> prove your perceived intellectual superiority over others?
> >> Inferiority complex? Can't handle being contradicted?
> >
> > What in the world are you talking about? I'm not trying to prove any
> > superiority,
>
> That's good. You'd be laughed out of town if you did.
Uh huh. So tell me something wiz, Why are you using such insecure
software for usenet? Incapable of installing better software?
"X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2900.2670"
Entertaining. heh...
Dustin Cook
relic wrote:
> Dustin Cook wrote:
> >
> >> Well I'll be
>
> Fudk off dustbin. You are a fool and no one gives a fuck what you think.
Muahaha. I knew I 0wned your stupid punkass posts ago. Unf.
Thanks Bitch,
Dustin Cook
http://bughunter.atspace.org
Ken
seconds... to change news readers would take him seconds longer. Why
bother? People who know are safe. People who dont need to take the
longer road.
Aratzio
<bughunte...@gmail.com> got double secret probation because:
Now quick run away before he can respond and you can claim you got the
last word too.
--
Pierre Salinger Hook, Line & Sinker - May, 2005
Hammer of Thor - July, 2005
David Formosa (aka ? the Platypus) on 10-22-2005
Message-Id: <slrndlk3ae....@dformosa.zeta.org.au>
"But it is not isolated AUK has a massive impact the rest of usenet."
relic
Obviously dustbin hasn't a clue.
Jeffrey A. Setaro
<sj_brad...@blueyonder.co.uk> wrote:
>on Sat, 05 Nov 2005 00:24:25 GMT, Art <nu...@zilch.com> wrote this wisdom:
>
>>On Fri, 04 Nov 2005 19:13:42 -0500, Jeffrey A. Setaro
>><jasetaro@SPAM_ME_NOT_mags.net> wrote:
>>
>>>>I see Sony has offered a remover:
>>>>http://cp.sonybmg.com/xcp/english/updates.html
>>
>>>Art; what Sony/BMG is offering is not an uninstaller... It's a
>>>de-cloaker. The patch removes the rootkit driver but leaves the DRM
>>>software behind.
>
>And you would be willing to install MORE software that SAYS it will decloak the
>old software?
>
Nope... I've got backup images of my system going back several weeks.
I can wipe my system and restore from a clean image if I need to. @#$%
Sony and their patch!
>What if this program simply replaced the old software with something even worse?
>
Sony should review the federal trial courts ruling in the case of
Sotelo v. Direct Revenue. In its ruling, the court held that the
ancient legal doctrine of trespass to chattels (meaning trespass to
personal property) applies to the interference caused to home
computers by spyware.
See
<http://www.usatoday.com/tech/columnist/ericjsinrod/2005-10-11-spyware_x.htm>
for good overview of the case.
>Are YOU going to trust SONY after the mess they made first time?
>
Nope... But then I didn't trust Sony to begin with.
Jeffrey A. Setaro
>
>Quite interesting. Thanks Jeff.
>
Your welcome... I especially like the link to the NPR story where a
Sony BMG rep says "Most people I think don't even know what a root kit
is so why should they care about it"
<http://www.npr.org/templates/story/story.php?storyId=4989260>
Dumb, real dumb... Note to Sony: If you're going to kick a sleeping
tiger in the ass make sure you have a plan for dealing with the teeth
first...
4Q
> relic wrote:
>
> > Where did you form the idiotic notion that claiming to be a coder has made
> > you something to be in awe of? I was fixing code when you were in diapers. I
> > have no inner need to try to impress like you... as I've said before, fuck
> > off twerp.
>
> There you go again with the claiming. You and your ignorant trolling
> little pissant friends are the only idiots who haven't got a clue. Do
> you have any idea of the amusement your providing for alt.comp.virus?
*hehe* Good old classic Raid flame stuff... Dustin Cook is Raid.
He's a ACV flame legend and well known coder. Author of loads of
stuff and technically competent.
If you have made a logic error in your argument it won't be long
before Raidy wipes the floor with you. :))
Just thought I'd help, from ACV.
4Q (The Devil's Cyber Advocate)
relic
Lordy, lordy... youse got me shakin' in my boots.
BTW, Dustbin is a piece of shit.
4Q
Sorry. :(
>
> BTW, Dustbin is a piece of shit.
Well lots of people have said that of him (even me sometimes)
but he's actually not too bad. Just watch he doesn't accidently
run you over with his truck.
impartial observer. "I think the drunk guy just walked out into
the road, officer" ;]]
Kadaitcha Man
window cleaner, poured out:
> Dustin Cook wrote:
>> relic wrote:
>>
>>> Where did you form the idiotic notion that claiming to be a coder
>>> has made you something to be in awe of? I was fixing code when you
>>> were in diapers. I have no inner need to try to impress like you...
>>> as I've said before, fuck off twerp.
>>
>> There you go again with the claiming. You and your ignorant trolling
>> little pissant friends are the only idiots who haven't got a clue. Do
>> you have any idea of the amusement your providing for alt.comp.virus?
>
> *hehe* Good old classic Raid flame stuff... Dustin Cook is Raid.
> He's a ACV flame legend and well known coder.
BWAHAHAHAHAHAHAHAHAHA!
> Author of loads of
> stuff and technically competent.
>
> If you have made a logic error in your argument it won't be long
> before Raidy wipes the floor with you. :))
>
> Just thought I'd help, from ACV.
Dustbin Kook needs all the help he can get. He's already been made to squeal
apologies for something he didn't do. He's a fucking limp-wristed fairy.
> 4Q (The Devil's Cyber Advocate)
--
DISCLAIMER: The content does not reflect the thoughts or opinions of either
my ISP, myself, my company or employer, my friends (if any,) my goldfish or
my neighbour's mad dog; don't quote me on that; don't quote me on anything;
all rights reserved; the post is distribution copyrighted to the extent that
you may distribute the post and all its associated parts freely but you may
not make a profit from it or include the post in commercial publications
without written permission from the Prime Minister of Hutt Province; other
copyright laws for specific posts apply wherever noted or not noted, either
deliberately, negligently, or otherwise; posts are subject to change without
notice; posts are slightly enlarged to show detail; any resemblance to
actual persons, living or dead, is unintentional and purely coincidental;
hand wash only, tumble dry on low heat; do not bend, fold, mutilate, or
spindle; do not pass go; do not collect $200; your mileage may vary; no
substitutions allowed; for a limited time only; the post is void where
prohibited, taxed, or otherwise restricted; the post is provided "as is"
without any warranties expressed or implied; user assumes full liabilities;
not liable for damages due to use or misuse; an equal opportunity abuse
employer; no shoes, no shirt; quantities are limited while supplies last; if
defects are discovered, do not attempt to fix them yourself but return to an
authorised post service centre; caveat emptor; read at your own risk;
parental advisory - explicit words; text may contain material some readers
may find objectionable, parental guidance is advised; not suitable for
children; not suitable for adults; not for human consumption; keep away from
sunlight, pets and small children; limit one-per-family; no money down; no
purchase necessary; to approved purchasers only; facsimiles are acceptable
in South Australia; you need not be present to read this post; some assembly
required; batteries not included; action figures sold separately; no
preservatives added; tools not included; safety goggles may be required
during use; sealed for your protection, do not use if the safety seal is
broken; call before you dig; for external use only; if a rash, redness,
irritation or swelling develops, discontinue use; use only with proper
ventilation; avoid extreme temperatures and store in a cool, dry place; keep
away from open flames, naked flames and old flames; avoid inhaling fumes;
avoid contact with mucous membranes; do not puncture, incinerate, or store
above 60 degrees Centigrade; do not place near flammable or magnetic source;
smoking the post may be hazardous to your health; the best safeguard, second
only to abstinence, is the use of a good laugh; text used on the post is
made from 100% recycled electrons and magnetic particles; no animals were
used to test the hilarity of this post other than Synapse Syndrome; no salt,
MSG, artificial colour or flavour added; may contain traces of replies to
peanuts; if ingested, do not induce vomiting, if symptoms persist, consult
your humourologist; post is ribbed for your pleasure; slippery when wet;
must be 18 to read; possible penalties for early withdrawal; post offer
valid only in participating newsgroups; slightly higher in South Australia;
allow four to six weeks for delivery; damage from hurricane, lightning,
tornado, tsunami, volcanic eruption, earthquake, flood, orgasm, misuse,
self-abuse, neglect, unauthorised repair, damage from improper installation,
broken antenna, marred cabinet, incorrect line voltage, missing or altered
serial numbers, sonic boom vibrations, electromagnetic radiation from
nuclear blasts or other Acts of God are not covered; incidents owing to
aeroplane crash, ship sinking, motor vehicle accidents, leaky roof, broken
glass, falling rocks, mud slides, forest fire, flying projectiles or
dropping the item are also excluded; other restrictions may apply. If
something offends you, lighten up, get a life, and move on. All conditions
apply. Not available in all stores. Facts have been changed to protect the
guilty.
Olutcolldtmluteqouw,xohoeqxdlxqwfldtjteomtetjtezowm.Hlluteomtujomzt,qu
Zaymjmivdzaejdjdiejmpzmimyaogawjbmzemiaia,wewdgbi.Moaetmibwuyesepmizea
4Q
> 4Q, <paul...@hushmail.com>, the poached, ill-formed tally-whacker, and
> window cleaner, poured out:
> > Dustin Cook wrote:
> >> relic wrote:
> >
> > *hehe* Good old classic Raid flame stuff... Dustin Cook is Raid.
> > He's a ACV flame legend and well known coder.
>
> BWAHAHAHAHAHAHAHAHAHA!
*shrug* Well his flames entertained me and a few others.
> > Author of loads of
> > stuff and technically competent.
> >
> > If you have made a logic error in your argument it won't be long
> > before Raidy wipes the floor with you. :))
> >
> > Just thought I'd help, from ACV.
>
> Dustbin Kook needs all the help he can get.
I doubt it. But maybe he's quietened down a lot recently.
> He's already been made to squeal
> apologies for something he didn't do. He's a fucking limp-wristed fairy.
Now that is the kind of fuel to pour on Raid's fire.
I'm just going to stand back and watch. Looking forward
to getting a good laugh out of this.
4Q (The Devil's Cyber Advocate)
> --
> DISCLAIMER: The content does not reflect the thoughts or opinions of either
> my ISP, myself, my company or employer, my friends (if any,) my goldfish or
> my neighbour's mad dog; don't quote me on that; don't quote me on anything;
<snip>
Great disclaimer btw.
Kadaitcha Man
innkeeper of the pub, expanded:
> Kadaitcha Man wrote:
>> 4Q, <paul...@hushmail.com>, the poached, ill-formed tally-whacker,
>> and window cleaner, poured out:
>>> Dustin Cook wrote:
>>>> relic wrote:
>
>>>
>>> *hehe* Good old classic Raid flame stuff... Dustin Cook is Raid.
>>> He's a ACV flame legend and well known coder.
>>
>> BWAHAHAHAHAHAHAHAHAHA!
>
> *shrug* Well his flames entertained me and a few others.
>
>
>>> Author of loads of
>>> stuff and technically competent.
>>>
>>> If you have made a logic error in your argument it won't be long
>>> before Raidy wipes the floor with you. :))
>>>
>>> Just thought I'd help, from ACV.
>>
>> Dustbin Kook needs all the help he can get.
>
> I doubt it. But maybe he's quietened down a lot recently.
>
>> He's already been made to squeal
>> apologies for something he didn't do. He's a fucking limp-wristed
>> fairy.
>
> Now that is the kind of fuel to pour on Raid's fire.
> I'm just going to stand back and watch. Looking forward
> to getting a good laugh out of this.
Don't bother waiting. You can laugh now. Watch your hero obsequiously
acquiesce to his master:
From: "Dustin Cook" <bughunte...@gmail.com>
Newsgroups: alt.privacy.spyware,alt.windows-xp
Subject: Re: netKKKop alert - Dustin Cook
Date: 3 Nov 2005 19:51:13 -0800
Organization: http://groups.google.com
Message-ID: <1131076272.9...@g43g2000cwa.googlegroups.com>
NNTP-Posting-Host: 66.191.231.21
Kadaitcha Man wrote:
> But you're good at snecking groups, you fucking coward.
Coward? Lol, okay. I don't know what snecking is, and I'm not concerned
enough to look it up. Shrug. This whole thing started apparently? when
I complained about some user wasting a viable sample of something that
might be new, might already be known. Simply no way of knowing now.
I've already apologized for making such a grievous error, I'm not sure
what else I can possibly do to satisfy your flaming appetite... Lol.
So... once again, Sorry? heh.
Dustin Cook
http://bughunter.atspace.org
--
DISCLAIMER: The content does not reflect the thoughts or opinions of either
my ISP, myself, my company or employer, my friends (if any,) my goldfish or
my neighbour's mad dog; don't quote me on that; don't quote me on anything;
Fvfebofyuqfabuasgbsbsyfei,eiyypyuq,bieiarbasbkpafquggitp.Wufqugirvinfq
Fbbramhwhmephqfsrlmfehwfmrcjlwlhme,chmelgxhclgxwfsrlbxfp.Lqfbehehxbpxf
4Q
Well I recently heard he's dying so I guess he's got
better things to clear up on the coding and project front,
rather than endless flamewars.
Meanwhile I've got to get back to my own Google Groups
grepping code.
:))
4Q
Kadaitcha Man
cloakroom attendant, whimpered:
Hopefully, he will hurry up.
Pfrgzshfgxfzwsvwxfhbikzhyigpfgzxfhibghsehgdzehxfhiyhbigfwbhtzhvzftzdiw
Jcwbqjngrfofrzrbwqzowdnwbbrjzq,n,vzyowdwbqfqwpnjwj.Hcqfnbfnbrpncqbzc,x
4Q
> 4Q, <paul...@hushmail.com>, the huffy, knocked-out bus driver, and
> cloakroom attendant, whimpered:
> > Kadaitcha Man wrote:
> >> 4Q, <paul...@hushmail.com>, the repetitive, abhorrent waiter, and
> >> innkeeper of the pub, expanded:
> >>> Kadaitcha Man wrote:
> >>>> 4Q, <paul...@hushmail.com>, the poached, ill-formed
> >>>> tally-whacker, and window cleaner, poured out:
> >>>>> Dustin Cook wrote:
> >>>>>> relic wrote:
> >
> >
> > Well I recently heard he's dying
>
> Hopefully, he will hurry up.
*HAHAHA* Well I was going to say "shame on you" but
I must admit I laughed instead.
4Q
Kadaitcha Man
bleacher, whinnied:
That's fortunate for you. I cannot be shamed.
Mutdpydcdxaiblabbtcapk,bmxauahudgxptcd.Hbzbuakkbkblabkbcmlabumtdhdraky
Xvxxihxv,fauhslxbes,xexuzdxuixvsusladsnahgaispphzissiqjxh.Xiiafsghbchb
Aratzio
<compl...@relic211.cjb.net> got double secret probation because:
WOW, so that was *classic flame stuff*. I can see the world shaking in
fear at such flaming prowess. My gawd the destruction that could be
leveled upon usenet should he ever choose to depart those dank
dungeons of ACV for the more civilized portions of usenet. Woe is to
the flonker, meower or auker caught in the maw of that flame gawd.
Please do not antogonize Dustbin any further.
That or Dustbin could just put a dribble cup under his chan and keep
his drool to himself.
'Ratz
Aratzio
secret probation because:
>*shrug* Well his flames entertained me and a few others.
Easily entertained.
Aratzio
<nos...@fuck-off-and-die.com> got double secret probation because:
>
>Don't bother waiting. You can laugh now. Watch your hero obsequiously
>acquiesce to his master:
I do find it interesting these l33t coders use google to poast.
Kadaitcha Man
and dog-whipper, gnawed:
> On Sun, 06 Nov 2005 09:56:17 +0545, "Kadaitcha Man"
> <nos...@fuck-off-and-die.com> got double secret probation because:
>
>>
>> Don't bother waiting. You can laugh now. Watch your hero obsequiously
>> acquiesce to his master:
>
> I do find it interesting these l33t coders use google to poast.
I consider all google posters to be no better than AOLers.
Zdqnjngrklrlvonjngrmovmnmoyrdzrquyrdbnfodkvmnlnjurdmdzd.Bozojrkdiolzdq
Ezshrxzqhxj,xhyrmxmymrm,lzgcjrhsjrxdgjcjyhp,edyjz.Ghzpdgjgzyhpehgzyrzw
relic
Anything I can do to speed it along?
relic
It was really hard to tremble when the Master Flamer had to post that he's a
Flamer Par-Excellence. Now his minions are touting his prowess. Scary!
BTW, Dustbin is still a piece of shit.
survey...@yahoo.com
http://groups.google.co.uk/group/alt.comp.virus/msg/aac60cb4f2770149?hl=en
Art Deco
>"Kadaitcha Man" <nos...@fuck-off-and-die.com> wrote in
>news:42c49d59b4e84e9b...@comp.graphics.strapping.blow-
>stick:
>
>> Aratzio, <a6ah...@sneakemail.com>, the half-length, backward
>> garden shrub, and dog-whipper, gnawed:
>>> On Sun, 06 Nov 2005 09:56:17 +0545, "Kadaitcha Man"
>>> <nos...@fuck-off-and-die.com> got double secret probation
>>> because:
>>>
>>>>
>>>> Don't bother waiting. You can laugh now. Watch your hero
>>>> obsequiously acquiesce to his master:
>>>
>>> I do find it interesting these l33t coders use google to poast.
>>
>> I consider all google posters to be no better than AOLers.
>>
>
>Interesting.
>
>Google, like AOL, provides immunity.
>
>They (AOL/Google) don't give a shit.
Add Earthlink to this lits.
--
Official Associate AFA-B Vote Rustler
Official Overseer of Kooks and Trolls in alt.astronomy
"The original human being was a female hermaphrodite with
both male and female genitalia."
"Human beings CAN NOT live in a solar system without a sun
with a ferrite core and a planet without a solid iron core."
-- Alexa Cameron, Kook of the Year 2004
"I am a sean being from another planet."
-- Darla aka Dr. Why aka Dr. Yubiwan aka ...
Gabriele Neukam
said...
> Your welcome... I especially like the link to the NPR story where a
> Sony BMG rep says "Most people I think don't even know what a root kit
> is so why should they care about it"
>
> <http://www.npr.org/templates/story/story.php?storyId=4989260>
Ouch. If people didn't care before, they will afterwards. This case has
caused a lot of upheaval, enough to make the more savvy computer users
tell their families and friends, and thus multiply the effect.
The tiger is awake - and very annoyed.
Gabriele Neukam
--
Ah, Information. A property, too valuable these days, to give it away,
just so, at no cost.
Dustin Cook
relic wrote:
> Anything I can do to speed it along?
You could learn to code. The sheer surprise might do it. :)
Regards,
Dustin Cook
http://bughunter.atspace.org
Dustin Cook
survey...@yahoo.com wrote:
> You left acv's own Daddy D quaking in his boots
>
> http://groups.google.co.uk/group/alt.comp.virus/msg/aac60cb4f2770149?hl=en
So K-troll is likely a lesbain, huge thing you find on Dr Phil or Opera
or something that cant get off the couch. Probably never liked in
school by either sex.. (too large? too many twinkies? funny smell?) who
knows..
But thanks for clearing that up.
Regards,
Dustin Cook
Kadaitcha Man
and employee who values worthless objects, murmured:
> relic wrote:
>
>> Anything I can do to speed it along?
>
> You could learn to code. The sheer surprise might do it. :)
Oh dear.
> Regards,
> Dustin Cook
> http://bughunter.atspace.org
--
Qpamogfqxotdmgoypqefmpqqodpvroufmvm,fiefmmtqm.Dvinmtioaonvidoqmginod,o
Wcijiojcpwqjuqauglwneqjibcgirajlipiuxgjsgg.Gkofwibjyqaijlgbweqjgrxqkqs
relic
> relic wrote:
>
>> Anything I can do to speed it along?
>
> You could learn to code. The sheer surprise might do it. :)
Are you trying to bolster your stupid ego by imagining that only you can
create code? Post something you didn't plagiarize, or shut up.
You are a sad piece of shit, aren't you.
Aratzio
<bughunte...@gmail.com> got double secret probation because:
So that was a flame?
Dustin Cook
relic wrote:
> Dustin Cook wrote:
> > relic wrote:
> >
> >> Anything I can do to speed it along?
> >
> > You could learn to code. The sheer surprise might do it. :)
>
> Are you trying to bolster your stupid ego by imagining that only you can
> create code? Post something you didn't plagiarize, or shut up.
>
Easily Done, troll. Follow this link:
http://www.f-secure.com/v-descs/irok.shtml
You can follow this one too, it's a legit app I've written too :)
*Doink*
Your turn, fork some code.
Kadaitcha Man
animal, and employee who makes brooms from bundles of birch twigs, cooked
up:
> relic wrote:
>> Dustin Cook wrote:
>>> relic wrote:
>>>
>>>> Anything I can do to speed it along?
>>>
>>> You could learn to code. The sheer surprise might do it. :)
>>
>> Are you trying to bolster your stupid ego by imagining that only you
>> can create code? Post something you didn't plagiarize, or shut up.
>>
>
> Easily Done, troll. Follow this link:
> http://www.f-secure.com/v-descs/irok.shtml
BWAHAHAHAHAHAHAA! "My dick is bigger than your dick."
> You can follow this one too, it's a legit app I've written too :)
>
> http://bughunter.atspace.org
If you hadn't noticed, shit for brains, you're posting on usenet. You can
claim to be anyone you like and you can claim to have achieved anything you
like, but your claim and a few tawdry links doesn't constitute proof of
anything.
> *Doink*
>
> Your turn, fork some code.
And who the fuck might care about your code anyway?
Uootetzdunsotyoyzuvxrupxrxpuituvftrtyxnueuxeitlvjurtikx.Duyzsottsozpxr
Rytiwzhyb,yrdrzshrkidonzidrsgrkyiyddrsvyspzyoijyd.Xwbrsrvysiksbmwxpzyw
Kadaitcha Man
maker and ragpicker, spewed:
> On 6 Nov 2005 13:43:47 -0800, "Dustin Cook"
> <bughunte...@gmail.com> got double secret probation because:
>
>>
>> survey...@yahoo.com wrote:
>>> You left acv's own Daddy D quaking in his boots
>>>
>>>
http://groups.google.co.uk/group/alt.comp.virus/msg/aac60cb4f2770149?hl=en
>>
>> So K-troll is likely a lesbain, huge thing you find on Dr Phil or
>> Opera or something that cant get off the couch. Probably never liked
>> in school by either sex.. (too large? too many twinkies? funny
>> smell?) who knows..
>>
>> But thanks for clearing that up.
>>
>> Regards,
>> Dustin Cook
>
> So that was a flame?
I'm ruined. Burnt to a freaking cinder, I am. Woe is me.
Ijzmnrnatvnozh,vmkiinsqiwtm,tivwtmehqteomi,trtrwtm.
Xnznjmeivizioip
Gyhsgwymngshsjdugncdwgvmtgdcw,mzgkgycw,jmhzjlsjnwrgnv.Njzjzmkhyhns,kfn
Aratzio
<nos...@fuck-off-and-die.com> got double secret probation because:
>Aratzio, <a6ah...@sneakemail.com>, the tinpot, cack-handed fatso, and wig
>maker and ragpicker, spewed:
>> On 6 Nov 2005 13:43:47 -0800, "Dustin Cook"
>> <bughunte...@gmail.com> got double secret probation because:
>>
>>>
>>> survey...@yahoo.com wrote:
>>>> You left acv's own Daddy D quaking in his boots
>>>>
>>>>
>http://groups.google.co.uk/group/alt.comp.virus/msg/aac60cb4f2770149?hl=en
>>>
>>> So K-troll is likely a lesbain, huge thing you find on Dr Phil or
>>> Opera or something that cant get off the couch. Probably never liked
>>> in school by either sex.. (too large? too many twinkies? funny
>>> smell?) who knows..
>>>
>>> But thanks for clearing that up.
>>>
>>> Regards,
>>> Dustin Cook
>>
>> So that was a flame?
>
>I'm ruined. Burnt to a freaking cinder, I am. Woe is me.
I tinks joo bean offishully *tussled*.
Kadaitcha Man
and minor, worthless author of usenet posts, foolishly wrote:
> On Mon, 07 Nov 2005 09:03:04 +0545, "Kadaitcha Man"
> <nos...@fuck-off-and-die.com> got double secret probation because:
>
>> Aratzio, <a6ah...@sneakemail.com>, the tinpot, cack-handed fatso,
>> and wig maker and ragpicker, spewed:
>>> On 6 Nov 2005 13:43:47 -0800, "Dustin Cook"
>>> <bughunte...@gmail.com> got double secret probation because:
>>>
>>>>
>>>> survey...@yahoo.com wrote:
>>>>> You left acv's own Daddy D quaking in his boots
>>>>>
>>>>>
>>
http://groups.google.co.uk/group/alt.comp.virus/msg/aac60cb4f2770149?hl=en
>>>>
>>>> So K-troll is likely a lesbain, huge thing you find on Dr Phil or
>>>> Opera or something that cant get off the couch. Probably never
>>>> liked in school by either sex.. (too large? too many twinkies?
>>>> funny smell?) who knows..
>>>>
>>>> But thanks for clearing that up.
>>>>
>>>> Regards,
>>>> Dustin Cook
>>>
>>> So that was a flame?
>>
>> I'm ruined. Burnt to a freaking cinder, I am. Woe is me.
>
> I tinks joo bean offishully *tussled*.
Yes, I hace been *tussled*. Mentally raped, even.
Lqkduavylupyrgejiyvjvwu,zywjrjqjqzjwvgqwy.Zjmyiwjpyayurjzhjwvyquecguak
Dhuhotthtslnlitbindyihbhnsdbosnlhdboxbwolhwotclwuhtdclhbohn.Oghsobouht
Aratzio
<nos...@fuck-off-and-die.com> got double secret probation because:
>Aratzio, <a6ah...@sneakemail.com>, the light-minded, jittering whipster,
>and minor, worthless author of usenet posts, foolishly wrote:
>> On Mon, 07 Nov 2005 09:03:04 +0545, "Kadaitcha Man"
>> <nos...@fuck-off-and-die.com> got double secret probation because:
>>
>>> Aratzio, <a6ah...@sneakemail.com>, the tinpot, cack-handed fatso,
>>> and wig maker and ragpicker, spewed:
>>>> On 6 Nov 2005 13:43:47 -0800, "Dustin Cook"
>>>> <bughunte...@gmail.com> got double secret probation because:
>>>>
>>>>>
>>>>> survey...@yahoo.com wrote:
>>>>>> You left acv's own Daddy D quaking in his boots
>>>>>>
>>>>>>
>>>
>http://groups.google.co.uk/group/alt.comp.virus/msg/aac60cb4f2770149?hl=en
>>>>>
>>>>> So K-troll is likely a lesbain, huge thing you find on Dr Phil or
>>>>> Opera or something that cant get off the couch. Probably never
>>>>> liked in school by either sex.. (too large? too many twinkies?
>>>>> funny smell?) who knows..
>>>>>
>>>>> But thanks for clearing that up.
>>>>>
>>>>> Regards,
>>>>> Dustin Cook
>>>>
>>>> So that was a flame?
>>>
>>> I'm ruined. Burnt to a freaking cinder, I am. Woe is me.
>>
>> I tinks joo bean offishully *tussled*.
>
>Yes, I hace been *tussled*. Mentally raped, even.
Not much left but to withdraw from usenet in shame.
But if you are looking for true lamery, razor3k or what ever the idiot
goes by is back. Self styled flame gawd.
Kadaitcha Man
and officer of the Royal Stable who scrapes up horse manure, blurted:
No. I shall abscond from usenet in sheer shame. Goodbye, cruel usenet.
Ruined! Flamed to a crisp.
Fpflbxscbfmqthrrhtuescqrqfbyvhyuqtqxghbxbspbpq.
Vqyerbxqxbskwqrqylb
Gmrwlgdmokclgwobkdlaqkrmfwmcmcwqlgwordlemiwdwg,fwkldm.Bkyzfwmozdzdkwgq
Aratzio
<rbuc...@neubauten.org> got double secret probation because:
>On Mon, 07 Nov 2005 04:23:58 GMT, Aratzio <a6ah...@sneakemail.com>
>posted something accessible as
>news:gkltm1hshcvcb3ssg...@4ax.com in alt.usenet.kooks,
>selections of which I respond to below:
>And n00b.
Warning, something stinks.
Dustin Cook
Kadaitcha Man wrote:
> Dustin Cook, <bughunte...@gmail.com>, the woolly-headed, insecure farm
> animal, and employee who makes brooms from bundles of birch twigs, cooked
> up:
> > relic wrote:
> >> Dustin Cook wrote:
> >>> relic wrote:
> >>>
> >>>> Anything I can do to speed it along?
> >>>
> >>> You could learn to code. The sheer surprise might do it. :)
> >>
> >> Are you trying to bolster your stupid ego by imagining that only you
> >> can create code? Post something you didn't plagiarize, or shut up.
> >>
> >
> > Easily Done, troll. Follow this link:
> > http://www.f-secure.com/v-descs/irok.shtml
>
> BWAHAHAHAHAHAHAA! "My dick is bigger than your dick."
Eh? He asked for code, I provided 2 links. I didn't know it was a dick
comparison at this point. My bad.
> > You can follow this one too, it's a legit app I've written too :)
> >
> > http://bughunter.atspace.org
>
> If you hadn't noticed, shit for brains, you're posting on usenet. You can
> claim to be anyone you like and you can claim to have achieved anything you
> like, but your claim and a few tawdry links doesn't constitute proof of
> anything.
Fair Enough, I can claim to be anyone I like, I agree. However, I'm not
claiming to be Dustin Cook, I am Dustin Cook. I'm not pretending to be
Raid either, I'm the same person. While i'll give you the fact this is
usenet, sure; it is. But several people on alt.comp.virus can
substiante the claims I'm making in this post. They can also vouch for
the authenticity of the code on this two urls. The second url does
point to a real program I have written, I have written other programs
that are ten plus years old, some of which are still available on
simtel.net. You can find nuke32 in the msdos folder, under file/disk
utility or some such. If you want, I'll provide you the entire Core
collection of software I wrote when I was writing alot of freeware.
Hell, I'll even fork over my virus collection complete with full source
code; Something I can prove is mine; Since nobody but the author would
have the source code to irok v1.1c. I know this for a fact, because (a)
I wrote the virus family, and (b), I never released the source code.
Want more? How about the original source code to my first Weed virus?
Weed.3263 to be exact; You can look up more about it via google.com;
I'm getting tired of doing your homework for you.
This isn't a dick comparison contest either, I'm tired of your
bullshit. If you want proof, their are your options for it. If you
don't believe me, ask anyone in alt.comp.virus; Why would they lie to
you? 4Q a well known entity in the av and vx community (not just
usenet, like your stupid arse) already told you I am who I "claim" to
be. What the hell do you want?
I didn't tell you I was Raid to impress you, I simply got tired of the
assinine assumptions that I was new here, Didn't know anything about
usenet, yadda yadda yadda. I'm a well known and liked/hated coder who
is very good at it. It's what I do... And an ignorant fool like you
wants to play games with me? I'm not some usenet kiddy, I don't care
that much about usenet or flame wars. If all you have is assinine
comments.... this is a lost cause.
I'm not bullshitting anybody here, I've provided ways for you to
checkout my claims. How many people on usenet do you know willing to do
that? Idiot.
Regards,
Dustin Cook
http://bughunter.atspace.org
Dustin Cook
Fred Hall wrote:
> Post some code, phony. Let's analyze your superior virus-writing
> ability.
You should follow the url in my signature sometime. It points to a
program I wrote. I'll quote the main site for you:
BugHunter - MalWare Removal Tool
BugHunter is Copyright 2005 © by Dustin Cook.
All rights are reserved by author.
What is BugHunter?
BugHunter was designed to seek out and remove spyware/adware components
often left behind using other removal tools. These programs are known
by various names in the industry. CWS variants, Peper, etc. BugHunter
does not edit the registry of the system, it simply identifies and
optionally removes found files. As BugHunter relies on dat file
technology similar to that of a virus scanner, updates to the datafile
will be released from time to time on the Website. Much like Peperfix
and AboutBuster, this program is *not* designed to replace the malware
removal tools already available to you. It's simply designed to assist
you in the removal of some pesky malware executables that many other
applications miss. Likewise, BugHunter will very likely miss files the
other applications find.
With that being said, I invite you to download a copy and try it out
for yourself. BugHunter is released under the FreeWare concept. I
retain the rights to the program, but you may use it as you see fit so
long as you follow my licensing terms explained in the documentation.
At no time do you need to pay for this program. Donations are accepted,
please contact me for details.
BugHunter is currently at Version 1.6, Released October 4th, 2005. The
last pattern file update was October 25th, 2005 and scans for (with
optional renaming/removal) 164 malware executables.
Thanks for allowing me to give a shameless plug to my program. With
apologies to the other usenet newsgroups these fellows insist on
involving into this amusing fight.
I've already provided Relic with a url on f-secure's website about my
irok virus. I'm willing to provide you my entire Core software (it's
very old stuff, written 10+ years ago mostly, old freeware programs).
You can find some of them still on simtel.net in the msdos directory;
My real name and old mailing address are present on the documentation
accompanying them.
I'll also provide at your descrition my entire virus collection that I
wrote, bins, sources, all of it. I'm not worried about releasing the
material, because it's all old code; all virus scanners I know of can
deal with it, and it's highly unlikely you'll ever be able to assemble
and compile (heh, you'll have to do both) a working sample.
Will that do? :)
Towelie
fact that you expected that to be my own UA speaks volumes.
Dustin Cook
Towelie wrote:
> Good try, Dustin, but about a million miles wide of the mark. The very
> fact that you expected that to be my own UA speaks volumes.
Quoting is a nice thing. Would you mind doing that so I have some idea
of what this post of yours is in relation to? Thanks.
I removed comp.lang from the crosspost, as they've repeatedly asked us
to do so.
Dustin Cook
Ken wrote:
> What if he turned off the dangerous services... that would take a few
> seconds... to change news readers would take him seconds longer. Why
> bother? People who know are safe. People who dont need to take the
> longer road.
What exactly do the system services he may or may not be running have
to do with the insecurity of the particular newsreader (Email client
actually, a very bad one at that) he's using?
Outlook Express has a long wonderful history of exploits... I don't
recall any of them requiring a particular service to be running.
You were saying something about a longer road? I suppose you have the
directions. :)
Kadaitcha Man
ratsbane, and refiner of precious dung, alluded:
> Kadaitcha Man wrote:
>> Dustin Cook, <bughunte...@gmail.com>, the woolly-headed,
>> insecure farm animal, and employee who makes brooms from bundles of
>> birch twigs, cooked up:
>>> relic wrote:
>>>> Dustin Cook wrote:
>>>>> relic wrote:
>>>>>
>>>>>> Anything I can do to speed it along?
>>>>>
>>>>> You could learn to code. The sheer surprise might do it. :)
>>>>
>>>> Are you trying to bolster your stupid ego by imagining that only
>>>> you can create code? Post something you didn't plagiarize, or shut
>>>> up.
>>>>
>>>
>>> Easily Done, troll. Follow this link:
>>> http://www.f-secure.com/v-descs/irok.shtml
>>
>> BWAHAHAHAHAHAHAA! "My dick is bigger than your dick."
>
> Eh? He asked for code, I provided 2 links.
So, relic owns you.
> I didn't know it was a dick
> comparison at this point. My bad.
You're more stupid than you've already been given discredit for.
Oh, look at all that. 30+ lines of foam and froth in response to two
sentences of ridicule and pillory.
> --
> Idiot.
Great sig. Highly appropriate for you. Now, froth some more, foamboi.
> Regards,
> Dustin Cook
> http://bughunter.atspace.org
>
>
>
>
>>> *Doink*
>>>
>>> Your turn, fork some code.
--
Zcxrbrdlcrvmflxcfmnfhlplwbfzpltrlxbcbrxoflrdhsbvbxfrfr.Btxzsrmldxlvmrd
Zthdzelnegeyvnaegjnlethpejgnbhxzttzxlegjegeagqemhhtmate.Pqmpnlhyhoeahl
Kadaitcha Man
garbage hauler, and person who cuts and polishes coprolites for jewellery,
mewled:
No. More foam. I demand more foam.
Cohqxoxluunzqxpnqenyoxlc,qgoyqgquqmuouqkzlupuoanlgqkc.
Iqccnzlncflq
Uyxixkelyxtujeqmepuazhuveyoxztzljeqzzlqotx,xau.Pzmznqhtzxwulfqltqotxxp
Dustin Cook
John Henry wrote:
> Yo, bughunter.dustin, I dug her rap! Mah mama din raise no dummehs!
> Please explain why I'm supposed to believe that a guy who can't even write
> English properly is some ph33rs0m3 v1ru5 r1t3r
You've got to be kidding me. That's the impression I've left you with
my posts? That I'm some feared virus writer you should be cowering
around? I'm so sad for you. That wasn't the idea at all. An ex virus
writer I am, amongst other things. I'm not still active in the scene.
And I'm not the type of person you should fear either, unless you
believe the ramblings of Kim Neely. Since you likely don't know who she
is, She did an article several years ago in Rolling Stones magazine
about virus writers; And basically quoting everything I said on usenet
out of context. I barely spoke to her. If you've read the article, I
can understand your learyness.
Concerning how improperly I use words, Yes.. thats true, I do. Did you
know, most programmers can't take credit for the final documentation
you read? We're terrible with proper english. :)
I cross posted this to alt.comp.virus so they too can have a good laugh
at your expense. That was the intent of your response to me, right? :)
Have a good one,
Dustin Cook
http://bughunter.atspace.org
> --
> John Henry
> http://www.insurgent.org/~jhd
> Look upon my works, O Ye Mighty, and giggle.
Kadaitcha Man
degenerate, and employee who makes items for sale from vacuum cleaner
dust-bag emptyings, scrawled:
> John Henry wrote:
>
>> Please explain why I'm supposed to believe that a guy who can't even
>> write English properly is some ph33rs0m3 v1ru5 r1t3r
>
> You've got to be kidding me. That's the impression I've left you with
> my posts? That I'm some feared virus writer you should be cowering
> around? I'm so sad for you. That wasn't the idea at all. An ex virus
> writer I am, amongst other things. I'm not still active in the scene.
> And I'm not the type of person you should fear either, unless you
> believe the ramblings of Kim Neely. Since you likely don't know who
> she is, She did an article several years ago in Rolling Stones
> magazine about virus writers; And basically quoting everything I said
> on usenet out of context. I barely spoke to her. If you've read the
> article, I can understand your learyness.
>
> Concerning how improperly I use words, Yes.. thats true, I do. Did you
> know, most programmers can't take credit for the final documentation
> you read? We're terrible with proper english. :)
>
> I cross posted this to alt.comp.virus so they too can have a good
> laugh at your expense. That was the intent of your response to me,
> right? :)
15 lines of froth in return for one sentence. You're slipping, foamboi.
> Have a good one,
> Dustbin Kook
> http://bughunter.atspace.org
>
>
>
>> --
>> John Henry
>> http://www.insurgent.org/~jhd
>> Look upon my works, O Ye Mighty, and giggle.
--
Wprocpopvhfcpo,pnpnaqthfsogahxaqamfvfofhtntfodpwo.Zntmowaqamhfdladtvda
Cseeongrswbscwboc,tozjsbywgdsydevhhgyvhbycmvs.
Zblvtcsevywsevzpsdbo
Turan Fettahoglu
> in the sense you don't know what it's actually upto; Probably aren't
> warned it's installed...
In Germany this might be a criminal offence, known as "Datenveränderung",
section 303a German Penal code. I hope there is a state attorney who will
prosecute this.
Is there anybody left who dares to buy CDs from Sony?
Turan
Befunge Sudoku
turan.fe@invalid says...
> > The software is malicious only
> > in the sense you don't know what it's actually upto; Probably aren't
> > warned it's installed...
>
> prosecute this.
>
> Is there anybody left who dares to buy CDs from Sony?
The other major CD producers are using a similar DRM system, I
hear. Dunno if they also install stuff on your puter, tho.
Personally I prefer to keep the hifi and the dp separate
anyway.
--
Pneumothorax is a word that is long
Aratzio
<bughunte...@gmail.com> transparently proposed:
>
>I didn't tell you I was Raid to impress you
Not to worry, snookums, you did not.