forless.com
in [Spyware]
|
From: Rhonda Lea Kirk Fries on 5 Sep 2009 14:58 In news:Xns9C7CEA41E2101HHI2948AJD832(a)69.16.185.247, Dustin Cook <bughunter.dustin(a)gmail.com> wrote: > "Rhonda Lea Kirk Fries" <rhondaleakirk(a)earthling.net> wrote in > news:7gcqkaF2ll975U1(a)mid.individual.net: > >> One of the posters on a skydiving site I frequent is having a pop-up >> problem (but only on the skydiving site). The first pop-up he >> received said "welcome to sophalo.com." Of course, sophalo.com >> doesn't exist. Now he's getting this page: >> >> hxxp://shop2.forless.com/?pid=559&keywords=skydive >> >> No one else on the site has admitted to having a problem, so I >> suggested he try MBAM. No joy. He is, even as we speak, trying SAS, >> and I told him I would ask around about his problem in the meantime. >> >> I did some googling, and the two most interesting threads are these: >> >> http://www.windowskb.com/Uwe/Forum.aspx/windowsxp/266392/Pop-Ups >> >> http://www.windowskb.com/Uwe/Forum.aspx/windowsxp/266392/Pop-Ups >> >> I was hoping someone here might have some helpful input, and if so, I >> would appreciate hearing from you. Thanks much. > > I'd suggest he visit the forums at malwarebytes and post for help. One > of our expert malware personal should be able to assist him with > whatever issue the person is having. > > http://www.malwarebytes.org/forums/ Apparently he only did a quick scan the first time. I heard back today that when he did a full scan, it found five items. He removed those items, and the popups are gone. -- Rhonda Lea Kirk Fries The right to be heard does not automatically include the right to be taken seriously. Hubert H. Humphrey
From: Dustin Cook on 7 Sep 2009 18:31 "The Real Truth MVP" <trt(a)void.com> wrote in news:TMGdnZaEGsTifD_XnZ2dnUVZ_r6dnZ2d(a)giganews.com: > You can't do a heuristic scan of my file, the commands used are simple > every day dos batch commands. You can try but all it will do is cause Sure I can, easily. Any file containing links to your website, or your handle/nick. Hell, that's a hueristic by itself that will cause low false positives. > an inconvenience to your users such as the length of time the scan > takes, which is longer than other types. Also, depending on data since As your not actually a programmer of any sort, you obviously wouldn't know this, but it wouldn't take me 2 seconds on an old p3 cpu to scan and identify all lines in your batch file with the name pcbutts; if that is found AND a link to your website, AND it's a batch file (I can figure it out by the structure, hueristics again); it's stolen junk from you most likely and can be flagged, despite whatever lame little changes you make to evade detection. > it is only a batch file an increased number of false positives will > occur. You know that will happen because there is nothing malicious > about my files. I disagree. Your batch file will delete a required key disabling malwarebytes software; You will specifically rename our definitions file to fuckyou.ref, and create an empty definitions file; disabling our software's ability to protect the users. You also modify the users hosts file and disable our software from acquiring a replacement/legitimate definitions file. Those are all malicious actions on your part. -- Dustin Cook [Malware Researcher] MalwareBytes - http://www.malwarebytes.org BugHunter - http://bughunter.it-mate.co.uk
From: Dustin Cook on 7 Sep 2009 18:33 "Rhonda Lea Kirk Fries" <rhondaleakirk(a)earthling.net> wrote in news:7gfr8jF2piccjU1(a)mid.individual.net: > In news:Xns9C7CEA41E2101HHI2948AJD832(a)69.16.185.247, > Dustin Cook <bughunter.dustin(a)gmail.com> wrote: >> "Rhonda Lea Kirk Fries" <rhondaleakirk(a)earthling.net> wrote in >> news:7gcqkaF2ll975U1(a)mid.individual.net: >> >>> One of the posters on a skydiving site I frequent is having a pop-up >>> problem (but only on the skydiving site). The first pop-up he >>> received said "welcome to sophalo.com." Of course, sophalo.com >>> doesn't exist. Now he's getting this page: >>> >>> hxxp://shop2.forless.com/?pid=559&keywords=skydive >>> >>> No one else on the site has admitted to having a problem, so I >>> suggested he try MBAM. No joy. He is, even as we speak, trying SAS, >>> and I told him I would ask around about his problem in the meantime. >>> >>> I did some googling, and the two most interesting threads are these: >>> >>> http://www.windowskb.com/Uwe/Forum.aspx/windowsxp/266392/Pop-Ups >>> >>> http://www.windowskb.com/Uwe/Forum.aspx/windowsxp/266392/Pop-Ups >>> >>> I was hoping someone here might have some helpful input, and if so, >>> I would appreciate hearing from you. Thanks much. >> >> I'd suggest he visit the forums at malwarebytes and post for help. >> One of our expert malware personal should be able to assist him with >> whatever issue the person is having. >> >> http://www.malwarebytes.org/forums/ > > Apparently he only did a quick scan the first time. I heard back today > that when he did a full scan, it found five items. He removed those > items, and the popups are gone. > Normally shouldn't be required, I'll let Bruce know about it; Glad to hear it worked out in the end tho. Thanks for keeping me updated on it. -- Dustin Cook [Malware Researcher] MalwareBytes - http://www.malwarebytes.org BugHunter - http://bughunter.it-mate.co.uk
From: Dustin Cook on 7 Sep 2009 20:27 "The Real Truth MVP" <trt(a)void.com> wrote in news:rq-dnY3SrNq2CzjXnZ2dnUVZ_gadnZ2d(a)giganews.com: > If you want me to take it out then have Marcin email me directly > because I'm sure you lied to him about me and my software because you > started detecting mine first. He needs to know truth. I'm also getting > ready to partner with a competitor of yours who does not like your > company very much and they are very interested in what Remove-it will > soon be able to do. *I* didn't speak to Marcin concerning you. Your application came up in the experts forum, discussion took place, analysis followed, your program was added. Nobody lied to anyone about anything. I personally, speaking only for myself, don't care if you continue attacking our software or not. Your userbase doesn't concern me. Marcin may feel differently, but I don't speak for him. -- Dustin Cook [Malware Researcher] MalwareBytes - http://www.malwarebytes.org BugHunter - http://bughunter.it-mate.co.uk
From: JD on 7 Sep 2009 22:10 Dustin Cook wrote: > "The Real Truth MVP" <trt(a)void.com> wrote in > news:rq-dnY3SrNq2CzjXnZ2dnUVZ_gadnZ2d(a)giganews.com: > >> If you want me to take it out then have Marcin email me directly >> because I'm sure you lied to him about me and my software because you >> started detecting mine first. He needs to know truth. I'm also getting >> ready to partner with a competitor of yours who does not like your >> company very much and they are very interested in what Remove-it will >> soon be able to do. > > *I* didn't speak to Marcin concerning you. Your application came up in the > experts forum, discussion took place, analysis followed, your program was > added. Nobody lied to anyone about anything. I personally, speaking only > for myself, don't care if you continue attacking our software or not. Your > userbase doesn't concern me. Marcin may feel differently, but I don't speak > for him. > > Is there any way the two of you could take this and the other ongoing and pointless discussion to e-mail or just end it? You can't win with butts. MBAM is respected, butts is not respected. He seems to live for this bull$hit. No matter what you say to him he will come back with more senseless bull$hit. Have you been reading along with the other threads? He's tried to convince me that these two pictures are him: http://www.frontpageagency.co.uk/ "Sara x" http://www.shorthaircutstrends.com/tag/blonde-hairstyles/ "Chic Blonde Hairstyle" He's a female model? Please. 8-) -- JD..
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 4 5 Prev: 9710_7840_MOSCHIP_MSUninst Next: MalwareBytes & BitComet |