Full Disclosure mailing list archives
Re: Rootkit For Spyware? Hide your adware from all Adware removers and Anti-viruses
From: GuidoZ <uberguidoz () gmail com>
Date: Thu, 23 Sep 2004 12:47:16 -0700
As I referenced in my previous reply, Todd stated what I was arguing against.
We all know it doesn't take a lot to hide from the normal everyday user on the internet. I believe that is what they meant by "hide from everything". Of course it isn't completely hidden. But normal users are not sniffing packets from a computer on a isolated network to find things.
I took the word "everything" literally. Hence why I argued it was mere spam with false claims. Also, why I asked "If this was actually possible, don't you think it would of been big news?". For example, we likely would of seen code/discussion for it on this mailing list, or ASM on Rootkit.com before receiving a spam email for it. But again, I suppose this is also speculation to a point. I by no means consider myself the most knowledgable on the topic. Harlan, forgot to mention this before: Awesome website. I'm looking for a good price on the book in another tab while typing this email. =) -- Peace. ~G On Thu, 23 Sep 2004 13:59:04 -0500, Todd Towles <toddtowles () brookshires com> wrote:
We all know it doesn't take a lot to hide from the normal everyday user on the internet. I believe that is what they meant by "hide from everything". Of course it isn't completely hidden. But normal users are not sniffing packets from a computer on a isolated network to find things. We live in a different world than the normal person, that is what I tell my non-computer friends anyways. -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of GuidoZ Sent: Thursday, September 23, 2004 11:54 AM To: Matt Cc: Will Image; full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Rootkit For Spyware? Hide your adware from all Adware removers and Anti-virusesIt is quite possible to hide processes, reg keys and files, and is often done by various malware.Aye. I didn't word my statements correctly. (Was tired... =P ) You are very much correct. I guess I was trying to speak along the lines of AV detection and forensics. I've yet to find a rootkit, spyware, or malware that is COMPLETLY hidden, in every aspect, from the user. There is always a way to find it. Granted, they can bypass the "usual means" (regedit, taskmanager, etc) in Windows, however there are specialized tools (process viewers for example) that show hidden processes. What I meant to express is they seem to claim being able to hide from everything. (Even if an AV solution detected the very program they use as an installer.) That, I doubt. To save someone else from saying this, I'll reply to my own comment. =)I've yet to find a rootkit, spyware, or malware that is COMPLETLY hidden, in every aspect, from the user.Well, DUH. How could you find it if it was COMPLETELY hidden? ;) Clarification: The user and a sysadmin that has a clue are two very different people.) -- Peace. ~G On Thu, 23 Sep 2004 14:38:34 +1000, Matt <matt () systemlinux net> wrote:GuidoZ wrote:Interesting indeed. Although, I imagine this was a spam email, and Inever believe (nor buy) anything from spam. I wondr how credible this really is. If there was such a way to do what they claim, don'tyou think it would have been big news? >One would think you wouldn't first hear about it through spam.It is quite possible to hide processes, reg keys and files, and is often done by various malware.Also - nice website they have. http://www.randexsoft.com Simplysays:Access Forbidden -- Go away. I love a company who is customer friendly. -- Peace. ~G On Wed, 22 Sep 2004 20:10:28 -0700 (PDT), Will Image <xillwillx () yahoo com> wrote:I recieved this in my inbox today: how long do you think this company will last?Date: Wed, 22 Sep 2004 19:02:44 -0400 From: Jacques Tremblay <jacques.tremblay () gmail com> To: xillwillx () yahoo com Subject: Hide your adware from all Adware removers and Anti-viruses To: Business development manager Subject: Hide your adware from all Adware removers and Anti-viruses Hi, Adware removers are gaining in popularity and they cause a big revenue threat to adware based businesses, as we see our software installations get desinstalled after a period of time thatis shorter and shorter, we see our revenues get smaller and smaller. Why would an honest adware based business lose revenue just because some adware remover has identifyed it as being something toremove ? We beleive we have the right to hide from these adware removers as long as we provide a way for the user to uninstall and that he agrees that the software will be uninstalled only with the provided uninstaller. It is in that spirit that we created the solution to the problem : AdProtector 1.2 We have developed software capable of hiding your software from all adware removers and anti-viruses on a Windows NT/2000/2003/XP machine. Basically we have filtered the windows kernel so that we could mofify the behavior of the system itself. So now we can hide anything we want from windows. It can : - Hide Registry Keys - Hide Files - Hide Processes By hiding these 3 key elements from windows, your application won't ever be detected by any adware removers. Interesting ? For more information or to resquest a Demo : email : hexa () randexsoft com Business is moving fast, keep ahead of the competition!
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Rootkit For Spyware? Hide your adware from all Adware removers and Anti-viruses Todd Towles (Sep 23)
- Re: Rootkit For Spyware? Hide your adware from all Adware removers and Anti-viruses GuidoZ (Sep 23)