Re: Can you really 100% clean a compromised machine 100% of the time w
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 11/15/05
- Next message: lazaruslong: "Re: "TROJAN" in System Volume Information folder"
- Previous message: Kerry Brown: "Re: Can you really 100% clean a compromised machine 100% of the time without wiping it?"
- In reply to: Mike Hall \(MS-MVP\): "Re: Can you really 100% clean a compromised machine 100% of the time w"
- Next in thread: Leythos: "Re: OT Reply: Can you really 100% clean a compromised machine 100% of the time w"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 14 Nov 2005 21:20:25 -0500
From: "Mike Hall (MS-MVP)" <mikehalll@mvps.org>
| David
|
| I think that it was you with the suggestion that a Google search on pcbutts1
| would be interesting.. hmmmmm.. he has no friends.. and is he still trying
| to coerce people into downloading anti-spyware from his own site?.. is it to
| make it look like they are his creation, or to deal a few java/byteverify
| exploits to test the downloaded progs?
|
Leythos suggested a Google search.
PCBUTTS1 web site has been password protected since he posted a SmitFraud Removal tool and
the code was edited by him to obfuscate the true creator, hoahdfear. He replace most, but
not all, strings of 'noahdfear' with 'PCBUTTS1' to make it look like he was the author of a
batch script. However, he failed to repalce all strings and the true author left code to
update a log file as...
echo smitRem log file>>%systemdrive%\smitfiles.txt
echo version 2.2>>%systemdrive%\smitfiles.txt
echo.>>%systemdrive%\smitfiles.txt
echo by noahdfear>>%systemdrive%\smitfiles.txt
echo.>>%systemdrive%\smitfiles.txt
He was confronted with the plagiarism of the code and PCBUTTS1 went right back and edited
the file and replaced
the reamaining strings of 'noahdfear' with 'PCBUTTS1'. He then password protected his web
site to prevent further scrutiny.
He's done that sh!t before with VBS code he stole from Kelly's Corner.
He has also stolen code from Mike Burgess. He denounces the good work of MS MVP's but then
turns around and steals their hard earned work !
He once posted information to create a Registry file. He did not realize that a few lines
were very long and wrapped when posted via a News Client. I challenged to him to look at a
set of instructions he posted to create a .REG file and told him he left out critical
information for the resultant .REG file to work. I gave him a good week to discern the
problem. He couldn't and I followed up and posted that the resultant .REG file needed
certain lines to be unwarapped for the .REG file to work poperly. He insisted that was
nothing wrong. Since I know the Registry and how to create and edit .REG files I knew
otherwise and this discourse proved that he had zero skills in working with the Registry and
proved as well that he has no programming skills. Thus, he has to steal code from others to
make himself look like a hero if he does help somone erradicate and infection. The problem
is he doesn't give credit to the real author and he replaces the text in the code stating
the true author with his own name. Such as...
echo.
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo º º
echo º Trojan-Spy.HTML.smitfraud.c Killer º
echo º º
echo º by noahdfear º
echo º º
echo º version 2.7 º
echo º º
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍͼ
with...
echo.
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo º º
echo º Trojan-Spy.HTML.smitfraud.c Killer º
echo º º
echo º by pcbutts1 º
echo º º
echo º version 2.2 º
echo º º
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍͼ
echo.
The reason PCBUTTS1 has "version 2.2" in his file was that was the time of his stealing the
code and remained that way when I downloaded the files from his web site ~9:45AM (ET)
Sunday, Oct. 23.
Pond scum is too kind to describe PCBUTTS1 !
-- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm
- Next message: lazaruslong: "Re: "TROJAN" in System Volume Information folder"
- Previous message: Kerry Brown: "Re: Can you really 100% clean a compromised machine 100% of the time without wiping it?"
- In reply to: Mike Hall \(MS-MVP\): "Re: Can you really 100% clean a compromised machine 100% of the time w"
- Next in thread: Leythos: "Re: OT Reply: Can you really 100% clean a compromised machine 100% of the time w"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
