~BD~ <~BD~@nomail.afraid.com> wrote in
news:-YKdnR4908dDp0HQnZ2dnUVZ7qidnZ2d@bt.com:
> Dustin wrote:
>> ~BD~<~BD~@nomail.afraid.com> wrote in
>> news:JbOdnWq4f_L0sEHQnZ2dnUVZ8sGdnZ2d@bt.com:
>>
>>>>> Life wasn't meant to be easy! You could, and should, try to make
>>>>> a difference and help protect others.
>>>>
>>>> I have.
>>>> http://bughunter.it-mate.co.uk
>>>
>>> So why did *you* 'flunk out'?
>>
>> flunk out of what, exactly?
>
> BugHunter is DISCONTINUED SOFTWARE!
And that's flunking out? So.. I need to keep not only a Jenn
dictionary handy, but now a BD dictionary?
Without getting too technical, I was working fulltime for another
company doing the same thing. The engines in that companies product
and bughunters are not compatable in any possible way. To continue
updating BugHunter and malwarebytes required double the work. I saw no
point in that. One was a paying gig, the other was on my time.
Obviously, I do have to make a living.
I'm pretty sure (yes, in fact, I found the post) explaining this
practically word for word once already to you. As I said, you really
don't retain much of the information that's been provided. HTML was
one example, this is another one.
> No support of any kind is offered and no updates will be
> forthcoming. The source code is not available. Emails requesting the
> source code will be ignored. The mailing list has been deleted and
> no email addresses have been preserved for client privacy reasons. I
> thank all those who assisted me during testing/development and
> documentation rewrites. I also thank those who provided samples for
> analysis and possible inclusion into the BugHunter database. I
> enjoyed writing the software over the years and I sincerely hope
> it's been of use to you.
Well, since we're being anal...
http://bughunter.it-mate.co.uk/changes.txt
*Version numbers only change when serious program updates occur*
BugHunter v2.2e February 1st, 2008
1. EngUpd: BugHunter will now display the total amount of directories
to be scanned when recursive is turned on.
2. EngUpd: Modified display update routines slightly.
3. EngUpd: Altered management of arrays to improve speed.
BugHunter v2.2e January 23rd, 2008
1. EngUpd: BugHunter will stop and let you know if you accidently try
to run it directly from read-only media such as a CD-ROM.
2. EngUpd: BugHunter will now display current pass out of total
passes on screen. BugHunter makes a pass for each BUGSIG. file
found in current directory. This is presented to the lower right
hand corner of the screen besides the total percentage done.
3. DocUpd: Documentation Updates, BUGHUNT.TXT, this file.
4. IniUpd: Updated INI configuration file comments.
BugHunter v2.2e January 16th, 2008
1. Removed code neutralizing routines.
2. Adjusted minor string handling routines.
BugHunter v2.2e Build #3 public - January 7th, 2008
1. Fixed issue with BugHunter possibly being several minutes off on
the scantime report. If you start a scan a few minutes before
midnight and it doesn't finish with the scan before midnight; the
scan time BugHunter estimates will be completly wrong. This is a
known issue and not something I plan to fix right away, sorry.
2. Changes to various screen prompts.
3. Changed copyright dating to reflect the new Year.
BugHunter v2.2e released December 20th, 2007 - Build #1
1. The code neutralizing routines can be turned off via a toggle
inside the configuration file.
2. A few minor visual display changes/bugfixes.
BugHunter v2.2d Released September 2nd, 2007
1. As of now, BugHunter will try to neutralize malicious
executables and scripts before deletion. If the file
cannot be deleted, but the neutralization was succesful
the file will no longer pose any threat to your system.
It will be converted into an MSDOS 16bit .EXE file which will
display a message and quit.
2. Screen updates and other minor changes with layout.
BugHunter v2.2c - BugFix release August 4th, 2007
1. A certain subroutine was disabled in a previous fix, resulting
in the possibility of BugHunter missing files for scanning
purposes.
2. Additional information is now included in the documentation,
BUGHUNT.TXT and the FAQ file BUGFAQ.TXT giving you a general idea
of what BugHunter does and how it works.
3. Various code optimizations have finally been completed!
BugHunter v2.2c Final Released officially July, 2007
1. BugHunter now properly runs if it's signature files
are set to read-only.
2. Two memory leak issues have been resolved.
3. Minor optimization changes, should result in slightly faster
scantimes on some older systems.
BugHunter v2.2c build 6207 June 2nd, 2007
1. BugHunter now offers a percentage completed in almost all cases
when it's scanning your system.
2. BugHunter can now be completely automated via the command line.
You can for example, schedule it to run as a nightly task.
BugHunter v2.2c documentation updates May 19th, 2007
1. Updated BUGHUNT.TXT
2. Updated this file
3. Two new files included, HOWTO9X.TXT and HOWTONT.TXT,
these are both quickstart guides for dealing with a machine
already suspected of being infected. If you don't want
to read the documentation, these files will give you the
general idea to get you going.
BugHunter v2.2c released April 19th, 2007
1. Documentation updates
2. BUGINFO.DAT has been replaced by seperate files, one
for each datafile.
3. Potential Crash Scenario resolved.
4. BugHunter will now display current directory number, total
directories and percentage of current job done anytime
"Searching" comes up on the screen.
BugHunter v2.2a released April 16th, 2007
1. Documentation update
2. Added two additional files to the archive.
PROCESS.EXE and SAFEBUG.BAT; See BUGHUNT.TXT
for a description of these files.
BugHunter v2.2a Released April 2nd, 2007
1. BugFix: Searching routine could hang on bad data stream.
2. FixSpy.reg has been replaced with a much more up to date
version provided by David Lipman, author of Multi-AV.
3. Documentation Update: cleaned it up a little bit.
4. Exit routine change, BugHunter offers contact information when
quitting.
BugHunter v2.2 Released February 24th, 2007
1. BugFix: Display routine for [ER] occasionally reported an invalid
file. Ie: the file read fine, but was said to be bad on screen
anyway.
2. BugFix: BugHunter will no longer report no files were deleted
and/or
no files were renamed if nothing was found; this was redundant.
BugHunter v2.1 engine update Released February 17th, 2007
1. BugFix: BugHunter will no longer hang on partially unreadable
files. Instead, the filename followed by [ER] will be
shown on screen. If this happens, You are encouraged to
run a disk repair utility, chkdsk or another, as you may have
file system damage present; which can interfere with the scanning
process as well as the general operation of your computer.
2. LogChange: Previous versions could skip writing valuable
information to the logfile depending on the length of the
directory and found malware.
3. Documentation Update: replaced remaining pattern references with
signatures.
4. FAQ Update: replaced remaining pattern references with signatures.
Made suggestion to update your copy if your still getting a lock
condition, as this has been resolved.
BugHunter v2.1 Released January 13th, 2007
1. BugFix: BugHunter reset attributes on every file, and
didn't set them back. My apologies for any problems
this may have caused people. The most reported problem
was desktop.ini opening with notepad when you logged into
windows. From now on, the only time attributes are changed
is if BugHunter is attempting to delete the file.
2. Cosmetic Change: BugHunter doesn't display "Now Checking..."
followed by folder/directory names. Instead your greeted with
"Checking: "and the full path of the file in question.
3. Engine Update: BugHunter will now report when it has completed
Checking and has resumed Searching. Previously it would appear
to have locked up when it was searching the whole time.
BugHunter v2.0 Build #2 Released January 8th, 2007
1. Changed the way some text routines are processed.
2. BugFix: BugHunter wouldn't run properly under win98(se)
since v1.9.4; fixed.
BugHunter v2.0 Released January 4th, 2007
1. Engine Update: BugHunter handles signature information
differently than previous versions. This will allow
the signature database to grow as needed easily.
2. BugHunter is able to provide a more descriptive name
besides "Full Match!"- This will be updated often.
3. Minor cosmetic tweaks to the GUI and logfile routines.
BugHunter v1.9.4 Released October 13th, 2006
1. Gui Update: New selection, D- allows you to select
what happens to files that are detected as malware
on a file by file basis.
2. BugFix: an older bug, users probably would never encounter it,
but it's fixed now anyway.
BugHunter v1.9.3 build #2 Released October 10th, 2006
1. Engine Change: BugHunter no longer stores a list
of filetypes known to carry malware. Files are scanned
regardless of supposed filetype if BugHunter suspects
it may be a known malware executable.
2. Documentation Update: To better clarify exactly
what BugHunter is. Some individuals mistakenly assumed
that BugHunter is only to be used in the event that you have
already tried everything else. This is not the case. While
BugHunter is certainly useful in those circumstances when
windows will either not boot and/or your antimalware program
will not run, You are not limited to such a scenario. BugHunter
can be used as the user wishes to scan the system at anytime
for known malware.
BugHunter v1.9.3 Released September 8th, 2006
1. Gui Change: BugHunter will no longer list directories
as it scans each filetype. Instead, directories will be
listed onetime and BugHunter will simply scan for all
known types of files. This change only affects the GUI
portion of BugHunter, No changes have been made to the way
the logfile is written. Ie: If you have full logging
enabled, you will still have all the details of v1.9.2
*This was done to improve scantimes.
BugHunter v1.9.2 Released August 15th, 2006
1. Engine Update: BugHunter can detect several more
types of files which are known to either be
malware themselves, or installers for such.
2. Gui Update: Minor revision to main menu.
screen says the word "brackets" now.
BugHunter v1.9.1 Build #3 Released August 4th, 2006
1. BugFix: File I/O error could cause BugHunter not
to complete a read which would pass a possibly bad file.
2. BugFix: Checking indicator would sometimes overwrite
other sections of the screen while BugHunter started
scanning.
BugHunter v1.9.1 Released July 28th, 2006
1. BugFix: Possible lock condition with some files.
2. LogChange: BugHunter will now make a note of files
which denied read access during scanning.
3. Cosmetic Change: When showing Checking, the filename
is now properly formatted to stay in one location.
4. Created a new file which I plan to continue
updating as time allows. PARTLIST.TXT contains
a partial list of the malware known to BugHunter.
BugHunter v1.9 b#2 released July 22nd, 2006
1. Changed file opening request type in the crc engine.
2. Edited BUGHUNT.INI file; BugHunter will not scan
network mapped drives, cdroms or anything else. Only
local fixed disks by default.
3. Minor Documentation changes.
BugHunter v1.9 released to the public July 15th, 2006
1. BugHunter displays the total amount of files scanned
on screen and in the logfile when a scan is completed.
2. Moved locate.com configuration to the ini files,
you can edit the full path and parameters passed to the
program as well as choose the name for the temporary data.
BugHunter is preset to do a recursive scan on all drives mapped
to the computer from which it's run, and store this information
in C:\BUGHUNT.DAT; Regardless of custom settings you define,
BugHunter will scan root of all drives from C: to Z: (if they
exist).
3. A possible lockup condition only observed on HP's so far has
hopefully
been fixed. Please send me an email if this program locksup during
a scan on you.
4. Moved 2klogin.reg and xplogin.reg to fixes.zip with a better
explanation
of what these files are. They have been moved to a seperate zip to
prevent accidental importation into the registry.
5. Documentation Updated.
BugHunter v1.8 Build #6 release to the public July 2nd, 2006
1. The new crcing engine is now being used. This should result
in a very fast scan time on most pcs. If BugHunter previously
took 20 minutes on your machine, it should finish in less
than 2-3 minutes or so now.
2. Various memory optimizations.
3. Documentation update (07-08-2006)
4. Altered both *.NT files, very basic now, should work with
all systems regardless of installation folder.
5. The Scan: view has been removed in this build, you wouldn't have
time to read it now anyway. *grin*
BugHunter v1.8 Build #5 released to the public June 30th, 2006
1. Minor cosmetic tweak so bughunter will display 1000 and
above pattern entries nicely on the main menu.
2. modified parameters passed to locate.com, No more
duplicate directories which increases data compilation
in the beginning and the amount of time required to scan.
3. BugHunter will show Scan: and the filename of any file
which has a partial match, IE, the filelength is the same
as known malware, BugHunter will pause for a moment to take
a closer look.
BugHunter v1.8 Build #4 pattern update! June 2nd,2006
1. Created a new file called newpat.txt which explains
whats new in the pattern release.
2. Updated FIXSPY.REG to remove more of the desktop hijackers
It's all still related to SpyAxe; Sorry people they are!
BugHunter v1.8 Build #4 Released May 20th, 2006
1. Two bugs fixed. One which would cause a lockup condition
and another which disabled user defined directory scanning
since the last build release. Woops.
2. Several new patterns Added. Vundo trojan varient, Winfixer2005,
and Spyware Stormer. Bringing the new total number of junk
that nobody wants over 620. Future releases will contain a
newpat.txt file listing changes regarding what BugHunter scans for.
This should satisfy some individuals who wish to know by name what
this program looks for.
BugHunter v1.8 Released April 15th, 2006 around 10pm
1. BugHunter scantime should be much shorter now. BugHunter
is no longer actually doing a crc on the file everytime
it thinks the file may match. If a partial match occurs,
a single crc is done for later comparison of said file.
2. Added two *.NT files, these are only necessary if you
are getting an error similiar to the following:
The system file (either CONFIG.NT or AUTOEXEC.NT) is
not suitable for running MS-DOS and Windows Applications.
In this case, copy the included files to your windows
install directory\system32. The error message will include
the exact location and name of the file. Copy one of the
included ones to this location.
3. New patterns designed to remove movielink.tv browser hijacker.
4. BugHunter will scan several more file extensions now.
5. Fixed another lockup issue with some systems. Please report
any further lockups to my email address.
6. Added a status indicator of sorts. It's represented by
a short line which consists of dots. Each dot represents a partial
record hit on the current file in question. The indicator is
updated as more hits are recorded, and is erased when BugHunter
has completed the current task. The indicator is not for accuracy
and should not be used to make any sort of determination with
regard to a suspect file. The indicator is primarily to let you
know BugHunter is still running.
Release #4
1. A few memory issues have been resolved. BugHunter should do better.
2. A possible lock condition has hopefully been resolved. It's
extremely
difficult to reproduce. if BugHunter locksup during scanning on
you, Please email me the log file and the build.001 one present
in the directory you executed it from.
3. A few more samples have been added. Bringing the total known
junk that nobody wants to 513.
Release #2 of v1.7.1
1. An odd repeat loop condition has been observed in some cases,
this has been fixed?...
2. Potential error condition reading configuration files fixed.
3. Potential error condition reading recursive scan data fixed.
4. 3 new Patterns added.
Changes since v1.7 Public Release
(or whats new in v1.7.1)
1. BugHunter parses it's configuration file properly now. (Er, in most
cases...); If anybody finds another problem with the handling
routines, please let me know.
2. There have been several pattern updates since v1.7 was initially
released. Two products that BugHunter detects and will remove are
known as Spyware Strike (v2.5) and Security Toolbar
(from www.securityindex.net). SpyAxe is also detected, and removed!
However; BugHunter does not fix the annoying popup window located
on your taskbar. It's a registry key which controls it.
3. v1.7.1 of BugHunter uses slightly less memory then previous
versions,
pattern indexing information has been updated so future versions
can easily be written without any change to the pattern file
system.
4. Further improvements to the parsing routine have been made, This
should
ensure easy configuration of the program. Fixed entries in the .ini
file have been removed; BugHunter can be controlled now via
commands included in the configuration file. Please see a
configuration file and/or the documentation for more information.
Changes since v1.7 public release
1. A problem with the parsing of the configuration files has been
corrected. BugHunter will properly read customized directories if
you toggle recursion off. v1.7 would skip the first one, and not
accuratly display all of them.
2. Fixed an error with the display; v1.7 wouldn't display the correct
number of files that were scanned.
3. Added two new samples. MSDF.DLL (Seems to be rather popular at the
moment)
and another browser hijacking random named .dll file.
Changes for PUBLIC release of v1.7
1. A security risk concerning the pattern file being tampered with
has been corrected.
2. BUGHUNT.TXT has been updated specifically for this version.
3. Several new patterns have been added since beta testing.
Changes since v1.7 initially entered beta testing
1. More Cosmetic changes to the logfile.
2. Finally fixed the time/date glitch with regard to logfile date/time
stamp. Sorry
3. Improved .ini file layout and handling. Please see BUGHUNT.INI or
BUGHUNT.TXT for details.
4. Added LOCATE.TXT (it accompanies LOCATE.COM)
5. BugHunter supports only writing found malware, action taken, and
result
to the logfile, or full logging as it always has. See BUGHUNT.INI
6. BugFix: a potential crash scenario with the way the BUGHUNT.PAT was
being read, fixed.
7. BugFix: BugHunter could fail to report the correct amount of time
taken to complete a scan, hopefully fixed!
Changes since v1.6 of BugHunter:
1. Cosmetic changes to the logfile. Should be easier to follow
and read, and be friendly for older printers that wish to make
a hard copy of it.
2. BugFix: BugHunter now remembers your log settings, and will not
create a new logfile when it's supposed to be appending to the
already existing one.
3. Additional Malware signatures have been added; 223 items now!
4. DocFix: Typos have been corrected in the .FAQ.
5. BugHunter now supports comments in the .INI files. Any line that
begins
with # or ; is considered a comment and ignored by BugHunter. You
may place comments anywhere you like inside the .ini files.
6. IniFix: Documents and Settings/all users/programs/startup folder
has been added for scanning.
7. BugHunter now optionally supports full recursion. Settable
via the BUGHUNT.INI file. You are encouraged to examine
the one included. LOCATE.COM is required for this feature.
8. RegMod: The included FIXDESK.REG has been replaced with XPLOGIN.REG
and 2KLOGIN.REG respectively. Import the one corresponding to the
OS your running if windows immediatly logs you on and off after
removing malware. Specifically, check the BUGHUNT.LOG for the
removal of WSAUPDATER.EXE file.
9. FYI: There are no plans currently to support scanning across a UNC
name. BugHunter does not support directories longer then 80
characters in total length of name. Support will eventually be
added to deal with this.
Changes since v1.5 of BugHunter:
1. Cosmetic changes to some error messages.
2. Additional Malware signatures have been added; 156 items now!
3. Memory optimizations; BugHunter uses slightly less ram now then
did previously.
4. BUGHUNT.TXT has been siginificantly revised and should be
easier to follow Now.
Changes since v1.4 of BugHunter:
1. Entries added to the pattern file to deal with MalWare. 124 items
now! 2. Modified bughunt.ini- Added C:\WINDOWS\DOWNLO~1 for malware
scanning.
Also Added C: root. Bogus explorer.exe if stored here will be
executed when windows boots.
3. Updated documentation; Please see BUGHUNT.TXT
4. Included A bughunt.faq file, to answer any last minute questions
you
might have.
5. Cosmetic change with the logfile to improve readability.
6. BugHunter configuration file now supports upto 32 directories for
customized scanning.
7. BugFix: BugHunter was not properly counting the number of files
succesfully renamed. It would always show none or 1.
8. BugFix: BugHunter would sometimes get confused and try
to scan the previous file again (said file might not exist!)
9. Logging change: If Bughunter is configured to append, and the
logfile
doesn't exist, it will be created.
10. GUI Change: Minor changes to logfile error messages.
11. Added .REG file to help with possible logon/logoff issues on
2k/XP. 12. Included BUG2K.INI; pre configured for C:\WINNT instead of
BUGHUNT.INI default C:\WINDOWS
13. 1 Entry removed from pattern file; Determined to be a false alarm.
14. BugHunter creates a WININIT.INI file in the directory it's
executed
from. This allows BugHunter to remove memory resident malware when
you restart the computer. This file only applies to Win9x/ME
systems.
15. The Logfile now clearly shows where new log entries begin, if your
using append.
Changes since v1.3 of BugHunter:
1. BugHunter scanning has been changed! BugHunter can now
scan files that are already in use. You will no longer
see "couldn't be opened for access!" errors.
2. BugHunter keeps a running total of the files scanned in each
directory. The number of found MalWare is also listed,
including the amount of files succesfully renamed or deleted.
3. One new entry added to the pattern file to deal with malware.
4. The scannable filetypes list has been changed in this version
of BugHunter. BugHunter will only scan for *.BUG files when
you wish to remove them. (Option C).
5. In Most cases, it is no longer necessary to boot from a startup
disk or cd. You can now disable most found spyware by selecting
option B, and then rebooting your machine. Run BugHunter once
more using option C to clean up the *.BUG files left behind
after using option B.
Changes since v1.2 of BugHunter:
1. BugHunter logging options are user controllable via the .ini file.
2. Four new entries added to the pattern file to deal with malware.
3. BugHunter now attempts to force the current screen (or window) into
80x25x16 graphics mode. (Text only), this allows BugHunter to
display properly either in window mode, or fullscreen.
Changes since v1.1 of BugHunter:
1. As of v1.2 BugHunter no longer makes use of the .ini file for
items to scan. Bughunter has been hard-coded to look for
specific types of files only. This reduces the required
scan time further. Since BugHunter is no longer examining
certain file types, this reduces the chances of a false alarm.
For compatability with the original .ini file layout, the first
line is still read by BugHunter, but ignored.
2. Two new entries added to the pattern file to deal with malware.
3. More changes to the GUI, Hopefully making the program more
user friendly. Easier to see Directory/Filescan spec entries
both on screen and in the logfile.
4. BugHunter now tells you if it finds nothing to scan in some
directories. BugHunter does not waste valuable time scanning
folders which either do not exist and/or have no files.
5. BugHunter configuration is no longer confined to bughunt.ini;
You can specify another filename on the command line to force
BugHunter to use customized .ini files. This feature is useful
to those individuals who work with different windows installations
that do not share the same installation folder.
6. BugHunter does properly display the amount of time in minutes and
seconds the scan took. This information is also recorded in the
logfile.
7. For clarification purposes only: BugHunter always tries to save
data to the logfile before writing it on screen. In the event of a
fatal crash; The Logfile should contain the last entry prior.
Changes since v1.0 of BugHunter:
1. New GUI layout; Should be more pleasant in a console windows.
2. Added total amount of time taken to scan.
3. Removed one false entry in the pattern files.
4. BugHunter no longer requires running from the host drive.
5. Added configuration via BUGHUNT.INI
6. Optimized code layout for even faster scanning!
7. BugHunter now has the option of renaming found malware.
8. BugHunter will append (not overwrite) already existing BUGHUNT.LOG
files.
No flunking on this, BD.
--
Why drink the water from my hand?
Contagious as you think I am
Just tilt my sun towards your domain
Your cup runneth over again
Reply With Quote