"pcbutts1" <pcbutts1@leythosthestalker.com> wrote in
news:5PSdnRSupPG5AADYnZ2dnUVZ_qWvnZ2d@giganews.com :

> Before those files are added to Spyerase they are checked and
> confirmed not to be system files on 4 different systems Win2000, XP,
> server, both laptops and desktops. We are now running tests with
> Vista. There have been zero reports from anyone so far but we do keep
> backups just in case. We even fix the damage caused by the real
> thief's roguefix

pcbutts,

The point I made was the fact your script is hard coded to look for
filenames, not content. A malicious program could easily (if one should be
so inclined) rename valid system files as something from your script; if
the user uses your script, his/her system would be at risk of harm. Not
only from whatever malicious software they've acquired, but your script's
attempt to remove it could have dire consequences.

While this would have to be a targetted attack, the fact remains it could
be done. You really, should not, rely on a filename to tell you what the
file actually is.



--
Dustin Cook
Author of BugHunter - MalWare Removal Tool -V2.0
web: http://bughunter.it-mate.co.uk
email: bughunter.dustin@gmail.com.removethis
Last updated: January 4th, 2007