Results 1 to 10 of 87

Thread: How BugHunter Works; for those interested.

Hybrid View

  1. 08-06-2007, 07:06 PM #1
    kurt wismer Guest

    Re: How BugHunter Works; for those interested.

    Dustin Cook wrote:
    > kurt wismer <kurtw@sympatico.ca> wrote in news:f97g09$8m5$5@aioe.org:
    >> pcbutts1 wrote:
    [snip]
    >>> The registry keys are
    >>> what causes re-infection on reboot.
    >> no, failing to remove all the bad programs is what causes re-infection
    >> on reboot...
    >
    > It's a bit scary to see how many people think the registry keys play
    > more of a role then they actually do.
    >
    > False advertising claims made by other products? Who knows...

    well, i'm confident that it is technically possible for malware to
    reside/persist fully within the registry (as i discussed once in the
    past), but i've never heard of it being done in practice so for all
    intents and purposes the registry is a no-go for the time being...

    (and no, i have no intention of developing a poc to explore the possibility)

    --
    "it's not the right time to be sober
    now the idiots have taken over
    spreading like a social cancer,
    is there an answer?"
    Reply With Quote Reply With Quote
  2. 08-07-2007, 09:19 AM #2
    Dustin Cook Guest

    Re: How BugHunter Works; for those interested.

    kurt wismer <kurtw@sympatico.ca> wrote in news:f99lch$d94$3@aioe.org:

    > Dustin Cook wrote:
    >> kurt wismer <kurtw@sympatico.ca> wrote in news:f97g09$8m5$5@aioe.org:
    >>> pcbutts1 wrote:
    > [snip]
    >>>> The registry keys are
    >>>> what causes re-infection on reboot.
    >>> no, failing to remove all the bad programs is what causes
    >>> re-infection on reboot...
    >>
    >> It's a bit scary to see how many people think the registry keys play
    >> more of a role then they actually do.
    >>
    >> False advertising claims made by other products? Who knows...
    >
    > well, i'm confident that it is technically possible for malware to
    > reside/persist fully within the registry (as i discussed once in the
    > past), but i've never heard of it being done in practice so for all
    > intents and purposes the registry is a no-go for the time being...

    I agree, via scripting and url references, it is. It's just not a very
    feasable method of attack. The malicious trojans are short lived as it
    is.

    > (and no, i have no intention of developing a poc to explore the
    > possibility)

    I won't develop anything to exploit machines any further than I already
    did years ago.



    --
    Dustin Cook
    Author of BugHunter - MalWare Removal Tool - v2.2c
    email: bughunter.dustin@gmail.com.removethis
    web..: http://bughunter.it-mate.co.uk
    Pad..: http://bughunter.it-mate.co.uk/pad.xml

    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules