As I referenced in my previous reply, Todd stated what I was arguing against.
> We all know it doesn't take a lot to hide from the normal everyday user > on the internet. I believe that is what they meant by "hide from > everything". Of course it isn't completely hidden. But normal users are > not sniffing packets from a computer on a isolated network to find > things. I took the word "everything" literally. Hence why I argued it was mere spam with false claims. Also, why I asked "If this was actually possible, don't you think it would of been big news?". For example, we likely would of seen code/discussion for it on this mailing list, or ASM on Rootkit.com before receiving a spam email for it. But again, I suppose this is also speculation to a point. I by no means consider myself the most knowledgable on the topic. Harlan, forgot to mention this before: Awesome website. I'm looking for a good price on the book in another tab while typing this email. =) -- Peace. ~G On Thu, 23 Sep 2004 13:59:04 -0500, Todd Towles <[EMAIL PROTECTED]> wrote: > We all know it doesn't take a lot to hide from the normal everyday user > on the internet. I believe that is what they meant by "hide from > everything". Of course it isn't completely hidden. But normal users are > not sniffing packets from a computer on a isolated network to find > things. > > We live in a different world than the normal person, that is what I tell > my non-computer friends anyways. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of GuidoZ > Sent: Thursday, September 23, 2004 11:54 AM > To: Matt > Cc: Will Image; [EMAIL PROTECTED] > Subject: Re: [Full-Disclosure] Rootkit For Spyware? Hide your adware > from all Adware removers and Anti-viruses > > > It is quite possible to hide processes, reg keys and files, and is > > often done by various malware. > > Aye. I didn't word my statements correctly. (Was tired... =P ) You are > very much correct. > > I guess I was trying to speak along the lines of AV detection and > forensics. I've yet to find a rootkit, spyware, or malware that is > COMPLETLY hidden, in every aspect, from the user. There is always a way > to find it. Granted, they can bypass the "usual means" (regedit, > taskmanager, etc) in Windows, however there are specialized tools > (process viewers for example) that show hidden processes. What I meant > to express is they seem to claim being able to hide from everything. > (Even if an AV solution detected the very program they use as an > installer.) That, I doubt. > > To save someone else from saying this, I'll reply to my own comment. =) > > > I've yet to find a rootkit, spyware, or malware that is COMPLETLY > > hidden, in every aspect, from the user. > > Well, DUH. How could you find it if it was COMPLETELY hidden? ;) > Clarification: The user and a sysadmin that has a clue are two very > different people.) > > -- > Peace. ~G > > On Thu, 23 Sep 2004 14:38:34 +1000, Matt <[EMAIL PROTECTED]> wrote: > > GuidoZ wrote: > > > Interesting indeed. Although, I imagine this was a spam email, and I > > > > never believe (nor buy) anything from spam. I wondr how credible > > > this really is. If there was such a way to do what they claim, don't > > > > you think it would have been big news? >One would think you > > > wouldn't first hear about it through spam. > > > > > It is quite possible to hide processes, reg keys and files, and is > > often done by various malware. > > > > > Also - nice website they have. http://www.randexsoft.com Simply > says: > > > > > > Access Forbidden -- Go away. > > > > > > I love a company who is customer friendly. > > > > > > -- > > > Peace. ~G > > > > > > > > > On Wed, 22 Sep 2004 20:10:28 -0700 (PDT), Will Image > > > <[EMAIL PROTECTED]> wrote: > > > > > >>I recieved this in my inbox today: > > >>how long do you think this company will last? > > >> > > >> > > >>>Date: Wed, 22 Sep 2004 19:02:44 -0400 > > >>>From: Jacques Tremblay <[EMAIL PROTECTED]> > > >>>To: [EMAIL PROTECTED] > > >>>Subject: Hide your adware from all Adware removers and Anti-viruses > > >>> > > >>>To: Business development manager > > >>> > > >>>Subject: Hide your adware from all Adware removers and > > >>>Anti-viruses > > >>> > > >>> > > >>> > > >>>Hi, > > >>> Adware removers are gaining in popularity and they cause a > > >>>big revenue threat to adware based businesses, as we see our > > >>>software installations get desinstalled after a period of time that > > > >>>is shorter and shorter, we see our revenues get smaller and > > >>>smaller. > > >>> > > >>> Why would an honest adware based business lose revenue just > > >>>because some adware remover has identifyed it as being something to > > > >>>remove ? > > >>> > > >>> We beleive we have the right to hide from these adware > > >>>removers as long as we provide a way for the user to uninstall and > > >>>that he agrees that the software will be uninstalled only with the > > >>>provided uninstaller. > > >>> > > >>> It is in that spirit that we created the solution to the > > >>>problem : > > >>> > > >>> > > >>>AdProtector 1.2 > > >>> > > >>> > > >>> We have developed software capable of hiding your software > > >>>from all adware removers and anti-viruses on a Windows > > >>>NT/2000/2003/XP machine. > > >>> > > >>> Basically we have filtered the windows kernel so that we > > >>>could mofify the behavior of the system itself. So now we can hide > > >>>anything we want from windows. > > >>> > > >>> It can : - Hide Registry Keys > > >>> - Hide Files > > >>> - Hide Processes > > >>> > > >>> By hiding these 3 key elements from windows, your > > >>>application won't ever be detected by any adware removers. > > >>> > > >>> Interesting ? > > >>> > > >>> For more information or to resquest a Demo : > > >>> email : > > >>>[EMAIL PROTECTED] > > >>> > > >>>Business is moving fast, keep ahead of the competition! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
