its to hard to deal with here , but the best soulution would be to initially text match to write $decode, and then actually decode the string, then compare if the text precedding the //write appears in the decoded text. That wasy u could be sure that the PM was just the virus propergating.
There are too many different ones out there to match them against actual decode string...
Nak CAri Awek, Guna Command NIe //write blabla
...
Want to be an OPERATOR in #channel ? copy/paste this-> //write blabla thats just small list... and this list grows every day...
You do understand that those statments are in the decode string?, So what ever the leading statment is you can find it in the decode string., you could simple encode the leading text, then ISIN it to the encoded text.
And someone can send you something like:
Hello, the user Lame send me this message: Do You Want to be an OPERATOR in #channel ? copy/paste this-> //write $decode(blabla) etc..
your script detects //write and $decode... and kicks...
Well if he spams the the whole message he deserves to be kicked.
