Viruses

[Guest Patty]

Does anybody know what these are or how to get rid of them?

 

Trojan-downloader.win32.agent.bq

Trojan.clicker.win32.Tiny.h

 

I keep getting what appears to be Windows Security Boxes telling me my

firewall has detected suspicious activity. I should have know something was

up because I don't even have my Windows firewall activated. I tried

"googling" a manual removal but I don't know where in the regedit to fine the

keys I'm suppose to remove.

 

If any of you MVP's or very knowledgable computer people can help me

out.....I'd truly much appreciate it because it's a nuisance.

 

Thanx.......Patty

[Guest Ronaldo]

Re: Viruses

 

Either of these applications should delete the trojans.

 

Download A-Squared Free

http://www.emsisoft.com/en/software/free/

 

Download Malwarebytes Anti-Malware

http://www.malwarebytes.org/

 

 

If you want to know more about the two trojans check the links... just read

the information but do not scan your computer with their online scanner or

download their software... SpyHunter is on the suspicious Anti Spyware List

probably for a good reason.

 

Info: Trojan-Downloader.Win32.Agent.bq

http://www.411-spyware.com/remove-trojan-downloader-win32-agent-bq

 

Info:

Trojan-Clicker.Win32.Tiny.h

http://www.411-spyware.com/remove-trojan-clicker-win32-tiny-h

 

 

 

-------------------------------------

"Patty" <Patty@discussions.microsoft.com> escribió en el mensaje

news:34508612-0BE8-47DC-AB1E-3CEAF12CBB48@microsoft.com...

> Does anybody know what these are or how to get rid of them?

>

> Trojan-downloader.win32.agent.bq

> Trojan.clicker.win32.Tiny.h

>

> I keep getting what appears to be Windows Security Boxes telling me my

> firewall has detected suspicious activity. I should have know something

> was

> up because I don't even have my Windows firewall activated. I tried

> "googling" a manual removal but I don't know where in the regedit to fine

> the

> keys I'm suppose to remove.

>

> If any of you MVP's or very knowledgable computer people can help me

> out.....I'd truly much appreciate it because it's a nuisance.

>

> Thanx.......Patty

[Guest PA Bear [MS MVP]]

Re: Viruses

 

Unexplained computer behavior may be caused by deceptive software

http://support.microsoft.com/kb/827315

 

Run a /thorough/ check for hijackware, including posting your hijackthis log

to an appropriate forum.

 

Checking for/Help with Hijackware

http://aumha.org/a/parasite.htm

http://aumha.org/a/quickfix.htm

http://aumha.net/viewtopic.php?t=5878

http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction

http://mvps.org/winhelp2002/unwanted.htm

http://inetexplorer.mvps.org/data/prevention.htm

http://inetexplorer.mvps.org/tshoot.html

http://www.mvps.org/sramesh2k/Malware_Defence.htm

http://defendingyourmachine2.blogspot.com/

http://www.elephantboycomputers.com/page2.html#Removing_Malware

 

When all else fails, HijackThis v2.0.2

(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use (in

conjuction with some other utilities). HijackThis will NOT fix anything on

its own, but it will help you to both identify and remove any

hijackware/spyware with assistance from an expert. **Post your log to

http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,

http://forums.spybot.info/forumdisplay.php?f=22,

http://aumha.net/viewforum.php?f=30, or another appropriate forum for review

by an expert in such matters, not here.**

 

If the procedures look too complex - and there is no shame in admitting this

isn't your cup of tea - take the machine to a local, reputable and

independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.

--

~Robear Dyer (PA Bear)

MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002

AumHa VSOP & Admin http://aumha.net

DTS-L http://dts-l.net/

 

Patty wrote:

> Does anybody know what these are or how to get rid of them?

>

> Trojan-downloader.win32.agent.bq

> Trojan.clicker.win32.Tiny.h

>

> I keep getting what appears to be Windows Security Boxes telling me my

> firewall has detected suspicious activity. I should have know something

> was

> up because I don't even have my Windows firewall activated. I tried

> "googling" a manual removal but I don't know where in the regedit to fine

> the keys I'm suppose to remove.

>

> If any of you MVP's or very knowledgable computer people can help me

> out.....I'd truly much appreciate it because it's a nuisance.

>

> Thanx.......Patty

[Guest David H. Lipman]

Re: Viruses

 

From: "Patty" <Patty@discussions.microsoft.com>

 

| Does anybody know what these are or how to get rid of them?

 

| Trojan-downloader.win32.agent.bq

| Trojan.clicker.win32.Tiny.h

 

| I keep getting what appears to be Windows Security Boxes telling me my

| firewall has detected suspicious activity. I should have know something was

| up because I don't even have my Windows firewall activated. I tried

| "googling" a manual removal but I don't know where in the regedit to fine the

| keys I'm suppose to remove.

 

| If any of you MVP's or very knowledgable computer people can help me

| out.....I'd truly much appreciate it because it's a nuisance.

 

| Thanx.......Patty

 

Neither are "viruses", they are trojans.

 

The first, as its name implies, is a trojan downloader which mens that once installed, it

will dowload peers.

I'm not sure of exaclty what the trojan clicker family is.

 

You left out important information.

- What is the fully qulaified name and path to the files deemed infected

- What is the anti virus application that deemed the files to be infected.

 

 

Download MULTI_AV.EXE from the URL --

http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe

 

http://www.pctipp.ch/downloads/dl/35905.asp

 

English:

http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/

 

To use this utility, perform the following...

Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }

Choose; Unzip

Choose; Close

 

Execute; C:\AV-CLS\StartMenu.BAT

{ or Double-click on 'Start Menu' in C:\AV-CLS }

 

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your

FireWall to allow it to download the needed AV vendor related files.

 

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}

This will bring up the initial menu of choices and should be executed in Normal Mode.

This way all the components can be downloaded from each AV vendor's web site.

The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

 

You can choose to go to each menu item and just download the needed files or you can

download the files and perform a scan in Normal Mode. Once you have downloaded the files

needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key

during boot] and re-run the menu again and choose which scanner you want to run in Safe

Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

 

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help

file.

 

Additional Instructions:

http://pcdid.com/Multi_AV.htm

 

 

* * * Please report back your results * * *

 

 

 

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[Guest Patty]

Re: Viruses

 

Thank you all for your replies. I think I know now how it got there. I

guess I got dupped awhile ago and downloaded Spyhunter. I'm going to remove

Spyhunter from my computer (guess there's no chance in getting my money

back.....huh?) and try all your suggestions.

 

Dave: Unfortunately I'm not very computer literate so I'll have to wait for

my son to do as you suggested if all else fails. As far as the antivirus

software goes, I use AVG. I actually have it set up to update and scan every

morning and so far it hasn't picked anything up. I also don't know the fully

qualified name of path of the files infected because I don't know how to find

that. I've been running my Ad-Aware and that has found infected files but it

was unable to remove 14 of them. Also, when I try to run my ad-aware in safe

mode (which I was told a long time ago was best to do) I get an error message

and it won't scan.

 

Again, thank you all for your suggestions. If I have more problems, I will

post back.

 

Patty

 

 

"David H. Lipman" wrote:

> From: "Patty" <Patty@discussions.microsoft.com>

>

> | Does anybody know what these are or how to get rid of them?

>

> | Trojan-downloader.win32.agent.bq

> | Trojan.clicker.win32.Tiny.h

>

> | I keep getting what appears to be Windows Security Boxes telling me my

> | firewall has detected suspicious activity. I should have know something was

> | up because I don't even have my Windows firewall activated. I tried

> | "googling" a manual removal but I don't know where in the regedit to fine the

> | keys I'm suppose to remove.

>

> | If any of you MVP's or very knowledgable computer people can help me

> | out.....I'd truly much appreciate it because it's a nuisance.

>

> | Thanx.......Patty

>

> Neither are "viruses", they are trojans.

>

> The first, as its name implies, is a trojan downloader which mens that once installed, it

> will dowload peers.

> I'm not sure of exaclty what the trojan clicker family is.

>

> You left out important information.

> - What is the fully qulaified name and path to the files deemed infected

> - What is the anti virus application that deemed the files to be infected.

>

>

> Download MULTI_AV.EXE from the URL --

> http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe

>

> http://www.pctipp.ch/downloads/dl/35905.asp

>

> English:

> http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/

>

> To use this utility, perform the following...

> Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }

> Choose; Unzip

> Choose; Close

>

> Execute; C:\AV-CLS\StartMenu.BAT

> { or Double-click on 'Start Menu' in C:\AV-CLS }

>

> NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your

> FireWall to allow it to download the needed AV vendor related files.

>

> C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}

> This will bring up the initial menu of choices and should be executed in Normal Mode.

> This way all the components can be downloaded from each AV vendor's web site.

> The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

>

> You can choose to go to each menu item and just download the needed files or you can

> download the files and perform a scan in Normal Mode. Once you have downloaded the files

> needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key

> during boot] and re-run the menu again and choose which scanner you want to run in Safe

> Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

>

> When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help

> file.

>

> Additional Instructions:

> http://pcdid.com/Multi_AV.htm

>

>

> * * * Please report back your results * * *

>

>

>

>

> --

> Dave

> http://www.claymania.com/removal-trojan-adware.html

> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

>

>

>

[Guest David H. Lipman]

Re: Viruses

 

From: "Patty" <Patty@discussions.microsoft.com>

 

| Thank you all for your replies. I think I know now how it got there. I

| guess I got dupped awhile ago and downloaded Spyhunter. I'm going to remove

| Spyhunter from my computer (guess there's no chance in getting my money

| back.....huh?) and try all your suggestions.

 

| Dave: Unfortunately I'm not very computer literate so I'll have to wait for

| my son to do as you suggested if all else fails. As far as the antivirus

| software goes, I use AVG. I actually have it set up to update and scan every

| morning and so far it hasn't picked anything up. I also don't know the fully

| qualified name of path of the files infected because I don't know how to find

| that. I've been running my Ad-Aware and that has found infected files but it

| was unable to remove 14 of them. Also, when I try to run my ad-aware in safe

| mode (which I was told a long time ago was best to do) I get an error message

| and it won't scan.

 

| Again, thank you all for your suggestions. If I have more problems, I will

| post back.

 

| Patty

 

Oh yes, Engma SpyHunter.

 

A rogue anti malware in that the company practices unethical tactics to boost the bottom

line because it is a publically traded company.

 

There are *much* better products out there!

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[Guest Patty]

Re: Viruses

 

 

 

"David H. Lipman" wrote:

> From: "Patty" <Patty@discussions.microsoft.com>

>

> | Thank you all for your replies. I think I know now how it got there. I

> | guess I got dupped awhile ago and downloaded Spyhunter. I'm going to remove

> | Spyhunter from my computer (guess there's no chance in getting my money

> | back.....huh?) and try all your suggestions.

>

> | Dave: Unfortunately I'm not very computer literate so I'll have to wait for

> | my son to do as you suggested if all else fails. As far as the antivirus

> | software goes, I use AVG. I actually have it set up to update and scan every

> | morning and so far it hasn't picked anything up. I also don't know the fully

> | qualified name of path of the files infected because I don't know how to find

> | that. I've been running my Ad-Aware and that has found infected files but it

> | was unable to remove 14 of them. Also, when I try to run my ad-aware in safe

> | mode (which I was told a long time ago was best to do) I get an error message

> | and it won't scan.

>

> | Again, thank you all for your suggestions. If I have more problems, I will

> | post back.

>

> | Patty

>

> Oh yes, Engma SpyHunter.

>

> A rogue anti malware in that the company practices unethical tactics to boost the bottom

> line because it is a publically traded company.

>

> There are *much* better products out there!

>

> --

> Dave

> http://www.claymania.com/removal-trojan-adware.html

> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

>

> I think the 2 suggested tools worked. Just one more question if you don't mind though. Can I run these programs regularly (as I do Ad-Aware) and, can I run them in safe mode? Also, should I enable my Windows Firewall? I thought I had a problem with it conflicting with my AVG (I have the paid version with a firewall) so that's why I disabled it.

 

Okay....so technically it was 3 questions but who's counting... :).

 

Thanx

 

Patty

>

[Guest David H. Lipman]

Re: Viruses

 

From: "Patty" <Patty@discussions.microsoft.com>

 

 

 

| "David H. Lipman" wrote:

>> From: "Patty" <Patty@discussions.microsoft.com>

>> | Thank you all for your replies. I think I know now how it got there. I

>> | guess I got dupped awhile ago and downloaded Spyhunter. I'm going to remove

>> | Spyhunter from my computer (guess there's no chance in getting my money

>> | back.....huh?) and try all your suggestions.

>> | Dave: Unfortunately I'm not very computer literate so I'll have to wait for

>> | my son to do as you suggested if all else fails. As far as the antivirus

>> | software goes, I use AVG. I actually have it set up to update and scan every

>> | morning and so far it hasn't picked anything up. I also don't know the fully

>> | qualified name of path of the files infected because I don't know how to find

>> | that. I've been running my Ad-Aware and that has found infected files but it

>> | was unable to remove 14 of them. Also, when I try to run my ad-aware in safe

>> | mode (which I was told a long time ago was best to do) I get an error message

>> | and it won't scan.

>> | Again, thank you all for your suggestions. If I have more problems, I will

>> | post back.

>> | Patty

>> Oh yes, Engma SpyHunter.

>> A rogue anti malware in that the company practices unethical tactics to boost the

>> bottom

>> line because it is a publically traded company.

>> There are *much* better products out there!

>> --

>> Dave

>> http://www.claymania.com/removal-trojan-adware.html

>> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

>> I think the 2 suggested tools worked. Just one more question if you don't mind

>> though. Can I run these programs regularly (as I do Ad-Aware) and, can I run them in

>> safe mode? Also, should I enable my Windows Firewall? I thought I had a problem with

>> it conflicting with my AVG (I have the paid version with a firewall) so that's why I

>> disabled it.

 

| Okay....so technically it was 3 questions but who's counting... :).

 

| Thanx

 

| Patty

 

 

The Multi AV Scanning Tool can be used on a regular basis and each time you use it each

module will keep itself up o date.

 

All can be run in Safe Mode.

 

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[Guest Patty]

Re: Viruses

 

Sad to say.....they got my $40.00... :(. Next time I want to download

something that looks too good to be true, I'll ask around here first.

 

Thanx again to all of you for your help.....you guys/gals are the best!!

 

Patty

 

"David H. Lipman" wrote:

> From: "Patty" <Patty@discussions.microsoft.com>

>

>

>

> | "David H. Lipman" wrote:

>

> >> From: "Patty" <Patty@discussions.microsoft.com>

>

> >> | Thank you all for your replies. I think I know now how it got there. I

> >> | guess I got dupped awhile ago and downloaded Spyhunter. I'm going to remove

> >> | Spyhunter from my computer (guess there's no chance in getting my money

> >> | back.....huh?) and try all your suggestions.

>

> >> | Dave: Unfortunately I'm not very computer literate so I'll have to wait for

> >> | my son to do as you suggested if all else fails. As far as the antivirus

> >> | software goes, I use AVG. I actually have it set up to update and scan every

> >> | morning and so far it hasn't picked anything up. I also don't know the fully

> >> | qualified name of path of the files infected because I don't know how to find

> >> | that. I've been running my Ad-Aware and that has found infected files but it

> >> | was unable to remove 14 of them. Also, when I try to run my ad-aware in safe

> >> | mode (which I was told a long time ago was best to do) I get an error message

> >> | and it won't scan.

>

> >> | Again, thank you all for your suggestions. If I have more problems, I will

> >> | post back.

>

> >> | Patty

>

> >> Oh yes, Engma SpyHunter.

>

> >> A rogue anti malware in that the company practices unethical tactics to boost the

> >> bottom

> >> line because it is a publically traded company.

>

> >> There are *much* better products out there!

>

> >> --

> >> Dave

> >> http://www.claymania.com/removal-trojan-adware.html

> >> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

>

> >> I think the 2 suggested tools worked. Just one more question if you don't mind

> >> though. Can I run these programs regularly (as I do Ad-Aware) and, can I run them in

> >> safe mode? Also, should I enable my Windows Firewall? I thought I had a problem with

> >> it conflicting with my AVG (I have the paid version with a firewall) so that's why I

> >> disabled it.

>

> | Okay....so technically it was 3 questions but who's counting... :).

>

> | Thanx

>

> | Patty

>

>

> The Multi AV Scanning Tool can be used on a regular basis and each time you use it each

> module will keep itself up o date.

>

> All can be run in Safe Mode.

>

>

> --

> Dave

> http://www.claymania.com/removal-trojan-adware.html

> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

>

>

>

[Guest David H. Lipman]

Re: Viruses

 

From: "Patty" <Patty@discussions.microsoft.com>

 

| Sad to say.....they got my $40.00... :(. Next time I want to download

| something that looks too good to be true, I'll ask around here first.

 

| Thanx again to all of you for your help.....you guys/gals are the best!!

 

| Patty

 

OK but "not around here".

 

In the future, please post malware related problems in a virus related neww group such as;

microsoft.public.security.virus

 

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[Guest Unknown]

Re: Viruses

 

Why not here? Makes interesting reading.

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message

news:e0N$k7JHJHA.1160@TK2MSFTNGP04.phx.gbl...

> From: "Patty" <Patty@discussions.microsoft.com>

>

> | Sad to say.....they got my $40.00... :(. Next time I want to download

> | something that looks too good to be true, I'll ask around here first.

>

> | Thanx again to all of you for your help.....you guys/gals are the best!!

>

> | Patty

>

> OK but "not around here".

>

> In the future, please post malware related problems in a virus related

> neww group such as;

> microsoft.public.security.virus

>

>

> --

> Dave

> http://www.claymania.com/removal-trojan-adware.html

> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

>

>

[Guest David H. Lipman]

Re: Viruses

 

From: "Unknown" <unknown@unknown.kom>

 

| Why not here? Makes interesting reading.

 

Because that's where this subject matter is best handled.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[Guest Unknown]

Re: Viruses

 

Handled very well here also and this is a good/excellent newsgroup for

newbies..

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message

news:O8qAAHPHJHA.2408@TK2MSFTNGP04.phx.gbl...

> From: "Unknown" <unknown@unknown.kom>

>

> | Why not here? Makes interesting reading.

>

> Because that's where this subject matter is best handled.

>

> --

> Dave

> http://www.claymania.com/removal-trojan-adware.html

> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

>

>

[Guest David H. Lipman]

Re: Viruses

 

From: "Unknown" <unknown@unknown.kom>

 

| Handled very well here also and this is a good/excellent newsgroup for

| newbies..

 

People like me can't afford to browse EVERY bloody news group.

 

Those who post this subject matter all over the place will often get; mislead,

misdirected, trolled, or worse.

 

This is NOT an excellent news group for this subject matter as malware affects every OS.

This is a WinXP news group, albeit general, and should stick to constructs specific to

WinXP.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[Guest Unknown]

Re: Viruses

 

People like you do nothing but complain. Are you obligated to answer the

questions in this group?

Can't afford to browse other groups??? Makes no sense. People who post

this subject matter

generally do not 'post all over the place'. Since malware affects every OS,

this is an excellent place to

post this subject.

~@Verizon.Net> wrote in message

news:uwuvTbPHJHA.3884@TK2MSFTNGP02.phx.gbl...

> From: "Unknown" <unknown@unknown.kom>

>

> | Handled very well here also and this is a good/excellent newsgroup for

> | newbies..

>

> People like me can't afford to browse EVERY bloody news group.

>

> Those who post this subject matter all over the place will often get;

> mislead,

> misdirected, trolled, or worse.

>

> This is NOT an excellent news group for this subject matter as malware

> affects every OS.

> This is a WinXP news group, albeit general, and should stick to constructs

> specific to

> WinXP.

>

> --

> Dave

> http://www.claymania.com/removal-trojan-adware.html

> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

>

>

[Guest David H. Lipman]

Re: Viruses

 

From: "Unknown" <unknown@unknown.kom>

 

| People like you do nothing but complain. Are you obligated to answer the

| questions in this group?

| Can't afford to browse other groups??? Makes no sense. People who post

| this subject matter

| generally do not 'post all over the place'. Since malware affects every OS,

| this is an excellent place to

| post this subject.

 

I have been in Usenet posting and replying about viruses and Today's malware in general

for almost 20 years. People like me have helped numerous posters deal with the epidemic

of malware. I know what I am talking about.

 

There are reasons why Usenet has specific news group discussing specific subject matter.

MS Outlook may run under WinXP but queries are best made in a MS Outlook related news

group.

MS Outlook Express may run under WinXP but queries are best made in a MS Outlook Express

related news group.

etc, etc.

 

I do not flame nor argue a subject matter. Think as you wish. I have made my statement.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[Guest ArameFarpado]

Re: Viruses

 

Em Segunda, 22 de Setembro de 2008 22:04, David H. Lipman escreveu:

>

> as malware

> affects every OS.

 

Not true.

[Guest David H. Lipman]

Re: Viruses

 

From: "ArameFarpado" <a-farpado.spam@netcabo.pt>

 

| Em Segunda, 22 de Setembro de 2008 22:04, David H. Lipman escreveu:

>> as malware

>> affects every OS.

 

| Not true.

 

It sure is.

 

The only thing is some operating systems are targeted more than others. Win32 is the most

targeted OS familiy (and we are in the Microsoft Usenet hierarchy) but you name an OS and

there is some form of malware for it.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[Guest ArameFarpado]

Re: Viruses

 

Em Segunda, 22 de Setembro de 2008 23:25, David H. Lipman escreveu:

> From: "ArameFarpado" <a-farpado.spam@netcabo.pt>

>

> | Em Segunda, 22 de Setembro de 2008 22:04, David H. Lipman escreveu:

>

>>> as malware

>>> affects every OS.

>

> | Not true.

>

> It sure is.

No.

> The only thing is some operating systems are targeted more than others.

> Win32 is the most targeted OS familiy (and we are in the Microsoft Usenet

> hierarchy)

almost all huge internet servers runs on unix like OSs, so as big company

servers... are you thinking this machines are not tempting targets?

 

Ms OSs are the most target by malware because it is easy to target them...

 

There had been several attempts to create a virus that infect unix like

systems like they infect windows, and they all failed, because they can

only workout in badly configured or wrongly used systems.

> but you name an OS and there is some form of malware for it.

They can be hacked if they have open ports like all servers have, but can't

be infected like windows and symbian (nokia phones) can.

Actualy, these are the two systems that need to be protected by anti-malware

progs... an MacOS or Linux user will only install an antivirus if he is

paranoid.

 

For windows to get the same level of imunity, it would have to change a lot:

---stop identifying file types by its extention's name (weekness)

---stop loading bynaries (as programs) by clicking directly on them (extreme

weekness)

---create a new permissions system that really works...

---ban the autorun in removable volumes.

---does not allow the administrator to have a grafical desktop.

and this would go on and on...

 

the best way to fight the threat of malware is to correct the flaws and

weekness they exploit... not trusting on anti-malware to solve it...

anti-malware could be used only as a temporary solution, not a permanet

one.

 

Microsoft did some of these corrections allready (the RPC exploit) but they

wore not enought

 

regards

[Guest Leythos]

Re: Viruses

 

In article <gb97ua$l4i$1@registered.motzarella.org>, a-

farpado.spam@netcabo.pt says...

> There had been several attempts to create a virus that infect unix like

> systems like they infect windows, and they all failed, because they can

> only workout in badly configured or wrongly used systems.

 

Many Unix/Linux systems are compromised every year, not by a "Virus" but

by exploits and root hacking.

 

It's incorrect to say that Unix or Linux is secure.

 

--

- Igitur qui desiderat pacem, praeparet bellum.

- Calling an illegal alien an "undocumented worker" is like calling a

drug dealer an "unlicensed pharmacist"

spam999free@rrohio.com (remove 999 for proper email address)

[Guest David H. Lipman]

Re: Viruses

 

From: "ArameFarpado" <a-farpado.spam@netcabo.pt>

 

| Em Segunda, 22 de Setembro de 2008 23:25, David H. Lipman escreveu:

>> From: "ArameFarpado" <a-farpado.spam@netcabo.pt>

>> | Em Segunda, 22 de Setembro de 2008 22:04, David H. Lipman escreveu:

>>>> as malware

>>>> affects every OS.

>> | Not true.

>> It sure is.

| No.

>> The only thing is some operating systems are targeted more than others.

>> Win32 is the most targeted OS familiy (and we are in the Microsoft Usenet

>> hierarchy)

| almost all huge internet servers runs on unix like OSs, so as big company

| servers... are you thinking this machines are not tempting targets?

 

| Ms OSs are the most target by malware because it is easy to target them...

 

| There had been several attempts to create a virus that infect unix like

| systems like they infect windows, and they all failed, because they can

| only workout in badly configured or wrongly used systems.

>> but you name an OS and there is some form of malware for it.

| They can be hacked if they have open ports like all servers have, but can't

| be infected like windows and symbian (nokia phones) can.

| Actualy, these are the two systems that need to be protected by anti-malware

| progs... an MacOS or Linux user will only install an antivirus if he is

| paranoid.

 

| For windows to get the same level of imunity, it would have to change a lot:

| ---stop identifying file types by its extention's name (weekness)

| ---stop loading bynaries (as programs) by clicking directly on them (extreme

| weekness)

| ---create a new permissions system that really works...

| ---ban the autorun in removable volumes.

| ---does not allow the administrator to have a grafical desktop.

| and this would go on and on...

 

| the best way to fight the threat of malware is to correct the flaws and

| weekness they exploit... not trusting on anti-malware to solve it...

| anti-malware could be used only as a temporary solution, not a permanet

| one.

 

| Microsoft did some of these corrections allready (the RPC exploit) but they

| wore not enought

 

| regards

 

 

Attempts at infecteing Unix/Linux didn't fail. They weren't as successful as with Win16

and Win32.

Let see...

 

There was the Bliss. Remember that ?

Then there is the RST.a/RST.b (aka; ELF.RST.a), Rike, Ramen, Metaphor, Lindoes, Kagob and

the infamous OSF.8759.

We also have the Lion, Kork, Millen and Slapper worms and the Obsidian.

 

I'm sorry...

 

There is malware for the 'nix families whether they are configured properly or not, they

exist and there will continue to be new ones created. As the MAC and 'nix OS' become more

prevalent they too will have a larger targeting base.

 

Even the venerable VM/CMS had its virus holiday in '88 on Christmas < LOL >

 

Like the Amiga ? It had viruses. It even got Aids < lol >

 

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[Guest ArameFarpado]

Re: Viruses

 

Em Terça, 23 de Setembro de 2008 00:36, Leythos escreveu:

> In article <gb97ua$l4i$1@registered.motzarella.org>, a-

> farpado.spam@netcabo.pt says...

>> There had been several attempts to create a virus that infect unix like

>> systems like they infect windows, and they all failed, because they can

>> only workout in badly configured or wrongly used systems.

>

> Many Unix/Linux systems are compromised every year, not by a "Virus" but

> by exploits and root hacking.

>

> It's incorrect to say that Unix or Linux is secure.

>

 

any server machine can be hacked, there is allways a way... only they are

not hacked by a peace of software, but by a human being that somehow can

crack it's defences. it's dificult to secure a server, needs constant

monitoring.

while windows clients and server systems can be hacked so easy if the system

is compromised by a backdoor malware, and there are lots of them surfing

the internet right now, pousing as frendly software.

you know what a "botnet" is don't you? you maybe even using one without

knowing.

you guys put to much trust on your antivirus, and that is a big weekness

that leads your to be careless... only i understand you don't have much of

a choice these days :(

 

regards

[Guest ArameFarpado]

Re: Viruses

 

Em Terça, 23 de Setembro de 2008 00:46, David H. Lipman escreveu:

>

> Attempts at infecteing Unix/Linux didn't fail. They weren't as successful

> as with Win16 and Win32.

> Let see...

>

> There was the Bliss. Remember that ?

""When executed, it attempts to attach itself to Linux executable files, to

which regular users do not have access. ""

 

had to be root activated to do it...

 

""Although it was probably intended to prove that Linux can be infected, it

does not propagate very effectively because of the structure of Linux's

user privilege system.""

 

see what i mean?

 

anyway, all the other you pointed are old news and all it's exploits wore

corrected.

[Guest David H. Lipman]

Re: Viruses

 

From: "ArameFarpado" <a-farpado.spam@netcabo.pt>

 

| Em Terça, 23 de Setembro de 2008 00:46, David H. Lipman escreveu:

 

>> Attempts at infecteing Unix/Linux didn't fail. They weren't as successful

>> as with Win16 and Win32.

>> Let see...

>> There was the Bliss. Remember that ?

| ""When executed, it attempts to attach itself to Linux executable files, to

| which regular users do not have access. ""

 

| had to be root activated to do it...

 

| ""Although it was probably intended to prove that Linux can be infected, it

| does not propagate very effectively because of the structure of Linux's

| user privilege system.""

 

| see what i mean?

 

| anyway, all the other you pointed are old news and all it's exploits wore

| corrected.

 

 

Doesn't matter. I can pull up new ones if need be.

 

The fact remains.

I posted... "as malware affects every OS."

And you replied... "Not true."

 

What I posted were well known bits of malware and they affected the OS. That's a fact.

 

So I repeat emphatically... "malware affects every OS."

With the disclaimer...

"The only thing is some operating systems are targeted more than others".

 

BTW: The Slapper had spread pretty well and caused financial loses.

 

Since you mention Symbian...

http://www.f-secure.com/weblog/archives/00001368.html

 

Oh you also mention the MAC OS. OS/X had the OSX/Leap-A

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[Guest David H. Lipman]

Re: Viruses

 

From: "ArameFarpado" <a-farpado.spam@netcabo.pt>

 

I forgot to mention...

 

The RBN (before Atrivo was exposed) had begun to target MAC computers with the same kind

of Fake Codecs that were so prevalent in the distribution of the ZLob trojans for Win32.

 

http://www.theregister.co.uk/2008/03/12/mac_security_site_malware_infestation/

 

And I personnaly have seen the code that decides what OS you are using and what file will

be downloaded to the PC.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp