|
|
|
|
06-25-2006, 06:08 PM
|
#11 |
Re: A Hijacking Problem
From: "Sebastian Gottschalk" <>
| | Is this a.c.security or a.c.bullshitting-around? | No Bullsh!t ! -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm David H. Lipman |
|
|
|
06-25-2006, 06:35 PM
|
#12 |
|
Posts: n/a
|
Re: A Hijacking Problem
David H. Lipman wrote:
> From: "Sebastian Gottschalk" <> > > > | > | Is this a.c.security or a.c.bullshitting-around? > | > > No Bullsh!t ! How exactly would you classify recommending computer programs that are supposed to work with magic? Sebastian Gottschalk |
|
|
|
06-25-2006, 07:33 PM
|
#13 |
|
Posts: n/a
|
Re: A Hijacking Problem
From: "Sebastian Gottschalk" <>
| David H. Lipman wrote: >> From: "Sebastian Gottschalk" <> >> |>> Is this a.c.security or a.c.bullshitting-around? |>> >> No Bullsh!t ! | | How exactly would you classify recommending computer programs that are | supposed to work with magic? No magic. Hard coded, programmed, removal with subsequent signature and heuristic detection and removal. -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm David H. Lipman |
|
|
|
06-25-2006, 08:23 PM
|
#14 |
|
Posts: n/a
|
Re: A Hijacking Problem
David H. Lipman wrote:
> | How exactly would you classify recommending computer programs that are > | supposed to work with magic? > > No magic. > Hard coded, programmed, removal with subsequent signature and heuristic detection and > removal. man cloaking man Rootkit Reliably cleaning a compromised system from the running system itself is equivalent to halting problem, both in theory and practice. Sebastian Gottschalk |
|
|
|
06-25-2006, 10:28 PM
|
#15 |
|
Posts: n/a
|
Re: A Hijacking Problem
Sebastian Gottschalk wrote:
> man cloaking > man Rootkit I suppose that as a Windoze lUser you actually expected this to produce something useful, huh? <laugh> TwistyCreek |
|
|
|
06-25-2006, 10:31 PM
|
#16 |
|
Posts: n/a
|
Re: A Hijacking Problem
From: "Sebastian Gottschalk" <>
| | man cloaking | man Rootkit | | Reliably cleaning a compromised system from the running system itself is | equivalent to halting problem, both in theory and practice. There is NO RootKit in this. It is a case of a Vundo Trojan and/or Virtuomunde Adware infection. At the very most the malware loads a DLL in the Winlogon Nofify key and a BHO. -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm David H. Lipman |
|
|
|
06-26-2006, 12:09 AM
|
#17 |
|
Posts: n/a
|
Re: A Hijacking Problem
David H. Lipman wrote:
> | man cloaking > | man Rootkit > | > | Reliably cleaning a compromised system from the running system itself is > | equivalent to halting problem, both in theory and practice. > > There is NO RootKit in this. So, how do you know? > It is a case of a Vundo Trojan and/or Virtuomunde Adware infection. No. It's a case where something that looks like these and probably a lot of addition unrecognized malware has used a security hole, and this indentified malware has already downloaded and installed a lot of other unidentified malware, which has done the same, ... And you assume that there's no rootkit in this big load of crap? Get serious! > At the very most the malware loads a DLL in the Winlogon Nofify key and a BHO. You'd wish. Sebastian Gottschalk |
|
|
|
06-26-2006, 12:10 AM
|
#18 |
|
Posts: n/a
|
Re: A Hijacking Problem
TwistyCreek wrote:
> Sebastian Gottschalk wrote: > >> man cloaking >> man Rootkit > > I suppose that as a Windoze lUser you actually expected this to produce > something useful, huh? Yes. It first searches all manpages and after not finding anything it opens lynx and browses to the relevant Wikipedia entry. Sebastian Gottschalk |
|
|
|
06-26-2006, 12:39 AM
|
#19 |
|
Posts: n/a
|
Re: A Hijacking Problem
From: "Sebastian Gottschalk" <>
| David H. Lipman wrote: | |>> man cloaking |>> man Rootkit |>> |>> Reliably cleaning a compromised system from the running system itself is |>> equivalent to halting problem, both in theory and practice. >> >> There is NO RootKit in this. | | So, how do you know? | >> It is a case of a Vundo Trojan and/or Virtuomunde Adware infection. | | No. It's a case where something that looks like these and probably a lot | of addition unrecognized malware has used a security hole, and this | indentified malware has already downloaded and installed a lot of other | unidentified malware, which has done the same, ... | | And you assume that there's no rootkit in this big load of crap? Get | serious! | >> At the very most the malware loads a DLL in the Winlogon Nofify key and a BHO. | | You'd wish. Please stick to a subject matter that you have direct knowledge on. Ron specifically noted "Win Anti-Virus". It is the Vundo Trojan and/or Virtuomunde Adware infection that points to the download and installation of WinAntivirus Pro, WinAntiSpyware Pro and WinFixer 2006. This is propogated by... Amaena P.O. box1048 Chernigov, NA 14032 UA Other symptoms are Pop-Ups indicating; "There is a security vulnerability from the Blackworm virus. We recomen you DOWNLOAD ..." and "There is a security vulnerability from the Beagle virus. We recomen you DOWNLOAD ..." The malware is well known to take advantage of a vulnerability in older versions of Sun Java. http://sunsolve.sun.com/search/docum...=1-26-102171-1 In fact even if you have a non-vulnerable version on the PC, if a vulnerable version is on the PC the Trojan will traverse the version until a vulnerable version can be exploited. That's why it is imperative that old versions be removed when updating to a new version. Unfortunately, the Sun Java installer does NOT remove prior versions before installing a lter version. I have been studying and working on this family of malware for about 9 months and is the reason I have written the WinFixerFix utility. Please see the post "A Hijacking Problem" in the News Group; alt.binaries.comp.virus The graphics captured were from platforms infected with this family of malware. -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm David H. Lipman |
|
|
|
06-26-2006, 07:02 AM
|
#20 |
|
Posts: n/a
|
Re: A Hijacking Problem
David H. Lipman wrote: > From: "Sebastian Gottschalk" <> > Please stick to a subject matter that you have direct knowledge on. Ron specifically noted > "Win Anti-Virus". > > It is the Vundo Trojan and/or Virtuomunde Adware infection that points to the download and > installation of WinAntivirus Pro, WinAntiSpyware Pro and WinFixer 2006. This is propogated > by... > Amaena > P.O. box1048 > Chernigov, NA 14032 > UA > > Other symptoms are Pop-Ups indicating; > "There is a security vulnerability from the Blackworm virus. We recomen you DOWNLOAD ..." > and > "There is a security vulnerability from the Beagle virus. We recomen you DOWNLOAD ..." > > The malware is well known to take advantage of a vulnerability in older versions of Sun > Java. Dave; Does the company that makes all of the above anti-virus programs responsible for this infection or some other party? If the company is responsible, why aren't they being sued or fined for starting what is essentially a virus that their program can cure? That seems to me like software extortion. Ron Ron |
|
|
 |
| Thread Tools | Search this Thread |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Comcast + Wireless Internet Problem | shadoweloc | General Help Related Topics | 1 | 07-01-2008 06:19 PM |
| Dial Up Problem | smackedass | A+ Certification | 3 | 02-02-2007 11:59 PM |
| Re: Virus Problem ** Help!** | David BlandIII | A+ Certification | 1 | 03-02-2004 06:00 PM |
| Re: Serious Computer Problem | hootnholler | A+ Certification | 1 | 11-24-2003 12:18 PM |
| Re: Serious Computer Problem | Bret | A+ Certification | 0 | 11-19-2003 12:51 AM |
