--------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: F3F00001 Date: 03/09/98 From: PAUL WALKER Time: 11:58pm \/To: VIC OLIVER (Read 1 times) Subj: VSAFE Hi Vic, Vic Oliver to Paul Walker, 05 Mar 98 09:56. VO> Thanks Paul for the info re VSAFE I VO> must recheck my system as I`ve a VO> suspicion this might have been happening. No problem. Microsoft don't even use their antivirus system themselves, which should give you an idea of how good it is. ;) At some point someone is bound to post a list in here of what AV programs are good - watch out for that one. Paul (p.r.walker@warwick.ac.uk) ... "Children of the night... Shut-Up!" - Count Dracula --- FMail/386 1.22 * Origin: It's better to burn out, than to fade away... (2:254/60.11) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: F3H00000 Date: 03/11/98 From: DAVE P.A. SMITH Time: 09:05pm \/To: ALL (Read 1 times) Subj: Virus Alert Has anybody tried this program? A while back I bought a consumer version of Alert and was told that I could get upgrades and updates on their BBS. The program seemed to work all right but then the BBS went down and I couldn't find the company to get another update. Can anybody tell me where I can get an update, or if I should? Is this a good product or should I look elsewhere? btw. I use DOS on a PS/1 but my wife uses Windows95 on an actual computer. :) ___ X OLX 2.1 TD X Definition of Terror: A female Klingon with PMS. --- Maximus 2.02 * Origin: Acoustic Plains BBS. Ottawa, ON. 613-742-7612 (1:163/551) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: F3H00001 Date: 03/10/98 From: KURT WISMER Time: 11:24am \/To: ALAIN GOHIER (Read 1 times) Subj: demolition, V2P6... -=> Mocking Alain Gohier to Kurt Wismer <=- KW> KW> AG> Common.com -- EICAR test file. KW> KW> AG> Sampvir.com -- Which is a simple signature of DEMOLITION virus. KW> KW> AG> Lkccmini.exe -- Which come from the uic_v24.zip file and have KW> KW> AG> a V2P6 virus in it. KW>simulated viruses aren't real viruses... nor are they particularly KW>useful for anything beyond detecting faulty installation of the av KW>product... AG> Comment dois-je te faire comprendre que le fichier .exe contient un AG> VRAI virus ? Dois-je le crier, ou bien m'en remettre a ma puissance AG> superieure et te laisser precher dans le desert... J'opte pour la AG> deuxieme possibilit. i almost got that - the meaning of dois-je escapes me though.... at least 2 of the files are not real viruses... if a virus scanner (particularly a good virus scanner) that is supposed to be able to detect the third has not then i suspect it is not a virus, at least not the virus it pretends to be... (i recall once apon a time a certain set of individuals i encountered were abolutely convinced they were making viruses, when in fact they were either running a virus construction kit or making trojans - it didn't help matters any that they were naming them after already existing viruses like monkey, and that sort of thing)... KW>how do you know they're viruses? that's the real question when you're KW>dealing with supposed virus samples... if they don't replicate, or if KW>their offspring don't replicate, then they aren't viruses... AG> Because V2P6 wipped MY HD. f this one is a simulated one, it is a AG> good simulation... :-< that's not viral behaviour, that's trojan behaviour... if it doesn't replicate, it's not a virus... ... "wheres polonius?"-"he's at supp'... with the worms"... --- Platinum Xpress/Win/Wildcat5! v2.0 * Origin: All The Fido Conferences, Doc's. telnet://docsplace.d (1:3603/140) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: F3H00002 Date: 03/11/98 From: KURT WISMER Time: 09:59am \/To: PAUL WALKER (Read 1 times) Subj: Best Antiviral Program -=> Mocking Paul Walker to Kurt Wismer <=- KW> further, some debugging (of sorts) is done over the phone with end KW> users... why do you think all those unadvisable switches are there to KW> begin with? PW> /vid? no... as i said, findvirus performs exact id's by default, everything it says is "identified as" has been identified exactly, everything that says "like virus . . ." has been done by more conventional means... /vid is a switch that keeps it from switching over into just heuristic mode (which it does by default if it detects 10 or more viruses to increase the speed of scanning on dumb scanner comparisons which test the speed of scanning of the zoo - what some people have wrongly called cheating) KW> method it's using to identify the virus... if it had shown up as an KW> exact identification, no matter how rare or flakey the virus, it's KW> almost certainly not a false alarm (depending on the PW> True, I guess. I'm just saying that the output is far more likely to PW> be so it looks good to the users (and so people can support it) than PW> because it's debugging. the average user isn't even going to know what it means... findvirus almost always says "identified as" and the user will probably just assume that's its default message whenever it finds a virus... (technically it is it's default message because it does exact id by default, but anyways) PW>> Besides, you can always have an option to turn debugging info on PW>> - most of my programs do. f-prot does... /guru /paranoid (probably just /guru will do) will place an "(exact)" after each identification that has been performed exactly... KW> that depends on what you're talking about with respect to debugging... PW> Writes debug files, outputs copies of all data blocks it sends to the PW> CD interface, tells you exactly what it's doing; that sort of thing, PW> usually. from a programming perspective i've gotten used to debugging being that extra crap one puts in the executable so you can run it through a debugger (not necessary for asm)... what you're talking about should definitely be left in the final product though, for support purposes... ... today's mock has been brought to you by the letters p, u, and # pi... --- Platinum Xpress/Win/Wildcat5! v2.0 * Origin: All The Fido Conferences, Doc's. telnet://docsplace.d (1:3603/140) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: F3I00000 Date: 03/10/98 From: EVERT CLONEN Time: 04:24am \/To: JOS CALLEWAERT (Read 1 times) Subj: new hoax ? JC> Hello All! Hiya Jos JC> I recieve an e-mail warning me for the "win a holliday" JC> virus. Anybody heard from it yet ? Yep, don't know what it does, but the guys and girls at M$ found it neccessary to tell all their customers there was a virus you could get by recieving E-mail. I don't think so, you can only get a virus by exicuting a program, not by reading a txt-file. (OK, you can get a cap-virus, you know that word virus, but only if you use word as a E-mail reader.) Evert --- * Origin: SkyNET Bbs 32-16-580862 28k8 Call NOW! (2:292/316.2) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: F3J00000 Date: 03/13/98 From: HANS SCHOTEL Time: 01:42pm \/To: ALL (Read 1 times) Subj: OKTAWIN.5664 * Crossposted in VIRUS_INFO * * Crossposted in VIRUS * Hello All! Has anybody ever heard of a virus under the name of OKTAWIN.5664 ? What does it do? Is there a scanner that can remove it? Thanks in advance for any info on this subject. Greetings, Hans Many are called, few volunteer. --- GoldED/2 3.00.Beta2+ * Origin: Hans' Point with DOSBoss West, Amsterdam (2:500/121.3) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: F3L00000 Date: 03/15/98 From: JAMES SHERIDAN Time: 09:52pm \/To: HANS SCHOTEL (Read 1 times) Subj: OKTAWIN.5664 'ullo Hans, On 13 Mar 98 you were yakking on about OKTAWIN.5664 weren't ya? HS> Has anybody ever heard of a virus under the name of OKTAWIN.5664 ? What HS> does it do? Is there a scanner that can remove it? HS> Thanks in advance for any info on this subject. I had that "virus" on my system. Lemme guess, did McAfee pick it up, and all other scanners didn't find it? My guess (and a very very uninformed one at that) is that it is harmless, as it has apparantly been on my system for several months and has caused ZERO damage so far. - jAMBO - /dESiDONiAN/ : email me - james@freefall.clara.net "I'm down and all alone with every feeling that I own" "He's /YOUR/ god, they're /YOUR/ rules, /YOU/ burn in hell!!" Adam_Colley, L_CHAT_GENERAL, 24 Feb 98 ... Raise hell with politicians. They make the laws. --- The Underground * Origin: Where the stuff that dreams are made of... (2:2503/513) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: F3L00001 Date: 03/15/98 From: JOHN WARNER Time: 03:20am \/To: ALL (Read 1 times) Subj: Forget the Virus! Forget the Virus. the most Distructive Force on the Computer Scene is the File Bomb! i reseved a File Bomb on my bbs a Few Months back it was Marked HARDOP.Zip it was a Harddrive Optimizer Program and when run it would Deleted all the Harddrives partisions in one Blow!. With Virus its a simple task of using VET or MF's to Kill them But what can you Do with file bombs that dont show up as Virus. but can Do more Then just Affect Files. it can Wipe out your Drives.. Well anyway. I tracked the Little F$#$#ing Kid that uploaded this Bomb and I am Posting this Message to Warn Other Sysops and Users to Beware of a User/Abuser Call "David Zhao" Yes its his Real Name as i've checked it out VIA Voice Caliing his Home, He Runs a bbs him Self Called "Killer bbs" that Name should Speak for its self as it is a Killer. of Anyones harddrives that Visit this bbs and Downloads his UN CHECKED Files. Also hes has Been reported on Several Other bbs Uploading file bombs Cya Soon!!! :) ... "I thought YOU had the controls" -voice recorder found at Roswell --- FMail 1.22 * Origin: Beyond Reality: UFO/Paranormal Archives (03) 9773-3721 (3:632/562) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: F3M00000 Date: 03/17/98 From: DENNIS PADILLA Time: 01:59pm \/To: EVERT CLONEN (Read 1 times) Subj: new hoax ? This message was written at 1:58p on 03-17-1998. EC> JC> I recieve an e-mail warning me for the "win a holliday" virus. EC> JC> Anybody heard from it yet ? EC> Yep, don't know what it does, but the guys and girls at M$ found it EC> neccessary to tell all their customers there was a virus you could get y EC> recieving E-mail. I don't think so, you can only get a virus by exicuting EC> a program, not by reading a txt-file. (OK, you can get a cap-virus, ou EC> know that word virus, but only if you use word as a E-mail reader.) It's true you can get a virus from a Word File. That's just a disguise, so when you download or get any mail, check if it's a virus. --- RLCOMMS - LAN, WAN & MAN * Origin: Remote Link Communications * +61-2-9541-0870 * (3:712/330) --------------- FIDO MESSAGE AREA==> TOPIC: 171 VIRUS INFO Ref: F3M00001 Date: 03/17/98 From: DENNIS PADILLA Time: 02:02pm \/To: DAVE P.A. SMITH (Read 1 times) Subj: Virus Alert This message was written at 2:00p on 03-17-1998. DS> Has anybody tried this program? A while back I bought a consumer DS> version of Alert and was told that I could get upgrades and updates on DS> their BBS. The program seemed to work all right but then the BBS went DS> down and I couldn't find the company to get another update. DS> Can anybody tell me where I can get an update, or if I should? Is this DS> a good product or should I look elsewhere? I haven't heard of your virus scanner, but I personally know that Mcafee is a good virus scanner, you can find anti-virus updates everywhere and it is also easy to get them from any BBS, you just have to look. Or ask around, ask the users if they can help.....OK :) --- RLCOMMS - LAN, WAN & MAN * Origin: Remote Link Communications * +61-2-9541-0870 * (3:712/330)