Why 6 viruses after the first one?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View


A curiosity question, but probably with practical uses eventually:

My frrend with the virus seems to have gotten 6 more viruses in two
weeks that she and I and another friend have been trying to get rid of
the first one.

Is that likely because

1) The first virus calls up his friends and says "Come on over. I've
got plenty of beer",

or

2) The webpage scan scam that she fell for in the first place
installed more than just that first virus,

or

3) The first virus disabled her real-time virus checker.   2 or 3 of
her viruses are supposed to arrive by email, but she still didn't
click on any attachments, so how would that have given her extra
viruses?

Very confused,

Thanks

Re: Why 6 viruses after the first one?




| A curiosity question, but probably with practical uses eventually:

| My frrend with the virus seems to have gotten 6 more viruses in two
| weeks that she and I and another friend have been trying to get rid of
| the first one.

| Is that likely because

| 1) The first virus calls up his friends and says "Come on over. I've
| got plenty of beer",

| or

| 2) The webpage scan scam that she fell for in the first place
| installed more than just that first virus,

| or

| 3) The first virus disabled her real-time virus checker.   2 or 3 of
| her viruses are supposed to arrive by email, but she still didn't
| click on any attachments, so how would that have given her extra
| viruses?

| Very confused,

| Thanks

You use the term "virus" to explain what the computer may have.  That's your
first
confusion.  I'll bet NONE or maybe just ONE is a type of virus but the rest are
all forms
of trojans as all viruses and trojans are malware but not all malware are
viruses or
trojans.

When you talk/write about "malware" you need to be more precise than "My frrend
with the
virus seems to have gotten 6 more viruses in two weeks".

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Why 6 viruses after the first one?



Hello, David!

You wrote on Sun, 19 Sep 2010 09:16:44 -0400:

 |
 |> A curiosity question, but probably with practical uses eventually:
 |
 | When you talk/write about "malware" you need to be more precise than "My
 | frrend with the virus seems to have gotten 6 more viruses in two weeks".
 |
I was computer illiterate at 1 time too... (still am)
--
With best regards, gufus.  E-mail: stop.nospam.gbbsg@shaw.ca



Re: Why 6 viruses after the first one?




| Hello, David!

| You wrote on Sun, 19 Sep 2010 09:16:44 -0400:


||> A curiosity question, but probably with practical uses eventually:

|| When you talk/write about "malware" you need to be more precise than "My
|| frrend with the virus seems to have gotten 6 more viruses in two weeks".

| I was computer illiterate at 1 time too... (still am)

That's why it is "good" to discuss these points.  To raise situational awareness
and
subject matter litteracy.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Why 6 viruses after the first one?



Hello, David!

You wrote on Sun, 19 Sep 2010 18:00:30 -0400:

  |> I was computer illiterate at 1 time too... (still am)
 |
 | That's why it is "good" to discuss these points.  To raise situational
 | awareness and subject matter litteracy.
 |
My ears are up...
--
With best regards, gufus.  E-mail: stop.nospam.gbbsg@shaw.ca



Re: Why 6 viruses after the first one?




| Hello, David!

| You wrote on Sun, 19 Sep 2010 18:00:30 -0400:

|   |> I was computer illiterate at 1 time too... (still am)

|| That's why it is "good" to discuss these points.  To raise situational
|| awareness and subject matter litteracy.

| My ears are up...

:-)




--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Why 6 viruses after the first one?



Hello, David!

You wrote on Sun, 19 Sep 2010 18:27:58 -0400:

  |> My ears are up...
 |
 | :-)
 |
Everybody learns differently..|

--
With best regards, gufus.  E-mail: stop.nospam.gbbsg@shaw.ca



Re: Why 6 viruses after the first one?



Quoted text here. Click to load it

The one with the 'five specific threats' would be more correct than the
one with 'viruses'.

However, some of those threats can indeed be considered 'viruses'.

Quoted text here. Click to load it

As I recall, Hybris got 'plug-ins' from encrypted plug-ins posted to
alt.comp.virus. One such plug-in allowed Hybris to spread in a viral
manner as well as its own native e-mail worm vector. If Hybris executed
on the victims machine, it introduces the *unknown* factor into the
equation and makes "flatten and rebuild" look like a better option.

Magistr just does what it does (no added *unknown* functions) - there is
a nasty payload as well as a rather tame payload, and the detection of
legal documents on the current host might trigger the more nasty
payload. Your AV should be able to handle Magistr removal.

Quoted text here. Click to load it

Possible, but the scareware does not qualify as a virus. It gets
distributed in the manner that you describe, but does not distribute
*itself* (known as 'spreading') like viruses and/or worms do.

Quoted text here. Click to load it

The scareware (not a virus) probably did this.

Quoted text here. Click to load it

Yes, Hybris and Magistr are both primarily e-mail vector worms (pseudo
worms I like to call 'clickworms' - if not for the need for the user to
click, they would be true worms).

Quoted text here. Click to load it

Maybe they weren't ever executed, and an e-mail scanner is picking up on
them. You never did mention *where*, *what* was found.

Quoted text here. Click to load it

Join the club. :oD

Many of the official vendors' sites add to the confusion. If you are
going to discuss malware, it is important to agree on terminology. Many
places online seem to have their own unique definitions for worms,
viruses, and non-self-replicating malware.

So do I.

It helps to think of worms and viruses as self-distributing mobile code.
They have the ability to replicate more than just themselves, so can
carry a 'payload' which makes them a favorite for malware distribution.
If someone chooses a beneficial payload, they would still be considered
inherently bad because there are safer ways to distribute beneficial
payloads without the risk of uncontrolled outbreaks or unanticipated
behavior.



Site Timeline