Re: Replicator Virus

From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 09/05/04 

Date: Sun, 5 Sep 2004 17:27:17 -0400

I think the harm is a false negative declaration. The OP downloads the utility and has done
nothing to alleviate his problems. As for Network Associates -- the company has ben broken
up and it's just McAfee now and is re-focusing on AV solutions, their core product(s).

As for a "Safe Bet", I am not a gambler and know your best bet is no bet at all.
As for being a great tool, Stinger is when the infector is known to be one of the targeted
infectors or a variant thereof.
With ~100,00 infectors with thousands in the wild, Stinger is just too limited.

A better solution -- Trend Sysclean Package

"It replaces the traditional fix tool by addressing a wide variety of system infections
rather than a specific malware infection."

Trend Sysclean Package

http://www.trendmicro.com/download/dcs.asp

Latest Trend signature files.

http://www.trendmicro.com/download/pattern.asp

Dave

"Rick "Nutcase" Rogers" <rick@mvps.org> wrote in message
news:u5Txmo4kEHA.1356@TK2MSFTNGP09.phx.gbl...
| Hi David,
|
| There is no harm to running stinger if the user is not infected with one of
| the listed bugs or its variants. Since 99% of bugs seen in this and other
| groups come in waves, it is a safe bet that stinger will catch it (provided
| that the user downloads the latest version of stinger). To rationalize, the
| first bet is to run stinger and catch the latest round of no-good-nicks
| (best done from Safe mode to minimize interference and to keep the bugsfrom
| being TSR's that cannot be removed). If it fails, then we do it the hard
| way, but again, most of the bugs like this are a recent spate, and stinger
| is perhaps the best tool that NA has ever released for catching these (as I
| certainly would never, ever recommend their AVproduct).
|
| --
| Best of Luck,
|
| Rick Rogers, aka "Nutcase" - Microsoft MVP
| http://mvp.support.microsoft.com/
| Associate Expert - WindowsXP Expert Zone
| www.microsoft.com/windowsxp/expertzone
| Windows help - www.rickrogers.org
|
| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
| news:eXp6DV4kEHA.896@TK2MSFTNGP12.phx.gbl...
| > Rick:
| >
| > Stinger only targets ~45 infectors and their variants. it should ONLY be
| > used when you know
| > the infector is indeed one of the targeted infectors.
| >
| > So since you suggested Stinger and the OP did provide a name to the
| > infector, which of the
| > targeted infectors of Stinger do you propose is on the OP's platform ?
| >
| > Dave
| >
| >
| >
| >
| > "Rick "Nutcase" Rogers" <rick@mvps.org> wrote in message
| > news:e0VVNO4kEHA.3432@TK2MSFTNGP14.phx.gbl...
| > | Hi,
| > |
| > | 1) Download stinger from http://vil.nai.com/vil/stinger/
| > |
| > | 2) Restart the system and load safe mode, log on as administrator.
| > |
| > | 3) Run stinger.
| > |
| > | --
| > | Best of Luck,
| > |
| > | Rick Rogers, aka "Nutcase" - Microsoft MVP
| > | http://mvp.support.microsoft.com/
| > | Associate Expert - WindowsXP Expert Zone
| > | www.microsoft.com/windowsxp/expertzone
| > | Windows help - www.rickrogers.org
| >
| >
|
|

begin 666 readme.txt
M#0HJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ
M*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ#0I4<F5N9"!-:6-R
M;R!3>7-C;&5A;B!086-K86=E#0I4<F5N9"!-:6-R;RP@26YC+@T*:'1T<#HO
M+W=W=RYT<F5N9&UI8W)O+F-O;0T**BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ
M*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ*BHJ
M*BHJ*BHJ*@T*#0I$871E.B!4:'4@(#DO,#(O,#0-"E1I;64Z(#(Q.C U.C(Q
M#0I4:6UE(%IO;F4Z("A'350@+3 X.C P*0T*#0H-"DDN($1E<V-R:7!T:6]N
M#0H-"B @("!4:&ES('-E;&8M97AT<F%C=&EN9R!A<F-H:79E(&ES(&$@<W1A
M;F0M86QO;F4@9FEX('!A8VMA9V4@=&AA=" -"B @("!I;F-O<G!O<F%T97,@
M=&AE($1A;6%G92!#;&5A;G5P($5N9VEN92!A;F0@5&5M<&QA=&4N($ET(')E
M<&QA8V5S('1H92 -"B @("!T<F%D:71I;VYA;"!F:7@@=&]O;"!B>2!A9&1R
M97-S:6YG(&$@=VED92!V87)I971Y(&]F('-Y<W1E;2!I;F9E8W1I;VYS#0H@
M(" @<F%T:&5R('1H86X@82!S<&5C:69I8R!M86QW87)E(&EN9F5C=&EO;BX@
M#0H@(" @#0H-"B @("!4:&ES('1O;VP@<W5P<&]R=',@=&AE(&9O;&QO=VEN
M9R!F96%T=7)E<SH-"@T*(" @(&\@("!497)M:6YA=&4@86QL(&UA;'=A<F4@
M:6YS=&%N8V5S(&EN(&UE;6]R>0T*(" @(&\@("!296UO=F4@;6%L=V%R92!R
M96=I<W1R>2!E;G1R:65S#0H@(" @;R @(%)E;6]V92!M86QW87)E(&5N=')I
M97,@9G)O;2!S>7-T96T@9FEL97,-"B @("!O(" @4V-A;B!F;W(@86YD(&1E
M;&5T92!A;&P@;6%L=V%R92!C;W!I97,@:6X@86QL(&QO8V%L(&AA<F0@9')I
M=F5S#0H@(" @#0H-"@T*24DN($9I;&4@3&ES= T*#0H@(" @;R @('-Y<V-L
M96%N+F-O;2 M('1H92!M86EN(&5X96-U=&%B;&4@;6]D=6QE#0H@(" @;R @
M(')E861M92YT>'0@(" M('1H:7,@9FEL92 @(" -"B @("!O(" @;'!T)'9P
M;BY86%@@("T@9&]W;FQO861A8FQE(&-O;7!O;F5N=" H<V5E(%)E<75I<F5M
M96YT<RD@#0H-"@T*#0I)24DN(%)E<75I<F5M96YT<PT*#0H@(" @,2X@($1O
M=VYL;V%D('1H92!L871E<W0@<&%T=&5R;B!F:6QE(&QP="1V<&XN6%A8(&EN
M(%I)4"!F;W)M870@87,@#0H@(" @(" @(&QP=%A86"Y:25 @9G)O;2!T:&4@
M9F]L;&]W:6YG(&QO8V%T:6]N.@T*#0H@(" @(" @(#QH='1P.B\O=W=W+G1R
M96YD;6EC<F\N8V]M+V1O=VYL;V%D+W!A='1E<FXN87-P/@T*"0T*(" @(" @
M("!4:&ES(&9I;&4@;75S="!B92!S879E9"!I;B!T:&4@<V%M92!F;VQD97(@
M=VAE<F4@>6]U(')U;B -"B @(" @(" @=&AI<R!F:7@@<&%C:V%G92X-"@T*
M(" @(#(N("!4:&ES('1O;VP@:7,@9&5S:6=N960@=&\@<G5N('5N9&5R(%=I
M;F1O=W,@.7@O344O3E0O,C P,"]84"X-"@T*(" @($9O<B!U<V5R<R!R=6YN
M:6YG(%=I;F1O=W,@3E0@-"XP+"!Y;W4@;F5E9"!T;R!C;W!Y('1H92!F:6QE
M+"!04T%022Y$3$PL#0H@(" @=&\@=&AE(%=I;F1O=W,@<WES=&5M(&1I<F5C
M=&]R>2P@=VAI8V@@:7,@=7-U86QL>2!#.EQ724Y.5%QS>7-T96TS,BX@#0H@
M(" @66]U(&-A;B!F:6YD('1H92!F:6QE(&EN('1H92!7:6YD;W=S($Y4(#0N
M,"!3971U<"!#1"!A="!T:&4-"B @("!F;VQL;W=I;F<@;&]C871I;VYS.@T*
M#0H@(" @(" @(%Q3=7!P;W)T7$1E8G5G7&DS.#9<4%-!4$DN1$Q,(" @(" -
M"@T*#0H-"DE6+B!087)A;65T97)S#0H-"B @(" O3D]'54D@(" @("!.;R!'
M54D@*')U;G,@=&AE('1O;VP@:6X@8V]N<V]L92!M;V1E*0T*(" @("]324Q%
M3E0@(" @(%)U;B!I;B!S:6QE;G0@;6]D92 H;F\@;W5T<'5T(&1I<W!L87DI
M#0H@(" @/&9O;&1E<CX@(" @5&AE(&9O;&1E<B!W:&5R92!T:&4@=&]O;"!B
M96=I;G,@<V-A;FYI;F<N($EF( T*(" @(" @(" @(" @(" @('5N<W!E8VEF
M:65D+"!T:&ES('1O;VP@<V-A;G,@86QL(&QO8V%L(&AA<F0@9')I=F5S#0H@
M(" @+UD@(" @(" @(" @075T;VUA=&EC86QL>2!A;G-W97)S('EE<R!T;R!A
M;&P@<')O;7!T<PT*(" @("\_(" @(" @(" @($1I<W!L87ES(&AE;' @:6YF
M;W)M871I;VX-"@T*#0H-"E8N($AO=R!T;R!5<V4-"@T*(" @(#$N("!#<F5A
M=&4@82!T96UP;W)A<GD@9F]L9&5R(&%N9"!C;W!Y(%-94T-,14%.+D-/32!I
M;G1O('1H:7,@9F]L9&5R+@D-"@D-"B @("!.3U1%.B!4:&ES('1E;7!O<F%R
M>2!F;VQD97(@<VAO=6QD(&)E(&-R96%T960@;VX@82!L;V-A;"!O<B!M87!P
M960@9')I=F4N"0T*#0H@(" @,BX@($1O=VYL;V%D(&QA=&5S="!P871T97)N
M(&9I;&4N($5X=')A8W0@=&AE(&1O=VYL;V%D960@6DE0('!A='1E<FX@#0H@
M(" @(" @(&9I;&4@:6YT;R!T:&4@8W)E871E9"!F;VQD97(N( T*#0H@(" @
M,RX@($-L;W-E(&%L;"!A<'!L:6-A=&EO;G,@<G5N;FEN9R!O;B!Y;W5R('-Y
M<W1E;2P@:6YC;'5D:6YG(&%N>0T*(" @(" @("!A;G1I=FER=7,@<V]F='=A
M<F4N#0H-"B @(" T+B @4G5N('1H92!E>&5C=71A8FQE(&9I;&4L(%-94T-,
M14%.+D-/32P@8GD@96ET:&5R.@T*#0H@(" @(" @(&$N("!$;W5B;&4M8VQI
M8VMI;F<@=&AE('1O;VP@:6X@5VEN9&]W<R!%>'!L;W)E<BX-"B @(" @(" @
M8BX@($5X96-U=&EN9R!I="!V:6$@8V]M;6%N9"!P<F]M<'0@=7-I;F<@<WEN
M=&%X(&)A<V5D(&]N('1H90T*(" @(" @(" @(" @869O<F5M96YT:6]N960@
M<&%R86UE=&5R<RX-"@T*(" @(#0N("!%;F%B;&4@86YY(&%N=&EV:7)U<R!S
M;V9T=V%R92!T:&%T(&ES(&EN<W1A;&QE9"!O;B!Y;W5R('-Y<W1E;2!A;F0-
M"B @(" @(" @<&5R9F]R;2!A(&UA;G5A;"!S8V%N+@T*#0H@(" @3D]413H@
M5&AI<R!F:7@@=&]O;"!G96YE<F%T97,@=&AE(&QO9R!F:6QE+"!365-#3$5!
M3BY,3T<L(&EN(&ET<PT*(" @(&-U<G)E;G0@9F]L9&5R+@T*(" @( D-"@T*
M#0I622X@2&ES=&]R>3H-"@T*(" @(%9E<G-I;VX@,2XP," M($9I<G-T(')E
M;&5A<V4-"@T*#0H-"E9)22X@0V]M<&%T:6)I;&ET>0T*#0H@(" @5&AI<R!T
M;V]L(&AA<R!B965N('1E<W1E9"!U;F1E<B!T:&4@9F]L;&]W:6YG('!L871F
M;W)M<SH-"@T*(" @(" @("!7:6YD;W=S(#DU#0H@(" @(" @(%=I;F1O=W,@
M.3@-"B @(" @(" @5VEN9&]W<R!-10T*(" @(" @("!7:6YD;W=S($Y4(#0N
M,"!7;W)K<W1A=&EO;B!A;F0@4V5R=F5R#0H@(" @(" @(%=I;F1O=W,@,C P
M,"!0<F]F97-S:6]N86P@86YD(%-E<G9E<@T*(" @(" @("!7:6YD;W=S(%A0
M($AO;64@86YD(%!R;V9E<W-I;VYA; T*#0H-"@T*5DE)22X@2VYO=VX@27-S
M=65S#0H-"B @("!.;VYE#0H-"@T*#0I)6"X@061D:71I;VYA;"!297-O=7)C
M97,-"@T*(" @($9O<B!M;W)E(&EN9F]R;6%T:6]N(&%B;W5T(&$@<W!E8VEF
M:6,@;6%L=V%R92P@=FES:70@=&AE(%1R96YD($UI8W)O#0H@(" @=FER=7,@
M861V:7-O<FEE<R!796(@<VET92!A=#H-"@T*(" @(#QH='1P.B\O=W=W+G1R
M96YD;6EC<F\N8V]M+W9I;F9O+SX-"@T*#0H@(" @1F]R(&%D9&ET:6]N86P@
M5VEN9&]W<R!-12]84"!C;&5A;FEN9R!I;G-T<G5C=&EO;BP@=FES:70Z#0H-
M"B @(" \:'1T<#HO+W=W=RYT<F5N9&UI8W)O+F-O;2]E;B]S96-U<FET>2]A
M9'9I<V]R:65S+W=I;E]M95]C;&5A;BYH=&T^#0H-"@T*(" @(%1O(&%C8V5S
M<R!4<F5N9"!-:6-R;Y)S(%-O;'5T:6]N0F%N:RP@=FES:70Z#0H-"B @(" \
E:'1T<#HO+VMB+G1R96YD;6EC<F\N8V]M+W-O;'5T:6]N<R\^&@``
`
end

Relevant Pages

  • Re: HELP! About:Blank Problem
    ... Maybe she might not be able to access the AV web sites but we don't know until she replies. ... At least the web sites represent the ~100,000 known infectors. ... Stinger is NOT a investigational tool. ... If there wasn't a license issue, I would tell *ALL* how to download and use the McAfee ...
    (microsoft.public.security.virus)
  • Re: Ewido, Trojan Hunter Or Both?
    ... |>> hopefully I can get rid of with AdAware or Spybot S&D ... >> Stinger is a great tool but, it only targets ~53 infectors and their variants. ... Please perform the following which includes the Trend Sysclean utility and it's front end ...
    (alt.computer.security)
  • Re: waudclt.exe?
    ... McAfee's Stinger only targets some 42 or so infectors. ... itself to UseNet News Groups as well as it has its own email engine. ...
    (microsoft.public.win2000.general)
  • Re: Replicator Virus
    ... Stinger only targets ~45 infectors and their variants. ... So since you suggested Stinger and the OP did provide a name to the infector, ... targeted infectors of Stinger do you propose is on the OP's platform? ... | Associate Expert - WindowsXP Expert Zone ...
    (microsoft.public.windowsxp.general)
  • Re: Ewido, Trojan Hunter Or Both?
    ... > | I forgot to mention I do have Spybot and use TeaTimer in my systray. ... > | have improved things by allowing you to suspend the programme while you ... > Stinger is a great tool but, it only targets ~53 infectors and their variants. ...
    (alt.computer.security)
Loading