Guest Patty Posted September 20, 2008 Posted September 20, 2008 Does anybody know what these are or how to get rid of them? Trojan-downloader.win32.agent.bq Trojan.clicker.win32.Tiny.h I keep getting what appears to be Windows Security Boxes telling me my firewall has detected suspicious activity. I should have know something was up because I don't even have my Windows firewall activated. I tried "googling" a manual removal but I don't know where in the regedit to fine the keys I'm suppose to remove. If any of you MVP's or very knowledgable computer people can help me out.....I'd truly much appreciate it because it's a nuisance. Thanx.......Patty
Guest Ronaldo Posted September 20, 2008 Posted September 20, 2008 Re: Viruses Either of these applications should delete the trojans. Download A-Squared Free http://www.emsisoft.com/en/software/free/ Download Malwarebytes Anti-Malware http://www.malwarebytes.org/ If you want to know more about the two trojans check the links... just read the information but do not scan your computer with their online scanner or download their software... SpyHunter is on the suspicious Anti Spyware List probably for a good reason. Info: Trojan-Downloader.Win32.Agent.bq http://www.411-spyware.com/remove-trojan-downloader-win32-agent-bq Info: Trojan-Clicker.Win32.Tiny.h http://www.411-spyware.com/remove-trojan-clicker-win32-tiny-h ------------------------------------- "Patty" <Patty@discussions.microsoft.com> escribió en el mensaje news:34508612-0BE8-47DC-AB1E-3CEAF12CBB48@microsoft.com... > Does anybody know what these are or how to get rid of them? > > Trojan-downloader.win32.agent.bq > Trojan.clicker.win32.Tiny.h > > I keep getting what appears to be Windows Security Boxes telling me my > firewall has detected suspicious activity. I should have know something > was > up because I don't even have my Windows firewall activated. I tried > "googling" a manual removal but I don't know where in the regedit to fine > the > keys I'm suppose to remove. > > If any of you MVP's or very knowledgable computer people can help me > out.....I'd truly much appreciate it because it's a nuisance. > > Thanx.......Patty
Guest PA Bear [MS MVP] Posted September 20, 2008 Posted September 20, 2008 Re: Viruses Unexplained computer behavior may be caused by deceptive software http://support.microsoft.com/kb/827315 Run a /thorough/ check for hijackware, including posting your hijackthis log to an appropriate forum. Checking for/Help with Hijackware http://aumha.org/a/parasite.htm http://aumha.org/a/quickfix.htm http://aumha.net/viewtopic.php?t=5878 http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction http://mvps.org/winhelp2002/unwanted.htm http://inetexplorer.mvps.org/data/prevention.htm http://inetexplorer.mvps.org/tshoot.html http://www.mvps.org/sramesh2k/Malware_Defence.htm http://defendingyourmachine2.blogspot.com/ http://www.elephantboycomputers.com/page2.html#Removing_Malware When all else fails, HijackThis v2.0.2 (http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use (in conjuction with some other utilities). HijackThis will NOT fix anything on its own, but it will help you to both identify and remove any hijackware/spyware with assistance from an expert. **Post your log to http://spywarehammer.com/simplemachinesforum/index.php?board=10.0, http://forums.spybot.info/forumdisplay.php?f=22, http://aumha.net/viewforum.php?f=30, or another appropriate forum for review by an expert in such matters, not here.** If the procedures look too complex - and there is no shame in admitting this isn't your cup of tea - take the machine to a local, reputable and independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop. -- ~Robear Dyer (PA Bear) MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002 AumHa VSOP & Admin http://aumha.net DTS-L http://dts-l.net/ Patty wrote: > Does anybody know what these are or how to get rid of them? > > Trojan-downloader.win32.agent.bq > Trojan.clicker.win32.Tiny.h > > I keep getting what appears to be Windows Security Boxes telling me my > firewall has detected suspicious activity. I should have know something > was > up because I don't even have my Windows firewall activated. I tried > "googling" a manual removal but I don't know where in the regedit to fine > the keys I'm suppose to remove. > > If any of you MVP's or very knowledgable computer people can help me > out.....I'd truly much appreciate it because it's a nuisance. > > Thanx.......Patty
Guest David H. Lipman Posted September 20, 2008 Posted September 20, 2008 Re: Viruses From: "Patty" <Patty@discussions.microsoft.com> | Does anybody know what these are or how to get rid of them? | Trojan-downloader.win32.agent.bq | Trojan.clicker.win32.Tiny.h | I keep getting what appears to be Windows Security Boxes telling me my | firewall has detected suspicious activity. I should have know something was | up because I don't even have my Windows firewall activated. I tried | "googling" a manual removal but I don't know where in the regedit to fine the | keys I'm suppose to remove. | If any of you MVP's or very knowledgable computer people can help me | out.....I'd truly much appreciate it because it's a nuisance. | Thanx.......Patty Neither are "viruses", they are trojans. The first, as its name implies, is a trojan downloader which mens that once installed, it will dowload peers. I'm not sure of exaclty what the trojan clicker family is. You left out important information. - What is the fully qulaified name and path to the files deemed infected - What is the anti virus application that deemed the files to be infected. Download MULTI_AV.EXE from the URL -- http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe http://www.pctipp.ch/downloads/dl/35905.asp English: http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/ To use this utility, perform the following... Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS } Choose; Unzip Choose; Close Execute; C:\AV-CLS\StartMenu.BAT { or Double-click on 'Start Menu' in C:\AV-CLS } NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your FireWall to allow it to download the needed AV vendor related files. C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS} This will bring up the initial menu of choices and should be executed in Normal Mode. This way all the components can be downloaded from each AV vendor's web site. The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC. You can choose to go to each menu item and just download the needed files or you can download the files and perform a scan in Normal Mode. Once you have downloaded the files needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key during boot] and re-run the menu again and choose which scanner you want to run in Safe Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode. When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help file. Additional Instructions: http://pcdid.com/Multi_AV.htm * * * Please report back your results * * * -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Guest Patty Posted September 20, 2008 Posted September 20, 2008 Re: Viruses Thank you all for your replies. I think I know now how it got there. I guess I got dupped awhile ago and downloaded Spyhunter. I'm going to remove Spyhunter from my computer (guess there's no chance in getting my money back.....huh?) and try all your suggestions. Dave: Unfortunately I'm not very computer literate so I'll have to wait for my son to do as you suggested if all else fails. As far as the antivirus software goes, I use AVG. I actually have it set up to update and scan every morning and so far it hasn't picked anything up. I also don't know the fully qualified name of path of the files infected because I don't know how to find that. I've been running my Ad-Aware and that has found infected files but it was unable to remove 14 of them. Also, when I try to run my ad-aware in safe mode (which I was told a long time ago was best to do) I get an error message and it won't scan. Again, thank you all for your suggestions. If I have more problems, I will post back. Patty "David H. Lipman" wrote: > From: "Patty" <Patty@discussions.microsoft.com> > > | Does anybody know what these are or how to get rid of them? > > | Trojan-downloader.win32.agent.bq > | Trojan.clicker.win32.Tiny.h > > | I keep getting what appears to be Windows Security Boxes telling me my > | firewall has detected suspicious activity. I should have know something was > | up because I don't even have my Windows firewall activated. I tried > | "googling" a manual removal but I don't know where in the regedit to fine the > | keys I'm suppose to remove. > > | If any of you MVP's or very knowledgable computer people can help me > | out.....I'd truly much appreciate it because it's a nuisance. > > | Thanx.......Patty > > Neither are "viruses", they are trojans. > > The first, as its name implies, is a trojan downloader which mens that once installed, it > will dowload peers. > I'm not sure of exaclty what the trojan clicker family is. > > You left out important information. > - What is the fully qulaified name and path to the files deemed infected > - What is the anti virus application that deemed the files to be infected. > > > Download MULTI_AV.EXE from the URL -- > http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe > > http://www.pctipp.ch/downloads/dl/35905.asp > > English: > http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/ > > To use this utility, perform the following... > Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS } > Choose; Unzip > Choose; Close > > Execute; C:\AV-CLS\StartMenu.BAT > { or Double-click on 'Start Menu' in C:\AV-CLS } > > NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your > FireWall to allow it to download the needed AV vendor related files. > > C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS} > This will bring up the initial menu of choices and should be executed in Normal Mode. > This way all the components can be downloaded from each AV vendor's web site. > The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC. > > You can choose to go to each menu item and just download the needed files or you can > download the files and perform a scan in Normal Mode. Once you have downloaded the files > needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key > during boot] and re-run the menu again and choose which scanner you want to run in Safe > Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode. > > When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help > file. > > Additional Instructions: > http://pcdid.com/Multi_AV.htm > > > * * * Please report back your results * * * > > > > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > > >
Guest David H. Lipman Posted September 20, 2008 Posted September 20, 2008 Re: Viruses From: "Patty" <Patty@discussions.microsoft.com> | Thank you all for your replies. I think I know now how it got there. I | guess I got dupped awhile ago and downloaded Spyhunter. I'm going to remove | Spyhunter from my computer (guess there's no chance in getting my money | back.....huh?) and try all your suggestions. | Dave: Unfortunately I'm not very computer literate so I'll have to wait for | my son to do as you suggested if all else fails. As far as the antivirus | software goes, I use AVG. I actually have it set up to update and scan every | morning and so far it hasn't picked anything up. I also don't know the fully | qualified name of path of the files infected because I don't know how to find | that. I've been running my Ad-Aware and that has found infected files but it | was unable to remove 14 of them. Also, when I try to run my ad-aware in safe | mode (which I was told a long time ago was best to do) I get an error message | and it won't scan. | Again, thank you all for your suggestions. If I have more problems, I will | post back. | Patty Oh yes, Engma SpyHunter. A rogue anti malware in that the company practices unethical tactics to boost the bottom line because it is a publically traded company. There are *much* better products out there! -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Guest Patty Posted September 21, 2008 Posted September 21, 2008 Re: Viruses "David H. Lipman" wrote: > From: "Patty" <Patty@discussions.microsoft.com> > > | Thank you all for your replies. I think I know now how it got there. I > | guess I got dupped awhile ago and downloaded Spyhunter. I'm going to remove > | Spyhunter from my computer (guess there's no chance in getting my money > | back.....huh?) and try all your suggestions. > > | Dave: Unfortunately I'm not very computer literate so I'll have to wait for > | my son to do as you suggested if all else fails. As far as the antivirus > | software goes, I use AVG. I actually have it set up to update and scan every > | morning and so far it hasn't picked anything up. I also don't know the fully > | qualified name of path of the files infected because I don't know how to find > | that. I've been running my Ad-Aware and that has found infected files but it > | was unable to remove 14 of them. Also, when I try to run my ad-aware in safe > | mode (which I was told a long time ago was best to do) I get an error message > | and it won't scan. > > | Again, thank you all for your suggestions. If I have more problems, I will > | post back. > > | Patty > > Oh yes, Engma SpyHunter. > > A rogue anti malware in that the company practices unethical tactics to boost the bottom > line because it is a publically traded company. > > There are *much* better products out there! > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > > I think the 2 suggested tools worked. Just one more question if you don't mind though. Can I run these programs regularly (as I do Ad-Aware) and, can I run them in safe mode? Also, should I enable my Windows Firewall? I thought I had a problem with it conflicting with my AVG (I have the paid version with a firewall) so that's why I disabled it. Okay....so technically it was 3 questions but who's counting... :). Thanx Patty >
Guest David H. Lipman Posted September 21, 2008 Posted September 21, 2008 Re: Viruses From: "Patty" <Patty@discussions.microsoft.com> | "David H. Lipman" wrote: >> From: "Patty" <Patty@discussions.microsoft.com> >> | Thank you all for your replies. I think I know now how it got there. I >> | guess I got dupped awhile ago and downloaded Spyhunter. I'm going to remove >> | Spyhunter from my computer (guess there's no chance in getting my money >> | back.....huh?) and try all your suggestions. >> | Dave: Unfortunately I'm not very computer literate so I'll have to wait for >> | my son to do as you suggested if all else fails. As far as the antivirus >> | software goes, I use AVG. I actually have it set up to update and scan every >> | morning and so far it hasn't picked anything up. I also don't know the fully >> | qualified name of path of the files infected because I don't know how to find >> | that. I've been running my Ad-Aware and that has found infected files but it >> | was unable to remove 14 of them. Also, when I try to run my ad-aware in safe >> | mode (which I was told a long time ago was best to do) I get an error message >> | and it won't scan. >> | Again, thank you all for your suggestions. If I have more problems, I will >> | post back. >> | Patty >> Oh yes, Engma SpyHunter. >> A rogue anti malware in that the company practices unethical tactics to boost the >> bottom >> line because it is a publically traded company. >> There are *much* better products out there! >> -- >> Dave >> http://www.claymania.com/removal-trojan-adware.html >> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp >> I think the 2 suggested tools worked. Just one more question if you don't mind >> though. Can I run these programs regularly (as I do Ad-Aware) and, can I run them in >> safe mode? Also, should I enable my Windows Firewall? I thought I had a problem with >> it conflicting with my AVG (I have the paid version with a firewall) so that's why I >> disabled it. | Okay....so technically it was 3 questions but who's counting... :). | Thanx | Patty The Multi AV Scanning Tool can be used on a regular basis and each time you use it each module will keep itself up o date. All can be run in Safe Mode. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Guest Patty Posted September 22, 2008 Posted September 22, 2008 Re: Viruses Sad to say.....they got my $40.00... :(. Next time I want to download something that looks too good to be true, I'll ask around here first. Thanx again to all of you for your help.....you guys/gals are the best!! Patty "David H. Lipman" wrote: > From: "Patty" <Patty@discussions.microsoft.com> > > > > | "David H. Lipman" wrote: > > >> From: "Patty" <Patty@discussions.microsoft.com> > > >> | Thank you all for your replies. I think I know now how it got there. I > >> | guess I got dupped awhile ago and downloaded Spyhunter. I'm going to remove > >> | Spyhunter from my computer (guess there's no chance in getting my money > >> | back.....huh?) and try all your suggestions. > > >> | Dave: Unfortunately I'm not very computer literate so I'll have to wait for > >> | my son to do as you suggested if all else fails. As far as the antivirus > >> | software goes, I use AVG. I actually have it set up to update and scan every > >> | morning and so far it hasn't picked anything up. I also don't know the fully > >> | qualified name of path of the files infected because I don't know how to find > >> | that. I've been running my Ad-Aware and that has found infected files but it > >> | was unable to remove 14 of them. Also, when I try to run my ad-aware in safe > >> | mode (which I was told a long time ago was best to do) I get an error message > >> | and it won't scan. > > >> | Again, thank you all for your suggestions. If I have more problems, I will > >> | post back. > > >> | Patty > > >> Oh yes, Engma SpyHunter. > > >> A rogue anti malware in that the company practices unethical tactics to boost the > >> bottom > >> line because it is a publically traded company. > > >> There are *much* better products out there! > > >> -- > >> Dave > >> http://www.claymania.com/removal-trojan-adware.html > >> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > > >> I think the 2 suggested tools worked. Just one more question if you don't mind > >> though. Can I run these programs regularly (as I do Ad-Aware) and, can I run them in > >> safe mode? Also, should I enable my Windows Firewall? I thought I had a problem with > >> it conflicting with my AVG (I have the paid version with a firewall) so that's why I > >> disabled it. > > | Okay....so technically it was 3 questions but who's counting... :). > > | Thanx > > | Patty > > > The Multi AV Scanning Tool can be used on a regular basis and each time you use it each > module will keep itself up o date. > > All can be run in Safe Mode. > > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > > >
Guest David H. Lipman Posted September 22, 2008 Posted September 22, 2008 Re: Viruses From: "Patty" <Patty@discussions.microsoft.com> | Sad to say.....they got my $40.00... :(. Next time I want to download | something that looks too good to be true, I'll ask around here first. | Thanx again to all of you for your help.....you guys/gals are the best!! | Patty OK but "not around here". In the future, please post malware related problems in a virus related neww group such as; microsoft.public.security.virus -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Guest Unknown Posted September 22, 2008 Posted September 22, 2008 Re: Viruses Why not here? Makes interesting reading. "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:e0N$k7JHJHA.1160@TK2MSFTNGP04.phx.gbl... > From: "Patty" <Patty@discussions.microsoft.com> > > | Sad to say.....they got my $40.00... :(. Next time I want to download > | something that looks too good to be true, I'll ask around here first. > > | Thanx again to all of you for your help.....you guys/gals are the best!! > > | Patty > > OK but "not around here". > > In the future, please post malware related problems in a virus related > neww group such as; > microsoft.public.security.virus > > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > >
Guest David H. Lipman Posted September 22, 2008 Posted September 22, 2008 Re: Viruses From: "Unknown" <unknown@unknown.kom> | Why not here? Makes interesting reading. Because that's where this subject matter is best handled. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Guest Unknown Posted September 22, 2008 Posted September 22, 2008 Re: Viruses Handled very well here also and this is a good/excellent newsgroup for newbies.. "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:O8qAAHPHJHA.2408@TK2MSFTNGP04.phx.gbl... > From: "Unknown" <unknown@unknown.kom> > > | Why not here? Makes interesting reading. > > Because that's where this subject matter is best handled. > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > >
Guest David H. Lipman Posted September 22, 2008 Posted September 22, 2008 Re: Viruses From: "Unknown" <unknown@unknown.kom> | Handled very well here also and this is a good/excellent newsgroup for | newbies.. People like me can't afford to browse EVERY bloody news group. Those who post this subject matter all over the place will often get; mislead, misdirected, trolled, or worse. This is NOT an excellent news group for this subject matter as malware affects every OS. This is a WinXP news group, albeit general, and should stick to constructs specific to WinXP. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Guest Unknown Posted September 22, 2008 Posted September 22, 2008 Re: Viruses People like you do nothing but complain. Are you obligated to answer the questions in this group? Can't afford to browse other groups??? Makes no sense. People who post this subject matter generally do not 'post all over the place'. Since malware affects every OS, this is an excellent place to post this subject. ~@Verizon.Net> wrote in message news:uwuvTbPHJHA.3884@TK2MSFTNGP02.phx.gbl... > From: "Unknown" <unknown@unknown.kom> > > | Handled very well here also and this is a good/excellent newsgroup for > | newbies.. > > People like me can't afford to browse EVERY bloody news group. > > Those who post this subject matter all over the place will often get; > mislead, > misdirected, trolled, or worse. > > This is NOT an excellent news group for this subject matter as malware > affects every OS. > This is a WinXP news group, albeit general, and should stick to constructs > specific to > WinXP. > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > >
Guest David H. Lipman Posted September 22, 2008 Posted September 22, 2008 Re: Viruses From: "Unknown" <unknown@unknown.kom> | People like you do nothing but complain. Are you obligated to answer the | questions in this group? | Can't afford to browse other groups??? Makes no sense. People who post | this subject matter | generally do not 'post all over the place'. Since malware affects every OS, | this is an excellent place to | post this subject. I have been in Usenet posting and replying about viruses and Today's malware in general for almost 20 years. People like me have helped numerous posters deal with the epidemic of malware. I know what I am talking about. There are reasons why Usenet has specific news group discussing specific subject matter. MS Outlook may run under WinXP but queries are best made in a MS Outlook related news group. MS Outlook Express may run under WinXP but queries are best made in a MS Outlook Express related news group. etc, etc. I do not flame nor argue a subject matter. Think as you wish. I have made my statement. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Guest ArameFarpado Posted September 22, 2008 Posted September 22, 2008 Re: Viruses Em Segunda, 22 de Setembro de 2008 22:04, David H. Lipman escreveu: > > as malware > affects every OS. Not true.
Guest David H. Lipman Posted September 22, 2008 Posted September 22, 2008 Re: Viruses From: "ArameFarpado" <a-farpado.spam@netcabo.pt> | Em Segunda, 22 de Setembro de 2008 22:04, David H. Lipman escreveu: >> as malware >> affects every OS. | Not true. It sure is. The only thing is some operating systems are targeted more than others. Win32 is the most targeted OS familiy (and we are in the Microsoft Usenet hierarchy) but you name an OS and there is some form of malware for it. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Guest ArameFarpado Posted September 22, 2008 Posted September 22, 2008 Re: Viruses Em Segunda, 22 de Setembro de 2008 23:25, David H. Lipman escreveu: > From: "ArameFarpado" <a-farpado.spam@netcabo.pt> > > | Em Segunda, 22 de Setembro de 2008 22:04, David H. Lipman escreveu: > >>> as malware >>> affects every OS. > > | Not true. > > It sure is. No. > The only thing is some operating systems are targeted more than others. > Win32 is the most targeted OS familiy (and we are in the Microsoft Usenet > hierarchy) almost all huge internet servers runs on unix like OSs, so as big company servers... are you thinking this machines are not tempting targets? Ms OSs are the most target by malware because it is easy to target them... There had been several attempts to create a virus that infect unix like systems like they infect windows, and they all failed, because they can only workout in badly configured or wrongly used systems. > but you name an OS and there is some form of malware for it. They can be hacked if they have open ports like all servers have, but can't be infected like windows and symbian (nokia phones) can. Actualy, these are the two systems that need to be protected by anti-malware progs... an MacOS or Linux user will only install an antivirus if he is paranoid. For windows to get the same level of imunity, it would have to change a lot: ---stop identifying file types by its extention's name (weekness) ---stop loading bynaries (as programs) by clicking directly on them (extreme weekness) ---create a new permissions system that really works... ---ban the autorun in removable volumes. ---does not allow the administrator to have a grafical desktop. and this would go on and on... the best way to fight the threat of malware is to correct the flaws and weekness they exploit... not trusting on anti-malware to solve it... anti-malware could be used only as a temporary solution, not a permanet one. Microsoft did some of these corrections allready (the RPC exploit) but they wore not enought regards
Guest Leythos Posted September 22, 2008 Posted September 22, 2008 Re: Viruses In article <gb97ua$l4i$1@registered.motzarella.org>, a- farpado.spam@netcabo.pt says... > There had been several attempts to create a virus that infect unix like > systems like they infect windows, and they all failed, because they can > only workout in badly configured or wrongly used systems. Many Unix/Linux systems are compromised every year, not by a "Virus" but by exploits and root hacking. It's incorrect to say that Unix or Linux is secure. -- - Igitur qui desiderat pacem, praeparet bellum. - Calling an illegal alien an "undocumented worker" is like calling a drug dealer an "unlicensed pharmacist" spam999free@rrohio.com (remove 999 for proper email address)
Guest David H. Lipman Posted September 22, 2008 Posted September 22, 2008 Re: Viruses From: "ArameFarpado" <a-farpado.spam@netcabo.pt> | Em Segunda, 22 de Setembro de 2008 23:25, David H. Lipman escreveu: >> From: "ArameFarpado" <a-farpado.spam@netcabo.pt> >> | Em Segunda, 22 de Setembro de 2008 22:04, David H. Lipman escreveu: >>>> as malware >>>> affects every OS. >> | Not true. >> It sure is. | No. >> The only thing is some operating systems are targeted more than others. >> Win32 is the most targeted OS familiy (and we are in the Microsoft Usenet >> hierarchy) | almost all huge internet servers runs on unix like OSs, so as big company | servers... are you thinking this machines are not tempting targets? | Ms OSs are the most target by malware because it is easy to target them... | There had been several attempts to create a virus that infect unix like | systems like they infect windows, and they all failed, because they can | only workout in badly configured or wrongly used systems. >> but you name an OS and there is some form of malware for it. | They can be hacked if they have open ports like all servers have, but can't | be infected like windows and symbian (nokia phones) can. | Actualy, these are the two systems that need to be protected by anti-malware | progs... an MacOS or Linux user will only install an antivirus if he is | paranoid. | For windows to get the same level of imunity, it would have to change a lot: | ---stop identifying file types by its extention's name (weekness) | ---stop loading bynaries (as programs) by clicking directly on them (extreme | weekness) | ---create a new permissions system that really works... | ---ban the autorun in removable volumes. | ---does not allow the administrator to have a grafical desktop. | and this would go on and on... | the best way to fight the threat of malware is to correct the flaws and | weekness they exploit... not trusting on anti-malware to solve it... | anti-malware could be used only as a temporary solution, not a permanet | one. | Microsoft did some of these corrections allready (the RPC exploit) but they | wore not enought | regards Attempts at infecteing Unix/Linux didn't fail. They weren't as successful as with Win16 and Win32. Let see... There was the Bliss. Remember that ? Then there is the RST.a/RST.b (aka; ELF.RST.a), Rike, Ramen, Metaphor, Lindoes, Kagob and the infamous OSF.8759. We also have the Lion, Kork, Millen and Slapper worms and the Obsidian. I'm sorry... There is malware for the 'nix families whether they are configured properly or not, they exist and there will continue to be new ones created. As the MAC and 'nix OS' become more prevalent they too will have a larger targeting base. Even the venerable VM/CMS had its virus holiday in '88 on Christmas < LOL > Like the Amiga ? It had viruses. It even got Aids < lol > -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Guest ArameFarpado Posted September 22, 2008 Posted September 22, 2008 Re: Viruses Em Terça, 23 de Setembro de 2008 00:36, Leythos escreveu: > In article <gb97ua$l4i$1@registered.motzarella.org>, a- > farpado.spam@netcabo.pt says... >> There had been several attempts to create a virus that infect unix like >> systems like they infect windows, and they all failed, because they can >> only workout in badly configured or wrongly used systems. > > Many Unix/Linux systems are compromised every year, not by a "Virus" but > by exploits and root hacking. > > It's incorrect to say that Unix or Linux is secure. > any server machine can be hacked, there is allways a way... only they are not hacked by a peace of software, but by a human being that somehow can crack it's defences. it's dificult to secure a server, needs constant monitoring. while windows clients and server systems can be hacked so easy if the system is compromised by a backdoor malware, and there are lots of them surfing the internet right now, pousing as frendly software. you know what a "botnet" is don't you? you maybe even using one without knowing. you guys put to much trust on your antivirus, and that is a big weekness that leads your to be careless... only i understand you don't have much of a choice these days :( regards
Guest ArameFarpado Posted September 23, 2008 Posted September 23, 2008 Re: Viruses Em Terça, 23 de Setembro de 2008 00:46, David H. Lipman escreveu: > > Attempts at infecteing Unix/Linux didn't fail. They weren't as successful > as with Win16 and Win32. > Let see... > > There was the Bliss. Remember that ? ""When executed, it attempts to attach itself to Linux executable files, to which regular users do not have access. "" had to be root activated to do it... ""Although it was probably intended to prove that Linux can be infected, it does not propagate very effectively because of the structure of Linux's user privilege system."" see what i mean? anyway, all the other you pointed are old news and all it's exploits wore corrected.
Guest David H. Lipman Posted September 23, 2008 Posted September 23, 2008 Re: Viruses From: "ArameFarpado" <a-farpado.spam@netcabo.pt> | Em Terça, 23 de Setembro de 2008 00:46, David H. Lipman escreveu: >> Attempts at infecteing Unix/Linux didn't fail. They weren't as successful >> as with Win16 and Win32. >> Let see... >> There was the Bliss. Remember that ? | ""When executed, it attempts to attach itself to Linux executable files, to | which regular users do not have access. "" | had to be root activated to do it... | ""Although it was probably intended to prove that Linux can be infected, it | does not propagate very effectively because of the structure of Linux's | user privilege system."" | see what i mean? | anyway, all the other you pointed are old news and all it's exploits wore | corrected. Doesn't matter. I can pull up new ones if need be. The fact remains. I posted... "as malware affects every OS." And you replied... "Not true." What I posted were well known bits of malware and they affected the OS. That's a fact. So I repeat emphatically... "malware affects every OS." With the disclaimer... "The only thing is some operating systems are targeted more than others". BTW: The Slapper had spread pretty well and caused financial loses. Since you mention Symbian... http://www.f-secure.com/weblog/archives/00001368.html Oh you also mention the MAC OS. OS/X had the OSX/Leap-A -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Guest David H. Lipman Posted September 23, 2008 Posted September 23, 2008 Re: Viruses From: "ArameFarpado" <a-farpado.spam@netcabo.pt> I forgot to mention... The RBN (before Atrivo was exposed) had begun to target MAC computers with the same kind of Fake Codecs that were so prevalent in the distribution of the ZLob trojans for Win32. http://www.theregister.co.uk/2008/03/12/mac_security_site_malware_infestation/ And I personnaly have seen the code that decides what OS you are using and what file will be downloaded to the PC. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
Recommended Posts