Welcome guest, is this your first visit? Create Account now to join.
  • Login:

Welcome to the OldVersion.com Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed.

Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 25

Thread: Spyware

  1. #11
    Goslow unplugged
    Guest

    Default

    Originally posted by locustfurnace@Dec 18 2003, 02:44 AM
    I guess thats just a bonus & reward to the Windows user-base, or possibly "buried treasure" inside each win-tel box!
    This is like pushing s.up.h & as much as it pains me to leap to the defence,lol, of closed source who out there is writing "spyware/virus/trojans/worms" for the other minor percent of desktop o.s's when you can attack the o.s. at the top of the heap.
    ----------------------------
    BIG
    BLUE
    If you don't like those kinds of thrills wait until the software is "out of" beta.

  2. #12
    Super Moderator
    Join Date
    May 2003
    Posts
    3,496

    Default

    Originally posted by Goslow unplugged+Dec 18 2003, 05:07 AM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (Goslow unplugged @ Dec 18 2003, 05:07 AM)</td></tr><tr><td id='QUOTE'><!--QuoteBegin--locustfurnace@Dec 18 2003, 02:44 AM
    I guess thats just a bonus & reward to the Windows user-base, or possibly "buried treasure" inside each win-tel box&#33;
    This is like pushing s.up.h & as much as it pains me to leap to the defence,lol, of closed source who out there is writing "spyware/virus/trojans/worms" for the other minor percent of desktop o.s&#39;s when you can attack the o.s. at the top of the heap.
    ----------------------------
    BIG
    BLUE
    If you don&#39;t like those kinds of thrills wait until the software is "out of" beta.[/b][/quote]
    well it does not work the same, even IF people write virii for other OS&#39;s, not just the open source, there is still PLENTY of closed Source OS&#39;s on the market. For most part, the virii run rampant on Windows do to its lackluster security.
    On the other OS&#39;s, (which really are dominant in the server market), the programs can not run on their own with out permissions. This is why they - the OS&#39;s, are used in the server market more then Windows, I dont recall Windows scaling up to the BIG IRON either. Thats usually left to UNICES, like AIX, HP.
    Without user ID&#39;s and Group IDs, viruses that DO make it on those boxes, can not run. Even if you do replace some daemons with trojans, alot of Admins will run - or should run their daemons chroot or jail em.

    If a user purposesly downloads a virus on a Server OS, and executes it, it would only ruin their own home dir, as they, Virus, would not have access beyond /usr/home/*

    also, binarys MUST be placed in the PATH, such as /bin / usr/bin / /usr/sbin, and to be able to add a binary to these directorys, someone with root permissions & password is the only one who can add these binarys to those directorys. It is very uncommon to be able to run binaries from userland. they have to run in the directorys that are laid out for them. So Joe User, can not place a virus in these path directorys to make them run. if he does not have root or su/wheel permission & password.
    plus you have kernel securelevels and can chflags binarys and directorys which can accomplish many things such as deny the chflaged binary from being deleted, overwritten, or amened.
    Windows will run a binary anywhere you place it. It has no set area that has flags for "CAN RUN" & "CAN&#39;T RUN"

    File also have different attributes in other OS&#39;s, such as the attribute to be executable. Windows will run anything that ends in an .exe. While under Unix the file must have the attribute to be able to run, even if it is a binary file, if the permissions are not set for it to be able to run, then it wont run.

    Mac OS does not suffer from viruese either, neither does Os/2, Ecomm Station, BeOS, QNX, .........

  3. #13
    Super Moderator
    Join Date
    May 2003
    Posts
    3,496

    Default

    Ok i went an got infected with a webdialer, filenames were 6959077.exe &
    7015314.exe, with a registry patch titled r.reg and several shortcuts and files were placed in the C:&#092;program files. and 2 folder were created and files placed in there, the folder being called GlobalDialer
    this was installed via a java script from an unknown website. it also appears that they might have installed the dialer via a hidden javascript in a css (cascading stylesheet), so that&#39;s another good reason to possibly specify your own css to use.
    the files are disquised as DOT.dat files. so they do anot appear as a html file.
    the site that is being used to download the dialer is h**p://download.globaldialer.net, which i then added to the host file to block.
    once i stopped the dialer, i ran spybot v1.2 - which has been installed for a couple days prior. and spybot did not detect these.
    So i copied the files and emailed spybot developers and mailed them the files as well. so they can make adjustments.
    how did i detect this dialer? by paying attention to the responsiveness of the computer, and noticing under the task manager the MSHTA.exe being listed.

    is spybot the best out there? its good, but rem that does not mean you are immune from getting foisted with something NEW and unknown to these spyware detectors. this is the 2nd time i have been infected with dialers and spyware that had gone undetected with spybot.
    course not using dial-up internet is a plus when dialers are concerned since i no longer have a modem or phone-ine hooked to system. So they can not reach out and phone home - literally.

    i just installed Armour2net Firewall to see if it would detect anything missed by spybot, and yes it did, since i ran spybot about half an hour ago and it did not detect the dialers, and gave me a clean bill, i thought i might try the Armour2net firewall&#39;s spyware checker, and what does it do, it turned up 3 missed by spybot. which are ACOR, Webhancer, and Bonzibuddy,
    Which i find amazing as i thought after seeing Bonzibuddy show up in the detected listing as something spybot should have detected yet failed to do so. So now that brings the number of misses (this run) to 5 for spybot.

  4. #14
    Goslow unplugged
    Guest

    Default

    Thanks locustfurnace interesting now can santa tell me where I can download Armour2net firewall&#39;s spyware checker for free ;)
    Originally posted by locustfurnace+Dec 17 2003, 10:36 AM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (locustfurnace @ Dec 17 2003, 10:36 AM)</td></tr><tr><td id='QUOTE'>... has missed some spyware on machines i ran it on. So it might be good to run atleast 2 variances of the utilites.[/b]
    Did you by any chance see if adaware found anything that spybot didnt.
    Originally posted by -locustfurnace@Dec 21 2003, 10:07 PM

    how did i detect this dialer? by paying attention to the responsiveness of the computer, and noticing under the task manager the MSHTA.exe being listed.
    Spybot also has a tool that shows/kills cue more running background processes than TaskManager though I like & use EndItAll.
    (or Sys.Info. if I need a headache)<!--QuoteBegin--locustfurnace
    @Dec 21 2003, 10:07 PM

    So i copied the files and emailed spybot developers and mailed them the files as well. so they can make adjustments.
    [/quote]That is how the best freeware is improved,by users lending a hand.
    More freeware that can prevent an activeX variant of your "infection" from installing/running
    (extract from SpywareBlaster database): GlobalDialer
    CLSID : {38545C2A-O3CD-42C3-BC62-C537A6D5A8F6}
    General Information: Premium-rate dialer, most likely for adult-rated material. If installed, it could dial to an overseas toll number without you knowing and cause large charges on your phone bill.
    --------------------
    BonziBuddy tracks browsing habits and displays targeted ads.
    WebHancer monitors websites being viewed and can send performance data back to the maker&#39;s servers.
    ----------------
    FAQ
    #2) How does SpywareBlaster&#39;s protection work?
    -SpywareBlaster works by settings "kill bits" in the registry. These "kill bit" registry entries are set for the spyware ActiveX CLSIDs (unqiue IDs that identify an ActiveX control). When a kill bit is set for a CLSID, the ActiveX control that uses that CLSID cannot install itself via your browser, nor can it run if it already installed. Microsoft sometimes uses these kill bits for fixing Active-X security holes.
    ...protection is still the foremost purpose of the program, but it also provides unique utilities like the exclusive "System Snapshot", and various useful tools... spyware/tracking cookie blocking... of course, is still free.

    ------------------------
    ACOR not found in Spywareblaster database
    ----------------------------
    BIG
    BLUE
    If you don&#39;t like those kinds of thrills wait until the software is "out of" beta.

  5. #15
    andrew n.
    Guest

    Default

    For a beginner to Linux, which version could anyone recommend to me? I tried Mandrake 6. something a while back but the installation process wasn&#39;t user friendly enough for me. Are there any which are designed to be used by Windows people switching to Linux, but which still have all the nice security features? (in other words, comes with a partition program, or even doesn&#39;t need to be on a different partition, and all the graphics/multimedia related stuff is easy to install and use) .. i&#39;m sick of using Windows for the internet .....


    a. n.

  6. #16
    Super Moderator
    Join Date
    May 2003
    Posts
    3,496

    Default

    Originally posted by andrew n.@Dec 23 2003, 01:35 PM
    For a beginner to Linux, which version could anyone recommend to me?
    you might want to start a new thread with this question as it may get mixed in or lost in this current thread.

  7. #17
    Super Moderator
    Join Date
    May 2003
    Posts
    3,496

    Default

    Originally posted by Goslow unplugged+Dec 23 2003, 10:25 AM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (Goslow unplugged @ Dec 23 2003, 10:25 AM)</td></tr><tr><td id='QUOTE'>Thanks locustfurnace interesting now can santa tell me where I can download Armour2net firewall&#39;s spyware checker for free [/b]

    You can downloadload Armor2Net from, http://www.armor2net.com and use it for 30 days. its Shareware. If you like it one can purchase it for only &#036;19.99. Nothing wrong with using shareware & actually paying for it either.
    Originally posted by -Goslow unplugged@Dec 23 2003, 10:25 AM
    Did you by any chance see if adaware found anything that spybot didnt.
    No i did not. as i said before, i dont worry much about spyware and the likes, since i usually reinstall my Windows OS once or more a month, due to testing and trialing software so much that i need to start clean often. So i had spybot installed a few days before i got these dialers and all. then i just wanted to try the Armor2net also, which was on my archive HD. But i did not try anything else.
    <!--QuoteBegin--Goslow unplugged
    @Dec 23 2003, 10:25 AM
    More freeware that can prevent an activeX variant of your "infection" from installing/running[/quote]
    yes, as i have said also before, i usually run IE without java-scripting and active X enabled, but as i said in a few posts up the list, i was looking to get infected on purpose to see if Spybot would detect or miss, since i had it missed before on some infestations.

  8. #18
    Gmork
    Guest

    Default

    I use Webroot&#39;s Spy Sweeper, it works well and can run in the systray to keep an eye on cookies, etc.
    http://www.webroot.com Recently repaired a friends machine. Found 45 different spyware progs. and over 2500 traces... Needless to say I gave him a talking too :P

  9. #19
    TheBulbasaurfreak
    Guest

    Default

    Checklist:

    Spyware remover: Spybot Search and Destroy
    Firewall: Sygate personal
    Browser: Mozilla Firebird
    Spyware "Firewall": SpywareBlaster/Guard
    Cleaner: MRu Cleaner

  10. #20
    Linux dude
    Guest

    Default

    Originally posted by andrew n.@Dec 23 2003, 12:35 PM
    For a beginner to Linux, which version could anyone recommend to me? I tried Mandrake 6. something a while back but the installation process wasn&#39;t user friendly enough for me. Are there any which are designed to be used by Windows people switching to Linux, but which still have all the nice security features? (in other words, comes with a partition program, or even doesn&#39;t need to be on a different partition, and all the graphics/multimedia related stuff is easy to install and use) .. i&#39;m sick of using Windows for the internet .....


    a. n.
    If you want to run Linux, RedHat 7 and up comes with a very nice grapic user interface that walks you through the entire install process. You can choose to install onto an EXT2 partition that it will make and format for you, or if you want to test drive it will do a PARTITIONLESS install on a FAT32 partition. If you choose this option I recommend an mimimum of 256 system RAM and at least 64 video RAM as it takes a preformance hit and is very memory hungry&#33;
    I have tried many "flavors" of Linux and really like the improvements that RedHat has come up with. If memory serves me correctly RedHat ver.9 is now available and would probably be your best choice.


 

Similar Threads

  1. Aim Has Spyware
    By yo in forum Programs / Support
    Replies: 17
    Last Post: 05-10-2005, 01:30 AM
  2. Spyware
    By Guest in forum General Discussion
    Replies: 9
    Last Post: 02-19-2005, 12:22 PM
  3. Infections - Spyware
    By Pussnboots in forum Programs / Support
    Replies: 4
    Last Post: 08-08-2004, 07:04 AM
  4. Adware, Spyware & Content Filtering
    By locustfurnace in forum Programs / Support
    Replies: 0
    Last Post: 10-19-2003, 12:52 AM
  5. Real Player Versions That Are Spyware?
    By Reinstalling a clean windows sys in forum Programs / Support
    Replies: 1
    Last Post: 01-31-2003, 05:34 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •