AnimeSuki Forums

Register Forum Rules FAQ Members List Social Groups Search Today's Posts Mark Forums Read

Go Back   AnimeSuki Forum > AnimeSuki & Technology > Tech Support

Notices

Reply
 
Thread Tools
Old 2008-05-01, 21:47   Link #41
The Bloodlust Kid
Needs a better screenname
 
 
Join Date: Dec 2005
Age: 26
Send a message via AIM to The Bloodlust Kid
Avast found netwaiting.exe and lists it as malware. What do I do?
The Bloodlust Kid is offline   Reply With Quote
Old 2008-05-01, 21:55   Link #42
SkyFuser
HijackThis Junior
 
 
Join Date: Apr 2008
It looks like a fairly new infection from the PrevX database here.
And anything it finds, IMMEDIATELY quanrantine it, don't just wait for a response from us, that'll only make your cleaning slower and harder!
__________________
"If a man is offered a fact which goes against his instincts, he will scrutinize it closely, and unless the evidence is overwhelming, he will refuse to believe it. If, on the other hand, he is offered something which affords a reason for acting in accordance to his instincts, he will accept it even on the slightest evidence. The origin of myths is explained in this way." - Bertrand Russell
SkyFuser is offline   Reply With Quote
Old 2008-05-01, 21:58   Link #43
The Bloodlust Kid
Needs a better screenname
 
 
Join Date: Dec 2005
Age: 26
Send a message via AIM to The Bloodlust Kid
Well I can't "move to chest" so should I just delete it? I'm in the middle of deleting win32:rootkit-gen.
The Bloodlust Kid is offline   Reply With Quote
Old 2008-05-01, 22:01   Link #44
SkyFuser
HijackThis Junior
 
 
Join Date: Apr 2008
Say what O.O ROOTKIT?!?! You are really infected... not to scare you though.
Yes if you can't quarantine, immediately delete it.
Hmmm. If everything's still bad, there's Combofix, a HJT log, or a reformat. :S
__________________
"If a man is offered a fact which goes against his instincts, he will scrutinize it closely, and unless the evidence is overwhelming, he will refuse to believe it. If, on the other hand, he is offered something which affords a reason for acting in accordance to his instincts, he will accept it even on the slightest evidence. The origin of myths is explained in this way." - Bertrand Russell
SkyFuser is offline   Reply With Quote
Old 2008-05-01, 23:01   Link #45
SeijiSensei
AS Oji-kun
 
 
Join Date: Nov 2006
Location: Mucking about
Age: 64
Without trying to be rude, may I ask what the point of this exercise is, other than the intellectual challenge of defeating what appears to be a quite stunning variety of horrific problems afflicting these peoples' computers? Most security "experts" believe that once a computer is infected you shouldn't trust it at all, that nothing short of reinstallation makes sense.

Some years ago I jumped through the variety of hoops required to cleanse my daughter's computer of various malware. I even went so far as identifying where much of the stuff came from or pointed to (we used the squid proxy; I had logs) so I could block access to various malicious sites. I rejoiced in my ability to perform this mystic computing ritual.

Well, in those days, the afflictions resulted in some annoying popups and browser hijackings. These days it's more likely someone in Romania is using your computer to send spam for some US/Russian "joint venture" in the "mass-marketing" trade. Or maybe your computer is being harnessed into a "denial-of-service" attack against some offshore casino website so its owners can be coerced into paying a little protection money. In the modern world of malware any infected computer can easily be under the control of someone other than its owner. Most of the time those people have nefarious intent.

What do you have on this machine that you need to preserve? Probably personal things in C:\Documents and Settings. Write all those things onto another computer or onto optical storage and reinstall Windows. Better yet, don't install Windows; mosey on over to the Ubuntu Linux thread I mentioned earlier and consider giving Ubuntu, Fedora or SuSE Linux a try.
__________________
SeijiSensei is offline   Reply With Quote
Old 2008-05-01, 23:31   Link #46
SkyFuser
HijackThis Junior
 
 
Join Date: Apr 2008
I totally agree with SeijiSensei on how idiotic and vulnerable Windows is. I totally hate it. But...
I have OpenSuse Live CD. I absolutely love it, except that the concept of tarballs and source codes and compiling is new to me. Linux is awesome, but for people that aren't advanced users yet, everything might be a bit complicated. I mean, I have no idea how to install anything. Or even run anything that didn't come with Linux. Sigh.
Which means I must learn Linux >:O
__________________
"If a man is offered a fact which goes against his instincts, he will scrutinize it closely, and unless the evidence is overwhelming, he will refuse to believe it. If, on the other hand, he is offered something which affords a reason for acting in accordance to his instincts, he will accept it even on the slightest evidence. The origin of myths is explained in this way." - Bertrand Russell
SkyFuser is offline   Reply With Quote
Old 2008-05-02, 01:20   Link #47
WanderingKnight
Gregory House
*IT Support
 
 
Join Date: Jun 2006
Location: Buenos Aires, Argentina
Age: 25
Send a message via MSN to WanderingKnight
Quote:
I still see email spam that sends people off to download .exe files; the fact that people still willingly download and run untrusted executables alarms me.
That's because Windows XP (I suppose Vista continues with this, I've yet to confirm this though) by default hides known extensions. A file named funny.jpg.exe on XP will be seen as an image file simply named 'funny', and a clueless user will attempt to double-click it, owning its machine automatically (that stupid default behavior, coupled with the administrator-by-default policy = total madness). And they wonder why Windows has security problems... The mind boggles.

Also, offtopic, but there are never enough chances to promote the advantages of libre software:

Quote:
I have OpenSuse Live CD. I absolutely love it, except that the concept of tarballs and source codes and compiling is new to me. Linux is awesome, but for people that aren't advanced users yet, everything might be a bit complicated. I mean, I have no idea how to install anything. Or even run anything that didn't come with Linux. Sigh.
Nowadays, due to the advantages of free software, installing stuff is actually much easier than on Windows. I can type "sudo apt-get install <package name>" on Ubuntu or Debian to install 95% of the programs I'll ever need; I don't remember what was SUSE's command-line package manager but you had YaST, its GUI alternative. I didn't like SUSE during my experience with it, though, so I'd recommend you something else instead. What you are talking about there is mainly compiling, which has to be done only for a handful of apps which aren't found in the distribution's repositories.

As I was telling you, installing software under Linux nowadays is done mainly via package management: Each distribution has number of dedicated repositories from which you grab pre-compiled programs or "packages". Debian's (the ones Ubuntu uses) are said to be the biggest ones around. I don't remember the exact figures, but I think there was about 600-700 GB worth of compressed packages, including essential stuff like the Linux kernel. Almost everything you have in your OS is managed via the package manager, be it apt in Debian-based distros, yum in Fedora, etc; the advantages of this sort of approach mean that you have a centralized backbone for your whole OS, and that you don't need to hunt the web for programs.

Making a bit of history, the move towards main repositories and package management was due to one of the main weakness (and, at the same time, advantages) of open source software: fragmentation. Since everything is open, people who write stuff base themselves on what other people have written before, and this generates dependencies in their programs. Before having package management available, people had to hunt for dependencies manually, and sometimes they can amount to a huge number of individual libraries--an obviously painful task. Thus, the job of the package manager is to hunt for those dependencies for you. When you ask it to install a package, the manager looks for all the dependencies and installs them right along with that program. It's a very convenient way of solving a lot of things, and of providing a much better way of rolling out updates. I think I would go insane, were I to return to Windows, if I had to hunt through the web to install every single program I needed--and even worse, if I had to manually update each program separately, too! With package managers, I can install as many programs as I want with a single line in the shell, or if you want to go the GUI way, use any of the friendly frontends available in most high-profile distributions.
__________________


Place them in a box until a quieter time | Lights down, you up and die.
WanderingKnight is offline   Reply With Quote
Old 2008-05-02, 04:04   Link #48
The Bloodlust Kid
Needs a better screenname
 
 
Join Date: Dec 2005
Age: 26
Send a message via AIM to The Bloodlust Kid
Well I gone and done it now, I used a System Restore to see if it will work this time and now that it restarted, Firefox connects no more.

So yeah, a reformat is inevitable now.

So for now, just recommend me which ext hard drive I should use to back everything up on.
The Bloodlust Kid is offline   Reply With Quote
Old 2008-05-02, 10:33   Link #49
SeijiSensei
AS Oji-kun
 
 
Join Date: Nov 2006
Location: Mucking about
Age: 64
Quote:
Originally Posted by The Bloodlust Kid View Post
So for now, just recommend me which ext hard drive I should use to back everything up on.
First, you don't want or need to back "everything" up. Just back up the files you created. If you have a DVD burner, I'd use that. It has the advantage of also creating a permanent backup in case you don't have one of those already.

Edit: In case you're asking about backing up software you've installed, that really doesn't work too well on modern Windows machines. Most applications need to write entries to the "Registry" when installed, and you'll have a fresh registry when you've re-installed. So I'm afraid you're going to have to install any software applications again on top of your fresh Windows installation.

As for external hard drives, I just bought a Maxtor One Touch with dual 750 GB drives. I switched it from "RAID 0" to "RAID 1" since the former just builds a single big disk from the two. RAID 1 writes duplicate copies of everything to both drives simultaneously so it protects you against one of the drives failing. This was a bit pricey, but I intend to use it for a long time.
__________________

Last edited by SeijiSensei; 2008-05-02 at 12:39. Reason: why backing up applications won't work
SeijiSensei is offline   Reply With Quote
Old 2008-05-02, 12:07   Link #50
Ledgem
Love Yourself
 
 
Join Date: Mar 2003
Location: Northeast USA
Age: 28
Quote:
Originally Posted by The Bloodlust Kid View Post
So for now, just recommend me which ext hard drive I should use to back everything up on.
It depends; you can get some for very cheap, but what do you plan to do with it? If you just want to use it as a way to quickly back up your files and you don't really have a use for it besides that, then I'd get one that's relatively small and the manufacturer wouldn't matter much. If you could make good use of the space in the future and plan to hold important data there, get a larger one and pay attention to reviews regarding the quality.
__________________
Ledgem is offline   Reply With Quote
Old 2008-05-02, 12:46   Link #51
bayoab
Senior Member
 
Join Date: Nov 2003
Quote:
Originally Posted by The Bloodlust Kid View Post
So for now, just recommend me which ext hard drive I should use to back everything up on.
I buy enclosures and a standard harddrive. It is about the same price, if not cheaper. The reason for this is I've known a number of people who had true external drives that somehow just broke rendering the setup useless. All you have to make sure is that you get the same type of enclosure and harddrive. (PATA/IDE or SATA). You just plug it in, format the harddrive, and go.

(There are cheaper ones than I linked, I just linked to my preferred brand.)

Quote:
Originally Posted by SeijiSensei View Post
Most security "experts" believe that once a computer is infected you shouldn't trust it at all, that nothing short of reinstallation makes sense.
I should just mention an underlying reason for this is, while it is possible to completely clean a system, the amount of time it takes is insane compared to a reinstall. (2 to reload vs 8+ hours to clean). Using a program like tripwire makes it much faster but no regular user is that crazy. Anyone who could use tripwire would rather just spend the time reloading off a custom CD.

It is still true that the system is insecure and shouldn't be trusted, but given enough time and effort, it can be fixed. Or it can be fixed in 2 hours by reloading with no effort at all.

Quote:
and reinstall Windows. Better yet, don't install Windows;
Do we even have a thread on the "proper" way to reinstall windows? (I'll go make one if the answer is no.)

Quote:
Originally Posted by SkyFuser View Post
I totally agree with SeijiSensei on how idiotic and vulnerable Windows is. I totally hate it. But...
Windows is not vulnerable if you actually try and do the minimum required effort to keep it safe. The problem is that most people aren't willing to do this. I won't go into a Linux vs Windows argument, but lets just agree that they both have their insecurities.
bayoab is offline   Reply With Quote
Old 2008-05-02, 13:05   Link #52
WanderingKnight
Gregory House
*IT Support
 
 
Join Date: Jun 2006
Location: Buenos Aires, Argentina
Age: 25
Send a message via MSN to WanderingKnight
Quote:
Windows is not vulnerable if you actually try and do the minimum required effort to keep it safe. The problem is that most people aren't willing to do this. I won't go into a Linux vs Windows argument, but lets just agree that they both have their insecurities.
An OS is as insecure as the user is.

However, that's not the excuse for sloppy security measures. Even if it had the market share Windows has, I doubt someone could plug Linux to the net and get the whole OS owned in a matter of minutes--they would have to know my root password to do that. Windows' default behavior simply allows such a thing to occur. A security-conscious Windows user would never run on an administrator account while connected to the net, but given that most users aren't security-conscious, you would at least expect some degree of competence from its default behavior.

Of course, UAC is supposed to fix this--and now we saw what years of sloppy coding and admin-by-default policies did to regular apps.
__________________


Place them in a box until a quieter time | Lights down, you up and die.
WanderingKnight is offline   Reply With Quote
Old 2008-05-02, 14:17   Link #53
Ledgem
Love Yourself
 
 
Join Date: Mar 2003
Location: Northeast USA
Age: 28
Quote:
Originally Posted by bayoab View Post
I buy enclosures and a standard harddrive. It is about the same price, if not cheaper.
I'm a big fan of enclosures, but unless I'm catching a drive or an enclosure on a sale I've never been able to match the price of an external drive alone. My reasons for going with enclosures are for the material (most external drives are just plastic, which doesn't help with heat dissipation) and for the connectivity (most externals only have USB as a connection option, but I want Firewire). If you're going with a super cheap enclosure (plastic, USB only) you might be able to match the price... I admit I've never tried that one, though. I don't really see the point either

Quote:
It is still true that the system is insecure and shouldn't be trusted, but given enough time and effort, it can be fixed. Or it can be fixed in 2 hours by reloading with no effort at all.
If there's a rootkit, all bets are off. Even if the system is in good operating condition, any malware that opens a back door just means you can be infected all over again. I agree with what you're saying, but I'm afraid that it might give people the wrong idea. Once a system is infected, unless it's a minor infection, don't trust that everything is clean.

Quote:
Do we even have a thread on the "proper" way to reinstall windows? (I'll go make one if the answer is no.)
I don't think we do... when you have the time, please do so.

Quote:
Originally Posted by WanderingKnight View Post
An OS is as insecure as the user is.

However, that's not the excuse for sloppy security measures. Even if it had the market share Windows has, I doubt someone could plug Linux to the net and get the whole OS owned in a matter of minutes--they would have to know my root password to do that. Windows' default behavior simply allows such a thing to occur. A security-conscious Windows user would never run on an administrator account while connected to the net, but given that most users aren't security-conscious, you would at least expect some degree of competence from its default behavior.

Of course, UAC is supposed to fix this--and now we saw what years of sloppy coding and admin-by-default policies did to regular apps.
Indeed, the theory is that UAC was meant to be annoying in order to force developers to stop coding as if the user were running as the administrator all the time. That is, everyone would complain about it and those complaints would force developers to ensure that their programs didn't trigger the UAC warnings all the time. Those of us who follow Slashdot saw an article about some company bragging that UAC doesn't work, as they can code their program in such a way that UAC isn't set off - the irony was that the revision puts the program at a lower authorization (more secure) level, which was the whole point. Perhaps UAC is fulfilling its purpose, then, if that was really the purpose to begin with.

There's another big issue with Windows aside from expecting everyone to run as an Administrator all the time: it has too many services turned on from the start. I find it very frightening that a freshly installed Windows can be infected without the user's actions, simply by connecting it to the internet.SeijiSensei quoted a time of around a half an hour for a system to get infected, but an experiment performed by security researchers that I read showed infections occurring as early as eight minutes after being connected. You can't even patch a new install of Windows in that period of time. It's pretty bad. The average user is not security-conscious, but at least they can be taught not to open every attachment in their email (teaching them to be skeptical of emails/IMs from known people who may be infected is more difficult). Teaching them that they can be infected without even opening anything makes it sound like magic, or that you're trying to scare them. I don't think many take it seriously. Then again, I still see a ton of people who don't wash their hands after using the bathroom... I guess we can't expect people to be even more "sanitary" about their computers.
__________________
Ledgem is offline   Reply With Quote
Old 2008-05-03, 13:38   Link #54
SkyFuser
HijackThis Junior
 
 
Join Date: Apr 2008
Quote:
Windows is not vulnerable if you actually try and do the minimum required effort to keep it safe. The problem is that most people aren't willing to do this. I won't go into a Linux vs Windows argument, but lets just agree that they both have their insecurities.
I can have mlutiple antispyware applications, 1 antivirus, 1 firewall, 1 memory firewall, 1 anti-rootkit, use a very secure browser, and Windows will still be vulnerable. Do you realize how many exploits Microsoft has to patch up?
If you want a virus on Linux, you have to go look for one, download it (probably a tarball) un-tarball it , install it , and give it permission to run as root. No way that it'll run without you knowing. As for Windows...
And Bloodlust, sorry but looks like reinstallation is inevitable now :\
__________________
"If a man is offered a fact which goes against his instincts, he will scrutinize it closely, and unless the evidence is overwhelming, he will refuse to believe it. If, on the other hand, he is offered something which affords a reason for acting in accordance to his instincts, he will accept it even on the slightest evidence. The origin of myths is explained in this way." - Bertrand Russell
SkyFuser is offline   Reply With Quote
Reply

Tags
computer security, malware

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 22:31.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
We use Silk.