Virus Question. Re: Storm Worm

Similar Messages

• Backup and Anti-virus Questions

  Hello Lenovo community!
  It has been about 3 weeks since my 430s arrived in the mail to my doorstep and I have enjoyed every minute of this product immensely compared to my old laptop.
  However, as of late I've been getting this weird 'backup' pop that appears telling me my harddisk is full. But when I check my system it doesn't display as full.
  It says I have used 84.8 GB out of 198 GB. I don't understand how that's full.
  My anti-virus question is..well..I have Avira installed but whenever I try and turn it on, nothing happens? Why is this?
  Thanks.

  lenfall wrote:
  Only one antivirus software can run at a time. I guess you uninstalled the one preinstalled by Lenovo. I use Microsoft's security essential. It is free and fine.
  I agree, lenfall. I like MSE and ESET's NOD32. All AV's have their "moments" with false positives and other issues at one time or another. The tests can be different depending on several variables and who is running them.
  Example: http://www.zdnet.com/blog/security/avira-antivirus-update-cripples-millions-of-windows-pcs/12129
  ThinkPad: T530 / X1 Gen 2 / Helix - Yoga: Tablet 2 Pro (Win) / Yoga 3 Pro
  If you find a post helpful and it answers your question, please click the "Accept As Solution" button.
  Lenovo Advocate ~ I am not employed by Lenovo or Microsoft. I am a volunteer.
  Microsoft MVP - Consumer Security
  SpywareHammer

• Some Virus Questions

  I have been trying to stay as safe as possible
  in my web life recently. I was getting a bit
  overconfident because of the Macs reputation.
  I have had only Macs going back to OS7.
  My questions are
  #1.
  When I finally get a Intel Mac and heaven
  only knows, if for some reason wanted to run
  windows on this Mac, does it now become as
  vulnerable as a normal PC to attacks?
  Would I then have to do the whole spyware/
  viruse regiment on the computer as a whole or
  would the Mac side still be insulated against
  the PCs bugs?
  #2
  I have a fairly large collection of cassette
  tapes. I have been kind of lazy in that instead
  of digging out a tape for a song I want to put
  on my ipod and having to convert it to a digital
  format which is kind of a pain.I would just
  download it from a file sharing program. I heard
  a podcast where they said that viruses could be
  hidden in the mp3 files. Is this a concern for
  Mac users or a real threat?
  #3.
  I learned about Root kits recently and was
  wondering if there is a utility for finding
  them on your machine? Is this something that
  is not possible on OSX because of the Administrator
  password necessary to install a program?
  #4.
  I recently had my Airport die so I am using
  only the software firewall which according
  to the GRC website was very secure.Heres what
  their sites said when it tried to access my machine.
  Your Internet port 139 does not appear to exist!
  One or more ports on this system are operating in FULL
  STEALTH MODE! Standard Internet behavior requires port
  connection attempts to be answered with a success or
  refusal response. Therefore, only an attempt to connect
  to a nonexistent computer results in no response of
  either kind. But YOUR computer has DELIBERATELY CHOSEN
  NOT TO RESPOND (that's very cool!) which represents
  advanced computer and port stealthing capabilities.
  A machine configured in this fashion is well hardened
  to Internet NetBIOS attack and intrusion.
  Unable to connect with NetBIOS to your computer.
  All attempts to get any information from your computer
  have FAILED. (This is very uncommon for a Windows
  networking-based PC.) Relative to vulnerabilities
  from Windows networking, this computer appears to be
  VERY SECURE since it is NOT exposing ANY of its internal
  NetBIOS networking protocol over the Internet.
  Should I take this with a grain of salt or is
  it right on? I received similar results in all
  areas. I do get numerous entries in the logs
  about stealth attempts to connect to my computer.
  It is amazing how often it happens (many times everyday)
  This is why I having been stepping up the vigilance.
  Thanks for all your thoughts. I admit I am
  a little paranoid but with phishing and zombies,
  I do think the internet justifies it sometimes.

  Hi Wayne,
  Regarding your question,
  This is what I did:
  Using Secure Empty Trash from the Finder menu:
  After running the full scan as I described in the previous
  post now set preferences in ClamXav to quarantaine the
  corrupt files in a folder on my desktop named "Birdcage"
  I set the preferences to look for '.rar' extensions.
  (The elaborate scans showed 2 infected files with the
  '.rar' extension, all scans described in this post run in
  these settings)
  The HD scan resulted in 1 infected file.
  (this is a little strange because there where 2 infected
  files reported after the force trash experiment described
  in the previous post)
  Log output:
  /Applications/Utilities/Installer.app/Contents/PlugIns/Documents
  /Office 2003 - Fully Registered.rar: Trojan.IRCBot-725 FOUND
  /Applications/Utilities/Installer.app/Contents/PlugIns/Documents
  /Office 2003 - Fully Registered.rar: moved to '/Users/janpietermelchior/
  Desktop/Birdcage///Office 2003 - Fully Registered.rar'
  -- summary --
  Known viruses: 84873
  Engine version: 0.88.7
  Scanned directories: 129927
  Scanned files: 4392
  Infected files: 1
  Data scanned: 122.96 MB
  Time: 105.848 sec (1 m 45 s)
  I know there are at least 2 infected files so I scan my
  personal folder seperately, and infected file 2 is located
  only after I individually selected my personal folder, and
  gets automatically quarantained in the folder "birdcage"
  on my desktop.
  Log output:
  Scan started: Fri Dec 22 23:40:44 2006
  /Applications/Utilities/Installer.app/Contents/PlugIns/Documents
  /Office 2003 - Fully Registered.rar: Trojan.IRCBot-725 FOUND
  /Applications/Utilities/Installer.app/Contents/PlugIns/Documents
  /Office 2003 - Fully Registered.rar: moved to '/Users/janpietermelchior/
  Desktop/Birdcage///Office 2003 - Fully Registered.rar'
  -- summary --
  Known viruses: 84873
  Engine version: 0.88.7
  Scanned directories: 129927
  Scanned files: 4392
  Infected files: 1
  Data scanned: 122.96 MB
  Time: 105.848 sec (1 m 45 s)
  I have a Raid set with 2 external HD's, I scan them 1 by 1.
  They show no '.rar' executables.
  The log output:
  Scan started: Fri Dec 22 23:58:08 2006
  external HD 1
  -- summary --
  Known viruses: 84873
  Engine version: 0.88.7
  Scanned directories: 16193
  Scanned files: 391
  Infected files: 0
  Data scanned: 39.82 MB
  Time: 17.697 sec (0 m 17 s)
  Scan started: Fri Dec 22 23:59:16 2006
  external HD 2
  -- summary --
  Known viruses: 84873
  Engine version: 0.88.7
  Scanned directories: 16193
  Scanned files: 393
  Infected files: 0
  Data scanned: 39.83 MB
  Time: 17.338 sec (0 m 17 s)
  Now I have a file on my desktop with two infected files.
  I drag them to the trash and choose "secure empty trash"
  from the finder menu.
  I run a full scan with ClamXav and now I do not get the message:
  ERROR: Can't access file /Users/janpietermelchior/.Trash
  /Office 2003 - Fully Registered.rar
  But:
  Log output:
  Scan started: Sat Dec 23 00:35:15 2006
  -- summary --
  Known viruses: 84873
  Engine version: 0.88.7
  Scanned directories: 48236
  Scanned files: 139757
  Infected files: 0
  Data scanned: 44570.47 MB
  Time: 12805.845 sec (213 m 25 s)
  1. I backed up my important files after running the
  ClamXav scans and removing the infected files, and
  installed a new osx.
  2. I did not import keychains from another computer
  after booting the new osx I (read somewhere this a
  solution for the diskpermissions). I checked wether
  my disk permissions where restored by choosing
  Disk Utility in the /Applications/Utilities folder and
  refer to Disk Utility Help. "verify permissions".
  3. After downloading ClamXav, it promted me to donate,
  I did this after I removed the infected files.
  4. As Mac OS X is essentially a UNIX-like operating
  system,the ClamAV project has recently pledged improved
  support for it, which includes the adding of any potential Mac OS X
  malware to the definitions list. Of course, this implies that the community reports such programs to the ClamAV authors and that they
  in return judge the threat of significance so that they act upon it.
  Unfortunately they do not have a database of Mac infections
  or other malware.
  5.After the proceedings described above ClamXav did
  not report infected files.
  I am not aware of infected files that are residing on my
  harddrive after running ClamXav, backing up and installing a new osx.
  Many thanks to ClamXav, it is the only virus scanner I ran
  that located these infected files.
  I entered my creditcard data for a donation.
  Hope this kind of answers your question Wayne, I hope the files are gone.
  If anyone has advice on what i did or sees that I made a mistake, or could
  do better please inform me a.s.a.p. I never had a pc.
  I'll keep you posted.
  JP
  2.16 GhzIntel CoreDuo2GB 667MHz DDR2 sdRAM. MacBook Pro 17" (P1.2)   Mac OS X (10.4.8)  
  2.16 GhzIntel CoreDuo2GB 667MHz DDR2 sdRAM.
  2.16 GhzIntel CoreDuo2GB 667MHz DDR2 sdRAM. MacBook Pro 17" (P1.2)   Mac OS X (10.4.8)   RaidexHD1150LC,ex2d2lunLC232,airEX.apa.2.0.5
  2.16 GhzIntel CoreDuo2GB 667MHz DDR2 sdRAM. MacBook Pro 17" (P1.2)   Mac OS X (10.4.8)   RaidexHD1150LC,ex2d2lunLC232,airEX.apa.2.0.5

• Anti virus question

  I am new to iMac, so please for give what is probably an ignorant question.
  Do I need anti virus protection on my Mac even though I am not running any Windows programs (I have vowed to go "all mac")? From my research some say yes, some say no.
  If I need it , should it be Virus Barrier X? Their info seems to say it is to protect you only if you are running Windows applications.
  All opinions are welcome!
  Dot

  You do not need to run anti-virus software in the background; that just takes up processor cycles for no reason (on a Mac).
  The only reason you may want to run anit-virus software (for periodic scanning of your drives) is if you are concerned about passing on files or forwarding emails with malware to Windows-using friends.
  You can use the free program
  http://www.clamxav.com/

• BOOT CAMP VIRUS QUESTION?

  Hey guys, quick question. I just got a refurb iMac 27" and finished setting up boot camp and downloaded kapresky anti virus on the windows side, so my question is, when I run a virus scan, will kapresky scan the WHOLE computer or only the windows partition?

  Because there's nothing there and because you can't write on the OS X volume in Windows.
  Microsoft Security Essentials is a free antivirus that is much better than commercial antiviruses like Kaspersky. I used Microsoft Security Essentials on my old PC and it was the only antivirus that ran correctly, but you can continue using Kaspersky if you want

• Virus question

  How do I tell if I have a virus? I can't remember if I bought a protection plan, how do I check?

  Michelle,
  You have one year free Apple Care coverage with 90 days of free phone support. Were you offered extended aple care when you purchased your MBP? the extended care covers you for three years, and the cost of it is around 350 dollars. If you're not sure if you purchased the extended care you can call Apple 1-800-275-2273. DS store is correct about the malware going around under different guises MacDefender, MacProtector and MacGuard. ClamXav should be updated to detect these. Apple will also probably come put with an update according to MacWorld. If you should decide to install ClamXav, there is a feature built in called ClamSentry which will monitor your system and downloads in real time. To activate it go to preferences in ClamXav. When Clam wants to know which folder you want to watch you can simply backslash / and it will monitor your system from the root directory which will keep an eye on your entire system.
  If you're using Safari it would be a good idea to disable in preferences "open safe files after downloading." Another tool for killing pop ups is GlimmerBlocker. It is easy to install, and uninstall. It works specifically for MacOSX.
  Regards,
  Joseph

• Dual loading Windows 7 with Snow Leopard Virus question

  I just loaded Windows 7 onto my computer using parallels for various reasons that I don't want to get into. Will having Windows on my Apple computer make it more susceptible to viruses?

  Mac OS X itself can't be infected with Windows viruses. You can get your Windows installation for Parallels infected, and could infect any file Windows can access with something that could harm another Windows system. If you allow your Windows installation to use Parallels to 'see' your files created and stored via Mac OS X, you could thus end up with files carrying an infection if your Windows install is ever infected. This could of course lead to your own files reinfecting Windows if you end up reinstalling it. You can get antivirus programs for Mac OS X, with the primary purpose really being to clean and prevent Windows viruses from being passed along or in your case getting through to your Windows installation.
  To put it most simply, imagine having a pet that has a weaker immune system than you do. You can't catch the same diseases as this pet, but you might not know you are passing them along from a friend's pet or the old food dish from your previous pet. You stay healthy, but you might go through several pets before you figure out what keeps making them get sick and die.

• Boot Camps & Windows 7 Security/Anti-virus Questions

  Should I get anti-virus software for Windows 7? I don't plan on surfing the web on my Windows 7 partition. Basically all I plan on doing in Windows is gaming (so far I only have single player games but I could see myself getting an online multiplayer game like CoD MW 2). Are you still at risk in Windows just by having an internet connection, even if you never go onto Internet Explorer?
  If so, then what Anti-virus programs would you recommend? (Preferably free programs if they exist)
  Also, is it at all possible to get a virus on my Windows partition while surfing the web on my OS X partition? Can viruses modify the Windows partition of my harddrive while I'm on OS X?

  Yes you need anti-virus. It's still Windows so just in case....
  I can highly recommend the new Security Essentials from Microsoft. It's totally free, very light on system resources and getting rave reviews across the web. It has an excellent detection engine and very user friendly. I've dumped both AVG and AVAST (both also free) from my Windows systems and switched totally to Security Essentials. No regrets. Cheers!
  http://www.microsoft.com/security_essentials/?mkt=en-us
  James

• A Silly Anti-Virus Question

  I am new to driod OS, was wondering how important an anti-virus app or software is on smartphones.
  I know the dangers on the computer and windows system. Is there threat on the driod system. I only download apps from the market.
  What anti-virus do you use?

  In regards to the double post, what browser are you using?
  Search is your friend in this community.
  There are a couple of posts in the Android Apps section of this community that discuss antivirus applications as well as mentions of bad Apps that were removed from the Android Market.
  As for what I use for antivirus applications, I have used both Lookout and AVG Antivirus on my phones. No big complaints for either of them. Norton has one. McAfee does too. Kapersky or something like it has an android application as well.

• PLEASE HELP!!!!! I THINK I GOT A VIRUS/TROJAN/WORM

  Yes this is the first time this has occurred..
  I will tell you what happened... Here i go
  Ok tonight i sent an im over aim to somebody and they said i sent a link which i didnt and i send another im to another person and they also said i sent a link which i didnt. So i dont know what this is, is it a trojan horse, a virus, or just a worm? I would think it would be a trojan horse. But i asked them what did the link say and they sent it back to me but it didnt register. And she told me that she sent it... Andi didnt think about it being a virus/trojan/worm untill she exited out of the window. Well i asked her what the link was and she said she didnt know. So it i told her if she gets the link again just send it back to me with out the .com so it wouldnt be a link. I am worried that i got one b/c this is the first time this has happened to me since i had my expensive imac. I am running a mac os x version 10.3.9. And i ran a virus scan for my apps with ClamXav so far there hasnt been a virus detected. Can someone PLEASE help me becuase when i tell my dad he is going to kill me if i dont fix it....
  Thx alot, Robby

  Hi k0rnyfr33k,
  This is one of the oldest tricks in the virus writer's bag. When one of these infected e-mails hits a Windows computer, the virus/worm/Trojan automatically copies itself to every person in their address book. At the same time, it uses any one of those names to spoof the "from" address to make it look like it came from somewhere else. So it's an almost 100% certainty that the virus they got came from someone else's computer whom you know who has your e-mail address in their address book. I've gotten such stuff with my own address as the sender. Meaning that I know it came from one of my relatives, friends, or someone else who has my e-mail stored in their address book in Windows.

• Cleaning Worm/Generic.GTD

  Hello all,
  I hope I have posted this in the right place, sorry if not.
  I have recently returned from an overseas trip and have been storing my photos variously on a portable hard drive and sd cards. Whilst doing so I have picked up a worm that AVG virus software describes as Worm/Generic.GTD. The affect on my hard drive is that it still holds the approx. 10GB of photos, but the photo folders and files themselves are hidden and replaced with a folder with the same name but reading as holding only 220kb of info. Also, folders that I have delete reappear and I can't access any of the information in the the folders.
  The reason that I am posting here is that whilst overseas I also purchased a Macbook. I am a new Apple user and am unsure of the vulnerability of Macs to viruses in general, and specifically Worm/Generic.GTD in this case.
  I really want to sort my photos.
  So my questions are, a) will this worm infect my Macbook if I plug it, and b) if yes, how can I plug in the affected hardware, clean it, access my photos + make sure the worm doesn't infect me all at the same time.
  Thanks for your help.

  So my questions are, a) will this worm infect my Macbook if I plug it
  No, not unless you install Windows on your MacBook, and then only the Windows section would be affected.

• Worm-downad.ad

  Hi All I need some help to solve this problem. I have a G5 with Mac OS X Tiger server installed. I host my own mail and web server. I have about 6 other macs connected to the server. About 2 days ago an account came and connected her PC laptop via TCP/IP for internet access, this morning she called to say her computer was attacked by the downad.ad worm while is was connect on my network. She said, her tech person told her the worm came through port 445 because it is not secured and I have to close it to prevent further attacks. Is this true? and if so, how can I secure port 445? Thanks in advance.
  BTW, I have no complains about the 6 other macs on the network. please help.

  There's a couple things wrong with this story:
  1) She has no proof that her computer was infected while on your LAN, and it's unlikely she was considering it's a windows virus.
  2) The worm comes through port 445 on her computer, not yours. It wouldn't transmit through your system.
  Essentially she's confused about how viruses work, and her tech guy didn't explain it well enough.
  But, to answer your question -- OSX uses ipfw, check out http://www.hanynet.com/waterroof/ for a free app on how to configure it. However, it has nothing to do with her virus or your network.

• Mac Newbie - System restore/Time machine type question

  Hi There, Macbook newbie here, got my macbook for xmas and I am totally converted.
  I was hoping someone could point me in the direction of how to set up a 'system restore' type of thing similiar to the windows system restore via time machine.
  Do I need to connect to an external hard drive for this?
  External hard drive question, are there special 'mac' external hard drives or could I just pick anyone up eg seagate/freecom etc?
  Anti virus question: which software would you recommend for Anti virus?
  Appreciate any help and looking forward to making them most of my new mac!

  kal137 wrote:
  Hi There, Macbook newbie here, got my macbook for xmas and I am totally converted.
  I was hoping someone could point me in the direction of how to set up a 'system restore' type of thing similiar to the windows system restore via time machine.
  Hi, and welcome to the forums.
  In addition to the info offered by Jolly Giant, Time Machine is rather different from the system restore feature of Windoze.
  First, a bit of terminology: +Time Machine+ is the software built-in to recent Macs that does backups and restores. It can back up to an internal HD, an external HD, or a +Time Capsule,+ which is a piece of Apple hardware that combines a wireless router and hard drive.
  Technically, this forum is for +Time Capsules;+ there are separate forums in the Leopard and Snow Leopard sections for +Time Machine.+
  Time Machine backs-up +*your entire system+* -- OSX, apps, configuration, users, settings, preferences, data, etc. It also keeps previous versions of things you've changed or deleted (so it needs more space than what's used on your system).
  You can then easily browse the backups and restore selected items, if you've deleted or changed them in error, or they somehow got corrupted.
  Or, if something goes terribly wrong, you can also restore your entire system to the exact state it was in at the time of any backup, even if that's a previous version of OSX. That's the procedure Jolly Giant referred you to in the FAQ Tip.
  You might want to review these:
  Time Machine Tutorial
  Time Machine 101
  How to back up and restore your files
  Time Machine Features
  Apple - Support - Mac OSX v10.5 Leopard Time Machine
  and perhaps browse the Time Machine - Frequently Asked Questions *User Tip,* also at the top of the +Time Machine+ forum.
  See especially #1 and #5 there before getting started.

• Viruses and iPods

  I'm new with iPods (yes I know it's sad). I'll be getting an iPod nano for my birthday next month and was wondering...can viruses from PCs get transferred to my iPod and ruin it? My dad has a Windows 98 PC (REALLY OLD!!) and he's got a bunch of pictures on there and he was hoping that I use my iPod to transfer all the pictures from his computer to mine and then print them. Is it safe to do so or should I just not connect my new iPod to that crummy old PC?? I think my dad's PC is corrupted with a virus but I'm not sure and I'm worried it'll transfer onto my iPod and ruin it completely. What should I do?
  Thanks.
  DELL   Windows XP  
  DELL   Windows XP  

  First of all, you can't use iTunes and therefore an ipod on a Windows 98 computer. As to your virus question, since the iPod and PC use different operating systems, a virus infecting a PC could not be transferred to an ipod. Although there are currently no iPod viruses, in theory one could be created. The file would have to sit on your PC and somehow be transferred into your ipod.

• Office 365 Anti-Virus?

  Hi All,
  I know the OS X third-party Anti-Virus question has been answered Ad nauseam, but my question regards Office 2011 for MAC, with MS Office reputation of being a real magnet for picking-up nasty stuff, do I need need a third-party anti-nasty tool when using MS Office on a MAC?
  IMHO OS X is already well protected, but as we have seen with Java, this protection doesn't always extend to third-party applications.

  There are no currently-known vulnerabilities in Microsoft Office that allow malware to be installed. The only one that is being used right now to install malware on Macs is a vulnerability in Office 2004 and 2008 that was patched by Microsoft in June of 2009. So, any Mac with a different version of Office, or one where the Office updater has been run at least once since mid-2009, is safe at this time.
  Word macro viruses are a remote possibility, now that Microsoft has added their scripting language back to Office, but those are pretty rare. Just make sure that Office is set to not load such scripts.