PDA

View Full Version : Spyware issues



Bodes
05-07-2005, 09:04 PM
I downloaded “spybot” and came up with 187 issues and deleted these. Had a problem after this with a file called “media access” so using the advice of the knowledgeable members of this forum downloaded “adaware” which found another 120 issues! Does this mean spybot missed the issues adaware picked up and if so is this normal? In any case, the problem I had with the media access file seems to be fixed (no more duplicating windows and can’t find it on the program file list in explorer) – so thank you to those who responded under my thread last night “spybot problem”.

Whilst searching my “C” drive program files I noticed “Xerox” folder with another folder therein called “nwwia” which has nothing in it. So I thought just right click and delete this – but alas a box pops up saying it can’t be deleted (just like the media access folder last night – but that folder had things in it). Any ideas on what this folder is and should I be worried?

mark c
05-07-2005, 09:16 PM
Check it out through a Search Engine, see if you can find some info on it and if you decide you don't want it then boot into Safe Mode ( by pressing F8 during boot up) and try removing it from there. HTH........m

And yes one malware program will not pick up exactly what another malware program will pick up, depends on definitions, updates, malware tricks, sunspots.... :eek:

Safari
05-07-2005, 09:57 PM
Ad-Aware and Spybot will not remove everything either and as 307 have already been found there is a possibility that more exist.
You should run HijackThis and get the log file checked.

Have you realized by now that most of this spyware has been installed as a result of you using Windows programs. There are other options.

Metla
05-07-2005, 10:05 PM
Safari, You do realise that a huge amount of spyware is given permission to install by the user, especially now that many of the loopholes have been closed with updates.

What say you when Kazza is distibuted for the MAC with a half dozen parasite programs and installed by the user, If 5 seconds later the comp is getting popups, net access is going crazy and the home page has been changed would this be the users fault?,or would it be that the software has suddenly lost its superority?

Safari
05-07-2005, 10:15 PM
I was really pointing out that there are other web browsers apart from IE.
I did not even have Macs on my mind when I posted but I could develop that theme.

Metla
05-07-2005, 10:23 PM
I wasnn't getting at that, I was just musing the other day about the amount of spyware that is installed by users,and how I have seen a drop in certain types on machines that are patched.

Which got me thinking about parasite programs, the common user and the types of delivery methods that the scammers would use if Mac was able to get a bigger user base and become a worthwhile target.

The reports of Apple viruses (yes, I know the reports are without substance) all point to the user having to install the virus, And from my experience a huge number of the genera Windows using population will blindly install and run spyware/adware without a seconds thought.

So, I figuired I would bring the subject up with our resident Mac expert.......

pctek
05-07-2005, 10:43 PM
Does this mean spybot missed the issues adaware picked up and if so is this normal?

Whilst searching my “C” drive program files I noticed “Xerox” folder with another folder therein called “nwwia” which has nothing in it. So I thought just right click and delete this – but alas a box pops up saying it can’t be deleted
They are best used together for this reason. However the second scan would have had a lot of cookies too. Always good to remove the ones it focuses on.

Get Hijackthis as suggested and run that to. There is a program called Unlocker which you can use to delete the annoying folder. Or boot into safe mode and then try to delete it normally.

Safari
05-07-2005, 10:44 PM
The state of OS X's security is rather healthy. At the heart of the operating system is a Unix core that has been lovingly audited by the devoted open source community for years

By default, OS X users do not log on to a Mac as the root user - with access to the directory that includes all other directories. This effectively isolates the amount of damage that could potentially be done to a machine. So while a user could switch to root, it is only through a fairly obscure path and certainly not something that could be enabled accidentally. In addition, the majority of applications - widgets aside - do not auto-install and require an administrator password to proceed.

Spyware – programs that record information, such as browsing habits or keystrokes, and send it to a remote server – runs rampant on Windows, but there are currently no real spyware programs that affect the Mac and I believe due to the nature of the operating system they would be extremely difficult to install if it was attempted.

Metla
05-07-2005, 10:51 PM
um, That didn't answer any of the questions I raised, If addional software is downloaded and installed the user would have to have full permission to install run it?....correct?

And parasite software could also be installed at teh same time and be able to run unhinred?....correct?

Thus we would have a spyware infected machine?

These are real questions, Im not referring to hijacks auto-installing through a browser, (was that a marketing speech you just gave me?, I am well awere that Windows has an issue with spyware,and that Mac at present doesn't)

tweak'e
05-07-2005, 11:01 PM
but there are currently no real spyware programs that affect the Mac and I believe due to the nature of the operating system they would be extremely difficult to install if it was attempted.
sorry i certainly can't agree that it will be difficult to install spyware on a MAC or any linux pc. if you can install a normall program, you can install a spyware program. the only difference between the two is which side of the fence you are on.

most "spyware" are legit programs. proberly only half would use a malicous method of install. the rest are simply installed by users.

Safari
05-07-2005, 11:10 PM
Logging in as root also means that any application or process you launch -- knowingly or unknowingly -- has full access to every file on your Mac.
By default, OS X users do not log on to a Mac as the root user which is what makes it so secure.

Nearly anything you might need root-level privileges to do such as installing programs can be done from within your own user account.

plod
05-07-2005, 11:13 PM
sorry i certainly can't agree that it will be difficult to install spyware on a MAC or any linux pc. if you can install a normall program, you can install a spyware program. the only difference between the two is which side of the fence you are on.

most "spyware" are legit programs. proberly only half would use a malicous method of install. the rest are simply installed by users.
you are right, if i was to install it it would work if it was designed for the mac,thats not in denial,the point is to install anything in a os x not as simple as clicking the yes button to get rid of the popups,
Same with viruses, had a angry call from a mate that said i sent him a virus, I probably did, don't use any antivirus software so some of my emails may be riddled with them, but as they dont effect my computer i dont do anything about it.

tweak'e
05-07-2005, 11:20 PM
i havn't used mac's since the apple 2e's where around ;)

i take it the admin system is like linux, you need to be in root to install a program. this makes it harder for progs to be installed by malicous means however it dosn't stop the user installing it which is how a good 50% of spyware is installed.

the only thing stopping them is intent.

mark c
05-07-2005, 11:26 PM
Bodes, If you want to practice some safe computer habits at a basic level do this........

A. Use a browser other than IE

B. Do a clean-up after every surfing session - history / temp file / cookies (or whatever they are called depending on your browser)

C. Get www.ccleaner.com and run it regularly. ( I do most particularly after going to any 'dodgy' sites (as people do).

Sounds to me like you've got a really polluted machine there. HTH......m

plod
05-07-2005, 11:27 PM
Bodes, If you want to practice some safe computer habits at a basic level do this........

A. Use a browser other than IE

B. Do a clean-up after every surfing session - history / temp file / cookies (or whatever they are called depending on your browser)

C. Get www.ccleaner.com and run it regularly. ( I do most particularly after going to any 'dodgy' sites (as people do).

Sounds to me like you've got a really polluted machine there. HTH......m
seems alot of hassle to go to when surfing the net

tweak'e
05-07-2005, 11:38 PM
Bodes, If you want to practice some safe computer habits at a basic level do this........

A. Use a browser other than IE

B. Do a clean-up after every surfing session - history / temp file / cookies (or whatever they are called depending on your browser)

C. Get www.ccleaner.com and run it regularly. ( I do most particularly after going to any 'dodgy' sites (as people do).

thats overkill for basic level. cleaning out temp files etc all the time is going to really slow net use down.

single biggest thing is to use comman sence. that prevent 90% of malware being installed.
useing a non-activeX browser will stop the activeX based ones from loaded from web sites. alternative browsers may also have activeX plugins which can also run activeX content so switching to an alternative browser is not allways a good move.
then a decent working antivirus to catch anything trying to autoinstall.
then a firewal to alert you to anything that may have gotten installed by other means.
and finally spyware removal programs for when they do get installed.

hopefully you already have AV and firewalls installed to stop virus's, trojens, worms etc.

mark c
05-07-2005, 11:41 PM
Keeps every machine I maintain running smoothly plod. :D

(for a start).

mark c
06-07-2005, 12:16 AM
Sure tweak'e but I would rather overkill than under. Especially for a novice who reports 307 items of crudware.

Removing all this stuff I mentioned hasn't in my experience slowed down surfing. So the log-in cookie for Pressf1 has gone so hoooots, takes a couple of seconds to re-login.

Rather be safe than sorry. (be nice to hear back from bodes too.) :D ...................m

tweak'e
06-07-2005, 09:30 PM
cleaning out the cache will not prevent ANY malware from installing, it might prevent it reinstalling itself.

if your on a super fast broadband you might not notice any difference in browseing speed. however try running it on a 33k modem and there is a HUGE difference in speed, you go from 5 second load time to 60 second load.

Poppa John
06-07-2005, 10:16 PM
The arguments Windows versus Mac always makes me smile. Microsoft is by far the biggest OS provider, ( whether you like it or not) & will be for a long time to come. Because there are so many MS dissatisfied users, & so many "programmers" want to cause them harm; then MS IS going to be a target for "Damage Makers"

Lets face it (whether you like it or not) Mac will never be the same size not in my lifetime anyway. Therefore there is not the Challenge to cause Damage to a Mac system.

Windows versus Mac is a personal choice. We are talking Apples & Pears here. Sure they are both "Computer Systems". A Ford is a Ford, a Holden is a Holden: they are both cars. Who is to say which is better? Just personal choice.

So you think Mac and/or Linux is the best? Well bully for you. That is your opinion, " I disagree with you, but I will fight to the death for us to have the right to express opinions" (something like that anyway).

I do wish some people would give it a rest with Windows, Linux, Mac. I get fed up with hearing the same arguments, going nowhere, causing only ill feeling.

Rant over, I feel better now PJ :2cents: :blush:

mark c
06-07-2005, 10:25 PM
Yeah I agree with you there PJ, comes up all the time , never goes anywhere new..............m

Metla
06-07-2005, 10:26 PM
I think if Mac started selling the OS by itself it would make massive inroads, I would not only immediatly make packages available but build up a system for myself.The time is right for a real competitor to MS.

I wouldn't garentee I would still be bothering to use it a year later but I would give it a crack.

Though from what I have seen in this thread alone the larger user-base will quickly bring an Mac OS down to the level of Windows, especially if they go into it thinking they are untouchable.

As soon as the userbase was large enough people would be making "killer apps" available, that would be saturated in Spyware, And the users knowing no better would install them.

Look how many millions of people downloaded and installed Kazzaa even when the reality of what it was up to was common knowklege, or could be found in 2 mouse clicks.

For many as long as they can download songs they don't give a rats......

Metla
06-07-2005, 10:27 PM
This isn't a Mac vs anything thread.

mark c
06-07-2005, 10:34 PM
Come in bodes. Earth to bodes. We are here for you now.......m

plod
06-07-2005, 10:38 PM
This isn't a Mac vs anything thread.
and I don't know why it was mentioned as one?

Poppa John
06-07-2005, 10:43 PM
and I don't know why it was mentioned as one?


Bodes. My apologies for ranting on your thread.

Mac/windows was mentioned earlier in this thread. PJ

Metla
06-07-2005, 10:45 PM
PJ, I need to talk to ya about that spare CPU, I have probally sold it for you.

On the exact night that we are uploading a functional version of tradef1 as well.....

mark c
06-07-2005, 10:52 PM
Yay tradef1. Look forward to it metla. Good on you.

Blaupunkt Ravenna C 127 for sale (car radio/cassette player) offers.......

Nothing under 100 bucks..........m :D

Metla
06-07-2005, 10:54 PM
Just out of interest I went and had a look on a kazza site that claimed 821,951 people had downloaded it in the last week.

Spyware is big bizzo.

Poppa John
06-07-2005, 10:57 PM
PJ, I need to talk to ya about that spare CPU, I have probally sold it for you.

On the exact night that we are uploading a functional version of tradef1 as well.....

M... Will call in tomorrow.....J