Windows Defender Offline

A new product from Microsoft (old name for sure but a new product with
real meaning to it) to look for in the next few months. It can do all
of this:

1. Windows won't boot: You can boot your machine with a WDO CD or USB
drive, and WDO will perform a detailed malware scan.

2. You suspect you have a rootkit: WDO can scan your system and remove
many different kinds of rootkits.

<http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline>

Good luck.

Tester wrote:
> A new product from Microsoft (old name for sure but a new product with
> real meaning to it) to look for in the next few months. It can do all
> of this:
>
> 1. Windows won't boot: You can boot your machine with a WDO CD or USB
> drive, and WDO will perform a detailed malware scan.
>
> 2. You suspect you have a rootkit: WDO can scan your system and remove
> many different kinds of rootkits.
>
> <http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline>
>
> Good luck.
>

The reason for a 32 bit or a 64 bit version, is the tool builds its
own OS for the offline scan, using Windows files. Unlike some
other offline scanners, which come with their own OS.

http://technet.microsoft.com/en-us/m.../hh547009.aspx

Paul

On 01/04/2012 09:33 PM, Tester wrote:
> A new product from Microsoft (old name for sure but a new product with
> real meaning to it) to look for in the next few months. It can do all
> of this:
>
> 1. Windows won't boot: You can boot your machine with a WDO CD or USB
> drive, and WDO will perform a detailed malware scan.
>
> 2. You suspect you have a rootkit: WDO can scan your system and remove
> many different kinds of rootkits.
>
> <http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline>
>
> Good luck.
>



All well and good but in the case of root kits...
what would lead someone to suspect one is when their credit card or bank
account gets compromised...
in other words *too late*


That's why I moved over to Linux 2+ years ago

In news:je3coc$lk6$,
philo wrote:
> All well and good but in the case of root kits...
> what would lead someone to suspect one is when their credit card or
> bank account gets compromised...
> in other words *too late*
>
> That's why I moved over to Linux 2+ years ago

You are a Linux user and don't know what Root means? That is where the
rootkit was originally created for. Hacking into Linux and Unix
machines. It just amazes me how many Linux users who knows nothing about
Linux malware. Most Linux users don't run AV software or anything. And
they could be totally infected with malware and still be totally
clueless.

--
Bill
Gateway M465e ('06 era) - OE-QuoteFix v1.19.2
Centrino Core Duo T2400 1.83GHz - 2GB - Windows XP SP3

In news:4f097ef4$,
Alias wrote:
> On 01/08/2012 12:13 PM, BillW50 wrote:
>> In news:je3coc$lk6$,
>> philo wrote:
>>> All well and good but in the case of root kits...
>>> what would lead someone to suspect one is when their credit card or
>>> bank account gets compromised...
>>> in other words *too late*
>>>
>>> That's why I moved over to Linux 2+ years ago
>>
>> You are a Linux user and don't know what Root means? That is where
>> the rootkit was originally created for. Hacking into Linux and Unix
>> machines. It just amazes me how many Linux users who knows nothing
>> about Linux malware. Most Linux users don't run AV software or
>> anything. And they could be totally infected with malware and still
>> be totally clueless.
>
> Cite one virus or root kit for Linux in the wild.

You got to be the laziest person I know.

http://packetstormsecurity.org/UNIX/...ation/rootkits

Cross-platform Boonana Trojan targets Facebook users | Naked Security
http://nakedsecurity.sophos.com/2010...acebook-users/

http://www.ossec.net/rootkits/lrk.php

> The ONLY way it can happen is if the user lets it happen by keying in
> his or her password when something tries to install.

No that isn't the only way. Like an attacker using a buffer overflow to
gain root level access is just one other way. And you can get infected
through an official repository too. Through Firefox, through Adobe
Flash, etc.

Gentoo ships backdoor
http://www.zdnet.com/blog/bott/linux...r-updated/2206

> Having a router with a NAT firewall enabled and keeping up-to-date
> with security updates is ALL you need with Linux.

That is not what the Linux security people say.

Securing Linux
http://www.net-security.org/article.php?id=111

Linux Security HOWTO
http://tldp.org/HOWTO/Security-HOWTO/

Linux Installation
http://www.phys.ufl.edu/docs/system/linux.html

> YOU, Mr. No Windows Updates, are probably infected and
> don't know it.

Always wishing upon a star, eh?

--
Bill
Gateway M465e ('06 era) - OE-QuoteFix v1.19.2
Centrino Core Duo T2400 1.83GHz - 2GB - Windows XP SP3

In news:4f0995c5$,
Alias wrote:
> On 01/08/2012 01:53 PM, BillW50 wrote:
>> In news:4f097ef4$,
>> Alias wrote:
>>> On 01/08/2012 12:13 PM, BillW50 wrote:
>>>> In news:je3coc$lk6$,
>>>> philo wrote:
>>>>> All well and good but in the case of root kits...
>>>>> what would lead someone to suspect one is when their credit card
>>>>> or bank account gets compromised...
>>>>> in other words *too late*
>>>>>
>>>>> That's why I moved over to Linux 2+ years ago
>>>>
>>>> You are a Linux user and don't know what Root means? That is where
>>>> the rootkit was originally created for. Hacking into Linux and Unix
>>>> machines. It just amazes me how many Linux users who knows nothing
>>>> about Linux malware. Most Linux users don't run AV software or
>>>> anything. And they could be totally infected with malware and still
>>>> be totally clueless.
>>>
>>> Cite one virus or root kit for Linux in the wild.
>>
>> You got to be the laziest person I know.
>>
>> http://packetstormsecurity.org/UNIX/...ation/rootkits
>>
>> Cross-platform Boonana Trojan targets Facebook users | Naked Security
>> http://nakedsecurity.sophos.com/2010...acebook-users/
>>
>> http://www.ossec.net/rootkits/lrk.php
>>
>>> The ONLY way it can happen is if the user lets it happen by keying
>>> in his or her password when something tries to install.
>>
>> No that isn't the only way. Like an attacker using a buffer overflow
>> to gain root level access is just one other way. And you can get
>> infected through an official repository too. Through Firefox,
>> through Adobe Flash, etc.
>>
>> Gentoo ships backdoor
>> http://www.zdnet.com/blog/bott/linux...r-updated/2206
>>
>>> Having a router with a NAT firewall enabled and keeping up-to-date
>>> with security updates is ALL you need with Linux.
>>
>> That is not what the Linux security people say.
>>
>> Securing Linux
>> http://www.net-security.org/article.php?id=111
>>
>> Linux Security HOWTO
>> http://tldp.org/HOWTO/Security-HOWTO/
>>
>> Linux Installation
>> http://www.phys.ufl.edu/docs/system/linux.html
>>
>>> YOU, Mr. No Windows Updates, are probably infected and
>>> don't know it.
>>
>> Always wishing upon a star, eh?
>
> All your links require user stupidity. No wonder you believe them. The
> Facebook one is classic. No wishing, sport, you're infected.

User stupidity as in Alias? How in the world could you miss: "UnrealIRCd
detailing a trojan packaged with their IRCd (Internet Relay Chat deamon)
for Linux."? Linux users were downloading this trojan for over 7 months
and nobody noticed this backdoor running on their system. That is
because Linux users have this foolish blind trust that makes them
complacent.

Most Windows users don't have this blind trust and an Windows AV would
have flagged it right away and it would be gone. But Linux users don't
normally run AV, now do they?

Linux: Infected by Complacency | Computing on Demand
http://computingondemand.com/linux-i...y-complacency/

--
Bill
Gateway M465e ('06 era) - OE-QuoteFix v1.19.2
Centrino Core Duo T2400 1.83GHz - 2GB - Windows XP SP3

On 1/8/2012 5:13 AM, BillW50 wrote:
> In news:je3coc$lk6$, philo wrote:
>> All well and good but in the case of root kits... what would lead
>> someone to suspect one is when their credit card or bank account
>> gets compromised... in other words *too late*
>>
>> That's why I moved over to Linux 2+ years ago
>
> You are a Linux user and don't know what Root means? That is where
> the rootkit was originally created for. Hacking into Linux and Unix
> machines. It just amazes me how many Linux users who knows nothing
> about Linux malware. Most Linux users don't run AV software or
> anything. And they could be totally infected with malware and still
> be totally clueless.

I honestly didn't know that, so I went to Wikipedia and found this:

> The term rootkit or root kit originally referred to a
> maliciously-modified set of administrative tools for a Unix-like
> operating system that granted "root" access. If an intruder could
> replace the standard administrative tools on a system with a rootkit,
> the intruder could obtain root access over the system whilst
> simultaneously concealing these activities from the legitimate system
> administrator. These first generation rootkits were trivial to detect
> by using tools such as Tripwire that had not been compromised to
> access the same information.

It amazes me how the most die-hard Linux user claims that they are
impervious to viruses. Though truth be know it's more likely that there
isn't much of an interest in targeting such a small demographic, and the
interest is in targeting the most common OS on PCs today. Now if things
were the other way and Linux was the most popular OS on PCs then we
would be hearing about viruses on them instead.


--

Roy Smith
Windows 7 Home Premium 64-Bit
Thunderbird 9.0.1
Sunday, January 08, 2012 8:36:03 AM

On 1/8/2012 8:36 AM, Roy Smith wrote:
> On 1/8/2012 5:13 AM, BillW50 wrote:
>> In news:je3coc$lk6$, philo wrote:
>>> All well and good but in the case of root kits... what would lead
>>> someone to suspect one is when their credit card or bank account
>>> gets compromised... in other words *too late*
>>>
>>> That's why I moved over to Linux 2+ years ago
>>
>> You are a Linux user and don't know what Root means? That is where
>> the rootkit was originally created for. Hacking into Linux and Unix
>> machines. It just amazes me how many Linux users who knows nothing
>> about Linux malware. Most Linux users don't run AV software or
>> anything. And they could be totally infected with malware and still
>> be totally clueless.
>
> I honestly didn't know that, so I went to Wikipedia and found this:
>
>> The term rootkit or root kit originally referred to a
>> maliciously-modified set of administrative tools for a Unix-like
>> operating system that granted "root" access. If an intruder could
>> replace the standard administrative tools on a system with a rootkit,
>> the intruder could obtain root access over the system whilst
>> simultaneously concealing these activities from the legitimate system
>> administrator. These first generation rootkits were trivial to detect
>> by using tools such as Tripwire that had not been compromised to
>> access the same information.
>
> It amazes me how the most die-hard Linux user claims that they are
> impervious to viruses. Though truth be know it's more likely that there
> isn't much of an interest in targeting such a small demographic, and the
> interest is in targeting the most common OS on PCs today. Now if things
> were the other way and Linux was the most popular OS on PCs then we
> would be hearing about viruses on them instead.
>

Devout Linux and Apple users rely on "security by obscurity", they just
don't know that is what it is called.

On 1/8/2012 8:53 AM, Alias wrote:
> On 01/08/2012 03:36 PM, Roy Smith wrote:
>> On 1/8/2012 5:13 AM, BillW50 wrote:
>>> In news:je3coc$lk6$, philo wrote:
>>>> All well and good but in the case of root kits... what would lead
>>>> someone to suspect one is when their credit card or bank account
>>>> gets compromised... in other words *too late*
>>>>
>>>> That's why I moved over to Linux 2+ years ago
>>>
>>> You are a Linux user and don't know what Root means? That is where
>>> the rootkit was originally created for. Hacking into Linux and Unix
>>> machines. It just amazes me how many Linux users who knows nothing
>>> about Linux malware. Most Linux users don't run AV software or
>>> anything. And they could be totally infected with malware and still
>>> be totally clueless.
>>
>> I honestly didn't know that, so I went to Wikipedia and found this:
>>
>>> The term rootkit or root kit originally referred to a
>>> maliciously-modified set of administrative tools for a Unix-like
>>> operating system that granted "root" access. If an intruder could
>>> replace the standard administrative tools on a system with a rootkit,
>>> the intruder could obtain root access over the system whilst
>>> simultaneously concealing these activities from the legitimate system
>>> administrator. These first generation rootkits were trivial to detect
>>> by using tools such as Tripwire that had not been compromised to
>>> access the same information.
>>
>> It amazes me how the most die-hard Linux user claims that they are
>> impervious to viruses. Though truth be know it's more likely that there
>> isn't much of an interest in targeting such a small demographic, and the
>> interest is in targeting the most common OS on PCs today. Now if things
>> were the other way and Linux was the most popular OS on PCs then we
>> would be hearing about viruses on them instead.
>>
>>
>
> Thank you for regurgitating MS FUD. It's bullshit.

In your opinion.... just think about it, if you were of a criminal mind
and wanted to write a malware program to acquire bank account numbers
and you had your choice of three OSs. OS #1 has a base of 1,500,000
users, OS #2 has 9,000,000 users, and OS #3 has 250,000,000 users.
Which one would you choose?

I would think #3, not because it may be easier to write malware for that
OS, but because it has far more users than the other OSs thus increasing
your chances of obtaining your goal.


--

Roy Smith
Windows 7 Home Premium 64-Bit
Thunderbird 9.0.1
Sunday, January 08, 2012 10:07:22 AM

In news:ZRhOq.221534$,
Roy Smith wrote:
> On 1/8/2012 5:13 AM, BillW50 wrote:
>> In news:je3coc$lk6$, philo wrote:
>>> All well and good but in the case of root kits... what would lead
>>> someone to suspect one is when their credit card or bank account
>>> gets compromised... in other words *too late*
>>>
>>> That's why I moved over to Linux 2+ years ago
>>
>> You are a Linux user and don't know what Root means? That is where
>> the rootkit was originally created for. Hacking into Linux and Unix
>> machines. It just amazes me how many Linux users who knows nothing
>> about Linux malware. Most Linux users don't run AV software or
>> anything. And they could be totally infected with malware and still
>> be totally clueless.
>
> I honestly didn't know that, so I went to Wikipedia and found this:
>
>> The term rootkit or root kit originally referred to a
>> maliciously-modified set of administrative tools for a Unix-like
>> operating system that granted "root" access. If an intruder could
>> replace the standard administrative tools on a system with a rootkit,
>> the intruder could obtain root access over the system whilst
>> simultaneously concealing these activities from the legitimate system
>> administrator. These first generation rootkits were trivial to detect
>> by using tools such as Tripwire that had not been compromised to
>> access the same information.
>
> It amazes me how the most die-hard Linux user claims that they are
> impervious to viruses. Though truth be know it's more likely that
> there isn't much of an interest in targeting such a small
> demographic, and the interest is in targeting the most common OS on
> PCs today. Now if things were the other way and Linux was the most
> popular OS on PCs then we would be hearing about viruses on them
> instead.

You got it exactly! ;-) And if a Linux user gets infected, it can go
undetected for months or even years. Most Windows users doesn't have
that problem because they are so vigilant against malware, it is
discovered and weeded out right away. Here is a good example of the
Linux community totally blinded and missed a trojan on Gentoo's official
repositories. Funny, no mention how many actually downloaded that
backdoor.

Linux: Infected by Complacency
http://computingondemand.com/linux-i...y-complacency/

--
Bill
Gateway M465e ('06 era) - OE-QuoteFix v1.19.2
Centrino Core Duo T2400 1.83GHz - 2GB - Windows XP SP3