Sign in to follow this  
Followers 0
canr

Virus Extensions?

14 posts in this topic

Except for an .exe. When you open what other types of files, is it dangerous to open or the type you would not risk on your own computer.

.swf, .avi? Also explain please.

0

Share this post


Link to post
Share on other sites

you can pack it into anything. .pdf .pif .doc really any file and be stacked with a virus.

0

Share this post


Link to post
Share on other sites

.vbs extensions are bad too. However most nasty Virii are certain .dll files mainly crap that looks like yyjkkk., etc. Also look out for crap that appears to be a movie but with an .exe at the end.Ex: Donkeypunch.avi.exe

0

Share this post


Link to post
Share on other sites
.vbs extensions are bad too. However most nasty Virii are certain .dll files mainly crap that looks like yyjkkk., etc. Also look out for crap that appears to be a movie but with an .exe at the end.Ex: Donkeypunch.avi.exe

.exe is a given. So a .doc file can be a virus? Whats being executed?

0

Share this post


Link to post
Share on other sites

Anything with executable code. This obviously means things like .exe or .scr, but some are not so obvious. Microsoft .doc files (and other office files like .xls) are scriptable, code in them can be run as soon as you open the file. Even less obvious are viruses that take advantage of vulnerabilities in some software to execute code. For example, say Windows Media Player incorrectly parses a malformed .avi file causing a buffer overflow or something, allowing a properly-crafted .avi file to actually run code. These are more rare than the other types as not only do they rely on one specific piece of software to spread, but rely on very specific versions. However, similar things are done with email clients. Microsoft Outlook is notorious for this. At once point you could rename a visual basic file to .jpg, it would pass the filters Outlook had to not execute vb files based on the filename, then it would go ahead and run the vb file anyway.

So the short answer is "anything executable." The long answer is "anything someone can make executable, so really any file."

As for the relative danger, .exe, .scr, .bat, etc you should be wary of. Microsoft office formats are dangerous too. Turn on file extensions with Windows explorer. Some people will take a .exe file, name it something.mp3.exe and change the icon to look like an mp3 file. As for the other file extensions you're pretty safe. There isn't likely to be any danger in opening a .mp3 or .avi file. Keep your programs updated and you'll be fine.

0

Share this post


Link to post
Share on other sites

i think you should expect anything you run to be malicious. i used to use an application firewall to help monitor what was happening like system safety montior along with kernel based registry protection, but i think most people use sandboxes as well now. if you are interested there are programs like returnil and powershadow.

http://www.horizondatasys.com/169614.ihtml

and for host protection there are things like DefenseWall and Online Armor. i haven't used any of these programs though since i stopped using windows, i'd really like to get back in to windows security, but i hate vista, or vista plus all the crap that comes installed on HP computers!!

Edited by iceni
0

Share this post


Link to post
Share on other sites

Anything can be a virus. You can have a viral .txt file. Even though a txt file technically holds no extra data, you can still initalize it. For example take "windows\system32\sol.exe", thats solitare, and copy it to your desktop. Open it... it runs, now rename it to sol.txt. Try to run it... notepad with garbled garbage opens. Open a blackspace (cmd.exe) type: runas /user:administrator click and drag the sol.txt into the blackspace (w00t MS stole this from someone dunno who though) it will automatically add the files path in quotes should look sumthin like dis: C:\WINDOWS\system32>runas /user:administrator "C:\Documents and Settings\CRAYGEE\Desktop\sol.txt"

Guess what happens... you launched a .txt file. This can all be batched out to run using other tools to initialize the files. This is where your constant scanners i.e. McAfee's On-Access Scanner and Anti-Vir's Guard come to your assistance.

0

Share this post


Link to post
Share on other sites

There have been a few PDF related exploits lately, make sure you use the latest version when reading a document from an unknown source.

Use a UNIX(OpenBSD) system on an untraditional architecture(VAX), That'll help 99.9% of the time. 8)

0

Share this post


Link to post
Share on other sites

i don't mean to

spoil

anything...but most likely if you get a .doc file from your co-workers or whatever they aren't viruses. i only get suspicious if some random irc dude just direct connected to my aim and wants to send a folder to me.... i don't usually open it. i have a router and no ports forwarded so im pretty safe from any kind of trojan run live, so they wouldn't be able to control it if it infected me. i feel safe even though i don't have an AV.

in a while when you have more computer experience than all of your grandparents have driving experience you wont need them either :P

0

Share this post


Link to post
Share on other sites
i don't mean to

spoil

anything...but most likely if you get a .doc file from your co-workers or whatever they aren't viruses.

A virus copies itself to other documents. Whether they know it or not, they could be sending you an infected file. Don't forget that a virus can also generate bogus infected documents or infect legit documents and send them to everyone in the address book. Don't automatically trust people you know, don't trust any attachments ever and be specially wary of anything containing executable code (such as .exes and .docs).

i have a router and no ports forwarded so im pretty safe from any kind of trojan run live, so they wouldn't be able to control it if it infected me. i feel safe even though i don't have an AV.

Trojans often connect out instead of waiting for incoming connections. Your NAT router won't help you there. A software application-level firewall will though. A NAT router will protect against worms that exploit vulnerable services running on your system but does nothing against other types of malware.

0

Share this post


Link to post
Share on other sites

Not to mention the people that think having protection allows them to blindly run cracks or go to sites that wont infect them.. This comes as well as to being on shit torrent sites, and adding a shitload of tool bars because of not looking at the things you install. If you think that any AV/AS works then you are behind like the security suites are, at least 0-9 before a fix is QA'd to be fixed. It is always going to be the gimmick with security software, some one will release a 0-day exploit, 1 hour later a trojan,spy,*.* adware server is made. The good ones are already infected in BHO's that are in IE and FFox even if you dont use ie. Then the AV/AS/MAL protection companies will take their time to make sure they got the fix, meanwhile the good malware has already fucked your popular PC condoms, and punched holes so deep it will take a slew of shots and fixes. To which everyone blames on Windowz and really it is the active seeking of exploits in shit like Norton and McAfee that send the MaM attack to exploit and poison the AV.. Thus never use anything, just man up to your userdom. If you are really that careful, you havent been that careful if you even use an Anti-whatever program. You wanted to crack a program(thus when I get bit I knew it and owned up to it, I didnt use a jailhouse excuse that my girlfriend got that bruise because she pulled a FightClub_) I closed off HTML in my email. I didnt click even once to believe I was getting a free 360, and understood that a legal debate makes all this crap still go on.. If you install AD-ware, then it sends your information to a spyware bot, whom sends that to a real trojan, and they make their money from your box being a hop and one less trace to ever getting caught. Then the Anti Virii dipshits hire these fuckheads when they get caught, making a deal to avoid jail time. Just expecting them to be the straight and narrow for the fear of being exposed, thus the double agents of keeping pc and future mac users in the dark.

Because I have never seen an infected machine, that wasnt infected by user habit, not to be crass.. But many think if they have a shitty AV they can run, dumbfuck.exe crack from orion, or something to that extent. Wow and it might make your 3000 dollar program work, instead of finding a serial key. And it does

And LETS let the fanboy shit begin

Linux, Unix, Mac, Novell, Windows, Shit= Well you think an OS for hacking is safe?. Well you think that gui for a hacking OS is safe?, You think that bsd-based on a hacking os even though dubious to users is safe?, You think that these other dipshits wont try to attack the leader of the OS marketshares?, and see how the spagetthi code was all fucked from win31? Shit= really fanboy crap that wont get your shit to working, etc.

I think console when I think of security, meaning not just game systems, but Wyse, Kiosks, etc..

No anti-virus is good, be better then them, if you must use know you strengths then get the infection out before it makes it a pain in the ass.

0

Share this post


Link to post
Share on other sites

Also no offense to orion, but the ones that skid and aren't them ,are easy to paradox a sid song loader, make a patch that fails(when passed in trojan) and back to square zero and thus get all the .box .ws sites to leet them something over 50 ad banners worth of active-x exploits and JS virii.. It is almost worth to pay for the stupid shit if your are a stupid shit, and that is not flaming, that is to all whom want to hack their schools, emails, friends pc's, and do the same thing that criminals in jail make the excuse for stealing a creditcard and getting caught for maxing it out on a set of rims. Give and take

0

Share this post


Link to post
Share on other sites
i don't mean to

spoil

anything...but most likely if you get a .doc file from your co-workers or whatever they aren't viruses.

A virus copies itself to other documents. Whether they know it or not, they could be sending you an infected file. Don't forget that a virus can also generate bogus infected documents or infect legit documents and send them to everyone in the address book. Don't automatically trust people you know, don't trust any attachments ever and be specially wary of anything containing executable code (such as .exes and .docs).

i have a router and no ports forwarded so im pretty safe from any kind of trojan run live, so they wouldn't be able to control it if it infected me. i feel safe even though i don't have an AV.

Trojans often connect out instead of waiting for incoming connections. Your NAT router won't help you there. A software application-level firewall will though. A NAT router will protect against worms that exploit vulnerable services running on your system but does nothing against other types of malware.

Dirty dirty reverse shells. Many a firewall has been brought to it's knees thanks to those.

Not to mention the people that think having protection allows them to blindly run cracks or go to sites that wont infect them.. This comes as well as to being on shit torrent sites, and adding a shitload of tool bars because of not looking at the things you install. If you think that any AV/AS works then you are behind like the security suites are, at least 0-9 before a fix is QA'd to be fixed. It is always going to be the gimmick with security software, some one will release a 0-day exploit, 1 hour later a trojan,spy,*.* adware server is made. The good ones are already infected in BHO's that are in IE and FFox even if you dont use ie. Then the AV/AS/MAL protection companies will take their time to make sure they got the fix, meanwhile the good malware has already fucked your popular PC condoms, and punched holes so deep it will take a slew of shots and fixes. To which everyone blames on Windowz and really it is the active seeking of exploits in shit like Norton and McAfee that send the MaM attack to exploit and poison the AV.. Thus never use anything, just man up to your userdom. If you are really that careful, you havent been that careful if you even use an Anti-whatever program. You wanted to crack a program(thus when I get bit I knew it and owned up to it, I didnt use a jailhouse excuse that my girlfriend got that bruise because she pulled a FightClub_) I closed off HTML in my email. I didnt click even once to believe I was getting a free 360, and understood that a legal debate makes all this crap still go on.. If you install AD-ware, then it sends your information to a spyware bot, whom sends that to a real trojan, and they make their money from your box being a hop and one less trace to ever getting caught. Then the Anti Virii dipshits hire these fuckheads when they get caught, making a deal to avoid jail time. Just expecting them to be the straight and narrow for the fear of being exposed, thus the double agents of keeping pc and future mac users in the dark.

Because I have never seen an infected machine, that wasnt infected by user habit, not to be crass.. But many think if they have a shitty AV they can run, dumbfuck.exe crack from orion, or something to that extent. Wow and it might make your 3000 dollar program work, instead of finding a serial key. And it does

And LETS let the fanboy shit begin

Linux, Unix, Mac, Novell, Windows, Shit= Well you think an OS for hacking is safe?. Well you think that gui for a hacking OS is safe?, You think that bsd-based on a hacking os even though dubious to users is safe?, You think that these other dipshits wont try to attack the leader of the OS marketshares?, and see how the spagetthi code was all fucked from win31? Shit= really fanboy crap that wont get your shit to working, etc.

I think console when I think of security, meaning not just game systems, but Wyse, Kiosks, etc..

No anti-virus is good, be better then them, if you must use know you strengths then get the infection out before it makes it a pain in the ass.

Windows can actually be incredibly secure as long as you don't have downs and run the right software (IDS', Daily AV/malware scans, spyware scans, firewalls -hardware based).

Edited by deadc0de
0

Share this post


Link to post
Share on other sites
Then the AV/AS/MAL protection companies will take their time to make sure they got the fix, meanwhile the good malware has already fucked your popular PC condoms, and punched holes so deep it will take a slew of shots and fixes.

Wow you have much anger in your writting my son LOL. AVERT Labs (McAfee) if sent the virus/trojan can have a fix (extraDAT) out in less than 45 mins. So its not that the company is taking their sweet time, its that they dont have a copy of it to make a deffinition. But its more than just the installation of any AV product it's how you utilize the protection built in that particular app. Most AV's for example dont protect their configs by default and people install and go expecting themselves to be safe. It's like driving a car off the showroom expecting to get to mexico from maine... you forgot to prepare it like put in gas. Unfortunately, there is no such thing as a secure machine. The most secure machine is one thats turned off and unplugged. Even terminals are easily exploited. They still go somewhere to initiate a connection. Stuff like CPS (Citrix Presentation Servers) and the types of connectivity that you use there can compromise your security. Even a windows console setup like Terminal Services is vulnerable. Even still the actual terminal itself has to have a host OS of sometype like CE, custom linux variant.

Now all that was the worst case senario. Is it going to happen to you? Chances are good but not 100%. So you apply preventative measures like AV/AS/ and MAL. After are you secure? Answer is no. But are you more secure than the average joe floating on the web? Yes. The best method for preventative measures is caution. Just because they said ur the 1 millionth customer, doesnt mean that you are. Its the common sense factor. If you can do it, does it pass the logic test? Do you really need the g@y pr0n your best friend downloaded from a server in Tiawan? Ummm no. Add logic to all you do and trust me things will better themselves over time.

Edited by craygee
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0