An online virus scan says it's a Win32 virus. How can a Win32 file run on
her Mac?
I'm not a Mac user so please be gentle with me!
VIRUS: <http://www.datafilehost.com/download-ab00f13c.html>
SCAN RESULT: <http://preview.tinyurl.com/y9c584n>
Well, the virus isn't running (exe "files" cannot run on a Mac).
The file is said to be a Win32 virus by the scan because, wherever the
file is (Win32 disk or Mac disk), it's still a virus: the data of the
file hasn't changed: if you copy the file back to the Win32 machine,
it'll act like it would previously. So the scan sees the file (by
examining the file's content) and knows it's something that, if running
on a Win32 computer, is a virus.
As for why it cannot be deleted, there are plenty of reasons (file
locked, file in use, etc.). You may want to know the exact message she
is seeing.
It can't, but that doesn't mean it can't *be* on a Mac.
> A friend says her Mac has a file (called TUD.EXE) in the recycle bin which
> can't be deleted.
>
> An online virus scan says it's a Win32 virus. How can a Win32 file run on
> her Mac?
>
> I'm not a Mac user so please be gentle with me!
It can't run (without Windows running in some fashion). There are no OS
X viruses...never have been.
http://www.sophos.com/security/analyses/viruses-and-spyware/osxleapa.html
Her file TUD.EXE can't be deleted from the recycle bin of her Mac. I
thought the reason for not being able to delete the file is because
TUD.EXE is actually running.
What other reasons should she look at?
It would be nice to get something to delete the file, but it is said the
virus (on Windows) infects lots of other files. This means deleting it
may not solve the problem at all.
What checks or tests should my friend do?
--
TUD.EXE :-
Doubtful.
> What other reasons should she look at?
Try using the master account and delete it from there.
Try moving it from the trash to a folder on the desktop (maybe rename
it) - then delete the entire folder.
> It would be nice to get something to delete the file, but it is said
> the
> virus (on Windows) infects lots of other files. This means deleting
> it
> may not solve the problem at all.
It won't be running.
> What checks or tests should my friend do?
Search the web for 'undeletable files on Mac' or 'emptying trash on Mac'
and try some of the suggestions offered.
> http://www.sophos.com/security/analyses/viruses-and-spyware/osxleapa.html
OK...the standard qualifiers...no OS X viruses so long as there is no
physical access, special rights, or PEBCAK.
There is nothing standard about limiting the definition of virus just to
suit your argument.
It is a virus for the Mac - and runs on OS-X
http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html
There is nothing about that Mac OS that excludes the possibility or
viruses.
> Her file TUD.EXE can't be deleted from the recycle bin of her Mac. I
> thought the reason for not being able to delete the file is because
> TUD.EXE is actually running.
Linux (and I assume osx) doesn't lock a directory entry, just because
a copy of the executable happens to be running.
Deleting a file (aka unlink) just removes the directory entry. The
inode used by the file will remain in use (by that file), until all
programs that have the file open, are closed, at which time the
space will be available for reuse.
A common example where this matters, shows up when a log file is
filling the disk, due to some program generating an error message
in a loop. Deleting the log file does not free up the disk space,
until the syslog daemon is stopped/restarted.
Not being able to delete the file would be caused by either file
ownership, or file permissions.
Most likely, the file is marked as read only. I expect right clicking
on the file, in the file manager, and then selecting properties would
allow the write permission for the user to be turned on.
Regards, Dave Hodgins
--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)
> On 00:10 24 Jan 2010, FromTheRafters wrote:
>
>> "Gavin" <inv...@nomail.com> wrote in message
>> news:Xns9D09E7D7...@160.sjc.astraweb.com...
>>>
>>> A friend says her Mac has a file (called TUD.EXE) in the recycle bin
>>> which can't be deleted.
>>>
>>> An online virus scan says it's a Win32 virus. How can a Win32 file
>>> run on her Mac?
>>
>>
>> It can't, but that doesn't mean it can't *be* on a Mac.
>
> Her file TUD.EXE can't be deleted from the recycle bin of her Mac. I
> thought the reason for not being able to delete the file is because
> TUD.EXE is actually running.
>
> What other reasons should she look at?
>
> It would be nice to get something to delete the file, but it is said the
> virus (on Windows) infects lots of other files. This means deleting it
> may not solve the problem at all.
>
> What checks or tests should my friend do?
Gavin, here is a help page from Apple. Basically, the first thing to do
is check to see if the file is locked. You can see that from the Get
Info. Move the file to the desktop, right click or control click and
select Get Info. In the dialog box at the bottom it will show a lock -
open is not locked, closed is locked. You should be able to click off
the check box to unlock it. If this is the reason, then you should be
able to empty the trash. Another option is to hold down the Option key
while emptying the trash.
Here is the link: http://support.apple.com/kb/HT1526
--
John Gentile
Newsletter editor
Rhode Island Apple Group
> There is nothing standard about limiting the definition of virus just to
> suit your argument.
>
> It is a virus for the Mac - and runs on OS-X
The point is...OS X cannot become infected without "help." Can't say
that about Windows.
Truth be told, Windows requires help as well. A virus doesn't magically
execute itself. In almost ALL infection cases, the user can rightfully be
blamed.
--
"Is there anything in Guul Draz that doesn't suck the life out of you?"
- Tarsa, Sea Gate sell-sword.
Yes, I can. If a program runs, it is because the user supplied power to
the machine. The OS or related programs can invoke other (infected or
otherwise malicious) programs to run.
Whether or not user interaction is required, is *not* part of the
definition for virus or worm.
Many definitions do (wrongly) make a point of whether or not user action
is required, but that is a red herring.
Nothing to add, eh?
No. But if she starts a virtual Windows session, it can run in that. If
she never does that, she can ignore TUD.EXE.
>> I'm not a Mac user so please be gentle with me!
>>
>>
>> VIRUS: <http://www.datafilehost.com/download-ab00f13c.html>
>> SCAN RESULT: <http://preview.tinyurl.com/y9c584n>
>
>
The easiest solution is to take the Mac to a an Apple store, or at least
go there for advice. They are very helpful.
But if you want to do it yourself, Google on "Mac anti-virus software",
you'll find quite a few. (Macs are _not_ immune!) For advice on which is
best, go to a newsgroup for Mac users. You can also ask there about how
to change the permissions on any file so that you can delete it, which
in this case may be the best way to go. I've posted questions on
seattle.users.macintosh and received courteous replies. it's not a very
active group, though.
HTH
wolf k.
> But if you want to do it yourself, Google on "Mac anti-virus software",
> you'll find quite a few. (Macs are _not_ immune!) For advice on which is
> best, go to a newsgroup for Mac users. You can also ask there about how
> to change the permissions on any file so that you can delete it, which
> in this case may be the best way to go. I've posted questions on
> seattle.users.macintosh and received courteous replies. it's not a very
> active group, though.
There are not now nor have there been any OS X viruses in the wild. Any
infections depend on physical access, special rights, or PEBCAK.
That's nice to know....
OTOH, I found this:
http://www.clamxav.com/
and this:
http://www.macforensicslab.com/ProductsAndServices/index.php?main_page=document_general_info&products_id=174
NB the last paragraph. (The date of the post is early 2008, since it
references items dated 2007-12-31.)
Quote:
Mac OS X (Including Mac OS X 10.5 Leopard)
All successful, and most plausible, malware attacks on Mac OS X have
occurred in the last 2 years with the last quarter of 2007 being
particularly prolific. Market penetration and overall sales of the Mac
OS X system have directly mirrored development of malware, a phenomenon
also demonstrated with other operating systems such as Microsoft
Windows. Based on this data there is no reason to believe the trend will
not continue as Apple continues to increase their market share.
The concept of the economy of scale has historically meant that malware
authors have not previously considered the Mac a viable target. This
protection is being eroded by the increase in size of the Mac user base.
IDC analyst Chris Christiansen is warning Mac users of the growing threat.
"Most Mac users take security too lightly. In fact, most are quite proud
of the fact that they don't run any security at all," Christiansen said.
"That's an open door; at some point it will be exploited."
http://www.macnn.com/articles/07/12/31/mac.os.x.a.growing.target/
“Apple users, your days of worry-free web surfing could be numbers. A
Mac internet security and privacy software maker has discovered what is
believed to be the first professionally crafted in-the-wild malware
targeting the Mac Operating system.”
http://www.scmagazineus.com/Trojan-targets-Mac-users/article/58290/?source=PSGL1SCM1001&gclid
cheers,
wolf k.
Yes there has.
http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?vname=OSX_LEAP.A
> Any infections depend on physical access, special rights, or PEBCAK.
Excluding malware that exploits software vulnerabilities, and malware
that requires exploiting user's bad habits (mostly worms and trojans),
then "yes" perhaps there aren't any of those for OS-X in the wild up to
and including this point in time. However, you seem to be implying that
this trend will continue due to some sort of "security" built into the
OS. It might be worth noting that "viruses" do not depend on any
functions other than what users are normally supplied by the OS.
http://vx.netlux.org/lib/afc08.html
Having a secure OS (and adhering to safe computing practices) is a good
thing, but it won't stop "viruses" from being able to spread on that
platform or any other.
> Yes there has.
>
>
> http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?vname=OSX_LEA
> P.A
PEBCAK
> Excluding malware that exploits software vulnerabilities, and malware
> that requires exploiting user's bad habits (mostly worms and trojans),
> then "yes" perhaps there aren't any of those for OS-X in the wild up to
> and including this point in time. However, you seem to be implying that
> this trend will continue due to some sort of "security" built into the
> OS. It might be worth noting that "viruses" do not depend on any
> functions other than what users are normally supplied by the OS.
Software maybe...but the operating system, no. I wasn't implying
anything...maybe there will be an infection in the future...but nine
years is a pretty good record, far better than any version of Windows.
And it has nothing to do with market share; it has everything to do
with the basic design of the operating system.
Irrelevant to your assertion: "There are not now nor have there been any
OS X viruses in the wild." (that you edited out).
[...]
>> you seem to be implying that this trend will continue
>> due to some sort of "security" built into the OS.
[...]
> Software maybe...but the operating system, no. I wasn't implying
> anything...maybe there will be an infection in the future...but nine
> years is a pretty good record, far better than any version of Windows.
Indeed!
> And it has nothing to do with market share; it has everything to do
> with the basic design of the operating system.
It has to do with *both* of those things.
It also has to do with the unreasonable hatred of MS and Windows IMO.
Odd, since Stevie Joeboy is the real megalomaniac, not Willie Wallholes.
Apple gets away with anti-competitive practices that make other
companies drool with envy.
cheers,
wolf k.
PS: I have 5-year-old Mac Powerbook, so I know whereof I speak. I don't
use it much - the most overpriced, underpowered hardware I ever bought,
with a pathetically insufficient variety and range of software, too. So
why did I buy it? Because I was annoyed at Windows, is why. Dumbass
reason, I know. But who said I always act reasonably? ;-)
Good night all,
wolf k.
One must remember....Apple started as a COMPUTER company....get it?
Hardware! Why would someone making their profits on hardware want
something else to run on it other than software meant for that
hardware. There are other software developers, right? What about M$
attempting to make their software proprietary to their OS?
Apple has become a systems-maker, and of course it doesn't like people
messing with its system. And of course it wants to sell as much software
as possible, at very high prices.
Thing is, I can't "legally" install OS-X on anything other than an
Apple-branded machine. Google "hackintosh" to find out how Apple tries
to stop people from installing OS-X on their own hardware. (This is IMO
shooting yourself in the marketing foot: if you want people to like
Apple, you should make every effort to make it easy for them to have the
Apple experience.) They also control the "apps" on the iPhone. Etc.
> There are other software developers, right? What about M$
> attempting to make their software proprietary to their OS?
Win7 will run on all current PC motherboards, and most older ones. MS
wants you to buy their OS, and makes it easy to install on any hardware.
Even on an Intel Mac, actually, if you know how to re-partition the
disk. Which a PC user probably does, since PC mags are good at helping
people do that kind of thing.
And yes, MS tried to "integrate" their apps into the OS. Windows users
were not amused. Mac users take what Apple gives them, and kiss the hem
of SJ's garment in gratitude.
Where MS and Apple differ IMO is that MS has realised that OS and
software matters more than hardware. That's why MS is teaming with web
service providers, and is trying to position itself as the "cloud"
operator. To do this well, their OSs must be able to run any hardware,
and that's what they are aiming to do. (The same realisation has led
Google to produce its own browser and OS.)
Apple is still hung up on integrated systems, but IMO that's an
obsolescent concept. They tend to be a generation behind, anyhow: the
iPad is by no means the first tablet computer, and is about to be
eclipsed by the next generation of Blackberry. Macs _look_ cool, but are
overpriced for what they do. Their strength (and it's a formidable one)
is that Apple tunes and tweaks the system until it "just works."
And as I've pointed out before, I did buy a Powerbook, and still have
it. I could have had an equally capable Windows laptop for half the
price or less.
cheers,
wolf k.
>One must remember....Apple started as a COMPUTER company....get it?
>Hardware! Why would someone making their profits on hardware want
>something else to run on it other than software meant for that
>hardware.
Asus, the biggest motherboard maker, has no problem with other operating
systems such as Linux running on their hardware.
>There are other software developers, right? What about M$
>attempting to make their software proprietary to their OS?
The difference is that Microsoft licenses their OS to any hardware
manufacturer that wants it. Apple doesn't. For a brief moment they did
license their OS to Mac clone makers but that stopped immediately when Steve
Jobs came back on board.
You could have probably purchased two of those laptops Windows powered
for what you paid for that single Mac. <g> And, if something in the Intel
laptop does die, you can actually replace it with a variety of parts from
different manufacturers in some cases. Intel/PC is like a car you can
modify if you desire, a mac is something you bought from the factory as
is, with very little to no room for any sort of modifications. What horse
power it came with is all it's going to make. You can't install a blower
or supercharger or any other goodies. But your PC sitting there probably
would accept some new goodies if it's a laptop, and lots of new upgrades
and tweaks if it be of a desktop/tower nature.
--
"Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh..
nudge this boulder right down a cliff." - Goblin Warrior
> Harry <harr...@gmail.com> wrote:
>
>>One must remember....Apple started as a COMPUTER company....get it?
>>Hardware! Why would someone making their profits on hardware want
>>something else to run on it other than software meant for that
>>hardware.
>
> Asus, the biggest motherboard maker, has no problem with other
> operating systems such as Linux running on their hardware.
I'm not a personal fan really of Asus. Asus tends to ship the latest and
greatest with not quiet right BIOS's. I understand that when you build it
yourself you are always in some way becoming a beta tester, but to almost
know for sure the board you just bought is probably a BIOS update or more
behind is a bit frustrating. They're too quick to get the boards in
production with all the bells and whistles; only when you hit the horn, the
whistle may not blow; Your brakes might come on instead. *grin*.