Virus Warning - All Members Please Read

[KOPBET]

I ran a scan just the other day, now today I came up with an infected file. McAfee cleaned the .exe file alright, but I'm left with these "Potentially Unwanted Programs" which I've quarantined until I find it's ok to delete them. Tell me it's ok to delete them.

My concern is: "ieaccess2.dll" and "BrowserToolbarLoader.exe", both of which appear in several locations.

HELP!! ;help

Ken ...:nono

IEAccess is an ActiveX control used to download and install premium-rate dialers, primarily for porn sites.

Xupiter toolbar is one of the biggest spyware threats out there besides Gator. Ditch 'em all. Xupiter can be fairly prolific so be sure to search for removal instructions for registry entries this POS puts on your PC. Sadly, you agreed at some point to install it.

Will somebody please tell the world that "cookies" are not SPYWARE? Don't sweat the small stuff.

 

[Gorgon]

News of how business and personal productivity has slowed due to these virues(viri) reminded me of some quotes from Ernie Ball guitar string corp.

They actually got busted on a software licensing lawsuit and dropped ALL microsoft products from their entire company use.
And survived, is saving $, time, and more.

Check it out - They decided not to go with Apple since Microsoft invested 150$ mill. in Apple.
At that time Apple's Market Cap was about 22 billion, and $150 million is only about 2/3rd of one percent (and it was non voting stock too). I will say he was being a flake and just looking for an excuse not to use Apple. Someone must have said "I told you so, you should have used Apple" and he got ****ed and decided to not go with them either, no matter what.

The Link:
http://news.com.com/2008-1082_3-5065859.html?tag=lh

Chalk up another win for open source. It's good to see success stories like this.

Leon

 

[oldace84]

Also of some note, for users of WIN98/WIN98SE/ME/, should go to microsoft update page and get the latest explorer fixes/updates. WIN XP also.
Right?
tony

 

[KOPBET]

Rather users of WIN/ME should reformat and install W2K or XP.

 

[Rob]

Also of some note, for users of WIN98/WIN98SE/ME/, should go to microsoft update page and get the latest explorer fixes/updates. WIN XP also.
Right?
tony

Right. If you use MS Windows/Explorer, make sure you update your web browser periodically.

 

[Rain]

Cnet Asia reports on a Chinese initiative to eliminate Windows dependence:

New turn of events:

A new policy from China's governing body states that all government ministries must buy only locally produced software at the next upgrade cycle.
The State Council's move, aimed at breaking the dominance of Microsoft on desktop computers, will eliminate Microsoft's Windows operating system and Office productivity suite from hundreds of thousands of Chinese government computers over the next few years.
Gao Zhigang, an official with the Procurement Center of the State Council, told reporters that the new policy will be in place by year's end.
At a special congress held to encourage ministries to upgrade to WPS Office 2003, a China-made office productivity suite, Gao said the government will purchase only hardware preinstalled with domestic operating systems and applications. Those seeking exceptions will need to submit a special request.

 

[cntrhub]

Since I don't use Norton or other Firewalls anymore, I can tell when I have an infected computer. I open My Computer, click C:, then Windows, click Show Files. I click Temp Internet Files, go to the top bar, click Edit, then click Select All on the drop down box. Then to the left, I click File, select Delete at the drop down box, hit it, and watch the icons clear. Now if something stays in the Temp File folder, I know I have a problem. If I see a clear file with no icons, I'm home free. Just to make sure, I reboot, and go right back to Temp Files before loggin on to the internet. I open it and hope no icons are showing. IF none pop back on, I have a virus/bug/worm free computer. You can do the same with Temp also. Just thought I pass that along if you're wondering if your anti-virus is working.

 

[Ken]

I haven't had anything come back since I first caught it the other day. I deleted the suspicious files and cleaned out any cookies I didn't want (I now watch that on a daily basis. ), now things are clear. I haven't even had an "endad" pop-up in weeks--knock on wood. :eyerole

And I'm tellin' you guys, I never, ever visited a porn site--I can't afford it! :L

_ken

 

[Rain]

Just read this today:

Triggered by a Microsoft's full-page "Protect your PC" ad in the Wall Street Journal, Russ McGuire wrote a column about How Microsoft Fuels Internet Terrorism in the way its develops and distributes Windows, offering a solution to the problem:
Bottom line, thanks to the powerful tools (or should I say weapons) that Microsoft has built into their products, criminals now dominate the Internet. Common citizens don't feel safe anymore. They fear that their thousand dollar computer investment will be destroyed by these criminals, and due to the increasing unusability of the Internet, in many respects they already have been. I hate to say it, but maybe these terrorists have won.
In their full page ad, Microsoft provides three "simple" steps to protect your PC. I'd like to propose a different solution - a single step solution: Either buy a Mac, or switch to Linux.

 

[67HEAVEN]

Re: Just read this today:

I'd like to propose a different solution - a single step solution: Either buy a Mac, or switch to Linux.

I am certainly no fan of WinDoze, but wanna bet that if everyone switched to Mac or Linux, the virus-writers would too. No code is completely safe........the virus-writers are simply going where the action is.

We switch......they switch. You can take that to the bank.

 

[KOPBET]

Re: Re: Just read this today:

I am certainly no fan of WinDoze, but wanna bet that if everyone switched to Mac or Linux, the virus-writers would too. No code is completely safe........the virus-writers are simply going where the action is.

We switch......they switch. You can take that to the bank.

Agreed. And Linux has NEVER been "safe".

 

[Gorgon]

Re: Re: Re: Just read this today:

Agreed. And Linux has NEVER been "safe".

In what way?

 

[KOPBET]

For example, this is a list of OS vulnerabilies in 2001 as of October 2001.

Bugtrax 2000:

Where is Linux on these lists?

 

[Gorgon]

Interesting. Do you have a link to the article? Or an explanation of the vulnerabilites? I've seen people lump Apache vulnerabilities in with Linux when they are two different things. I see that IIS 4 is listed separately from WinNT4, yet I don't see a separate listing for IIS for Win2k. Did it just not make the list? Or are those vulnerabilities lumped in with Win2k.

From 2000 to 2001 Win2k dropped its number of vulnerabilities from 52 to 24. Is this due to patching and updates supplied by MS? This would seem to be the case. So in the year that RH 7 was in the market no one bothered to patch the system?

Now I don't believe that Linux is Fort Knox. I'm just curious as to how some of this really compares and how this list looks for 2002 and 2003.

Leon

 

[oldace84]

My antivirus program (Norton), always on, even checks my e-mail.
Just an update. Only $14.95 for a year of updates, nothing is free anymore.
Just an FYI.
tony

 

[Gorgon]

Never mind. I found the web site where this data was collected. Hardly an accurate comparison. I leave you with a quote from the website.

Several things should be taken into consideration when interpreting these numbers:

* These numbers are dated; the collection and calculation of data stopped in early August 2001 due to a site migration issue. We are currently working on this issue and should have it resolved in the near future.

* There is a distinct difference in the way that vulnerabilities are counted for Microsoft Windows and other operating systems. For instance, applications for Linux and BSD are often grouped in as subcomponents with the operating systems that they are shipped with. For Windows, applications and subcomponents such as Explorer often have their own packages that are considered vulnerable or not vulnerable outside of Windows and therefore may not be included in the count. This may skew numbers.

* This is a simple raw count of the vulnerabilities in our database that are associated directly with an operating system. The factors mentioned above were not taken into consideration when generating these graphs.

The numbers presented below should not be considered a metric by which an accurate comparison of the vulnerability of one operating system versus another can be made.

Seeing as how I cannot uninstall IE from a Windows install and I can uninstall ANY of the "subcomponents" from Linux, I don't see how they collect the data the way they did. I find little valid information in any of this data.

Leon

 

[Ken]

Ok, we all know that I am a moron, but how on earth do I get rid of a message that's infected on the server but not downloaded yet. McAfee's VirusScan tells me that there is a tainted message, and that it's been deleted, but my mail just sits at the server and won't come to me. Every time Outlook goes to retrieve the mail, McAfee alerts me to a virus, but the message with a virus must be holding up delivery of the rest. It seems that I must delete it from the server before things will work again, but for the life of me I cannot remember how I remedied the situation the last time, and it was only a few weeks ago!

;help

 

[KOPBET]

Gorgon

The point of the post was not to compare one against the other. The point was that "switching to Linux" will not protect your PC. Linux has a ton of its own vulnerabilities. But, since you questioned the above, consider this:

Microsoft Windows XP and Red Hat Linux 7.2 were released within a few weeks of each other. Both are still current and are actively supported by their respective vendors:

For Red Hat Linux 7.2, go to the Red Hat "errata" page https://rhn.redhat.com/errata/ and from there to the page specific to version 7.2 https://rhn.redhat.com/errata/rh72-errata.html. You'll see that, to date, Red Hat has issued 170 or so patches and updates (mostly for security issues; that's what the "broken lock" icon means) for that Linux version.

Next, do the same thing for XP Professional, starting on Microsoft's errata page, the HotFix & Security Bulletin Service; use the pull-down menu to isolate just the XP-related items. You'll see that the page lists about 34 XP-specific patches and updates to date.

Maybe that's not a fair count. XP is the newest Windows version, but RH 7.2 isn't the newest Linux version. Red Hat's newest version is actually version 9.0, so let's look at that. Its errata page lists about 44 security patches and bug fixes issued since the operating system has been available.

"Linux will make you safe and protect you from the Microsoft plague!"

uh huh.

 

[Gorgon]

I understood the point of the post, Linux is not as secure as some think. I was just taking the time to differentiate OS vulnerabilites versus system vulnerabilites.

Red Hat is one of the largest distributions of Linux in that it includes a large number of programs so that you don't have to go to different sites and download all your favorite programs. This includes Ximian Evolutions (for mail), Mozilla (web browsing), Apache (web server), GIMP (Graphics), Open Office (Office suite),etc. I remember seeing an errata to patch a vulnerability in TuxRacer, a video game. To make a valic comparison, I guess you would have to filter through the vulnerabilites that are listed for RH and determine which are OS/kernel related and are included program related. If you compare this to a distribution such as Slackware, the number of vulnerabilites are greatly reduced due the lack of included packages in the distro. RH9 is three CD's worth of binary installs while Slackware 9 is one.

As to XP, they only list OS fixes. This list does not included IIS, IE, Office, let alone any third party program that the user may install that will compromise their system.

I think we are both on the same page as to PC security. I just felt the need to expand on some of the data presented.

Leon

 

[KOPBET]

Yep we're probably on the same page and that is good.

Ok, I'll throw in the 15 or so IE hot fixes and cumlative patches, as long as we don't count just Linux kernel issues since most 'nix vulns aren't with the kernel anyway, they are program problems like buffer overflows in stuff like sendmail, KDE, RPC, telnet, Apache, etc. And of course MSOffice isn't bundled with XP either, and, just like Apache or sendmail, you don't have to install and use IIS, SQL or Outlook. Or use I.E for that matter. Amazingly, the worms every one hears about these days are only able to exploit KNOWN vulns because admins and others don't take the time to obtain a freely available and easily installed patch. If admins would have patched SQL and IIS, worms like slammer, code red wouldn't have been able to do what they did, regardless of whether it was Windows or Linux (slapper, scalper) that was the base OS.

And don't forget ... the Klez virus runs on Linux platforms now too! (along with ELF and others).

What really gets my goat is when people who get hit by a worm or virus that exploits a known vulnerability that has had a fix for several weeks or months (i.e code red), bashes MS to high heaven when they themselves failed to keep their own house in order by patching! [Step off soapbox].

I have used and enjoyed MS products for years and they even help pay for everything I own so I probably won't throw the baby out with the Linux or Mac bathwater. And, as long as I do my job and keep the systems I'm responsible for updated and patched, I will hopefully continue to have a ... CORVETTE!!!