BPsite Forums

Funny, the college I cross-registered to is a tech school, and THEIR e-mail server went down during the same weekend...
while the not-so-tech main college I commute to doesn't seem to have any such problems...


More important stuff:

bah you beat me to it.  my dad told me about this today and I was gonna make a topic about it.  o well

Pfffft, what's with all that crap info?

Only required information:
USE A FIREWALL AND TURN ON WINDOWS UPDATE!

Do that and 99% of all worms/trojans/etc won't reach your system.

Add decent anti-virus software, and anything you download should be scanned & stopped too.

I would, but I cant be arsed to spend the rest of my life configurating a firewall, they piss me off.....

Just use the Windows firewall then - no need to configure it.

It's not as secure as a proper one once stuff is on your system, but it should stop things getting in in the first place.

The windows firewall will stop viruses slipping in, and all but the hardened of hard hackers.  It is lax when it comes to authenticated software accessing the net, like games, which is good because minimal tweaking/ turning off is required so you can do a bit of online gaming.

Plus i have seen SP2 Beta running, and that has an improved firewall, which is supposed to be one of the best around when it is released.  It even comes with security features that can be configured by the user.
Here is a screenie from a beta tester i know:
(http://www.simviation.com/yabbuploads/SP2pic.jpg)

Yeah, heard a lot of good stuff about SP2. Can't wait for it to be released.

Oooh, ask him to send me his RAM please, he can buy some new stuff....

damit I have the virus >.> blargh but used the windows update stuff and installed that stuff and stuff >.> gah  

another version of it is coming out (of the virus i mean)

Rather irked by finding that a trojan smuggled itself into a temp cache folder of Mozilla's FireFox...
and I'm wondering which of the damned sites I visited put itself in there... but I can't remember where I went a month ago :|
it's along the lines of:

Documents and Setting/ Your Name / Application Data * / Pheonix/profile/default/...
* hidden folder
 

Wait, wait... you got a trojan through Firefox? :huh:

that's right...
although more specifically, through viewing a site with FireFox.
I'm suspecting www.lordsoflegend.com of this... (it had a previous record of having trojan/virus-infected pop-ups and crap before)

why i knew it had to be FireFox?
because I looked at the files in the folders.
let's see... bookmarks, plugins, profiles, user id's and passwords...
cookies, history, search, downloads, etc...

what does it sound like? a browser.
and sure enough, when i looked at the user id's and passwords, they were all for places i've only visited with Mozilla FireFox (among other things, this forum, lordsoflegend, kingsofchaos... etc)

checked out another comp that had FireFox, had the same directory layout, but with little or no cache files in it this time.  (well, i didn't use Mozilla as much on this other comp, so that explains a part of it...)

i'll have to be careful :|

Heh. I'm rather ambivalent at the moment. It's bad because trojans=evil, and firefox is no longer an added protection against them.
But it's also good because I know some Mozilla/Firefox evangelists who can no longer [validly] say trojans are an IE-only problem. :D

you know, i was pulling my hair out trying to figure out what program was accessing that "Pheonix" directory in my Documents and Settings folder...
because that name doesn't appear in the Add/Modify Programs list or in the task manager, and i didn't suspect Mozilla until i took a look at the files in the directory... other than the fire relationship between FireFox and Pheonix, there's not much immediate word connection anyway...

what makes me wonder is how trojans/viruses like these would act in non-IE browsers like Mozilla...
maybe not much different? because they are all browsers anyway...

Heheh. Phoenix was the code-name for Firebird, which turned into Firefox. Which is a bit daft, but there you go.

ahhh... that explains it...
i didn't know much of FireFox/FireBird's history :|

right now digging through the directories of other browsers to see if there are similar stuff in teh cache... i know i viewed www.lordsoflegend.com many times with regular IE... although with AdMuncher and other stuff active

Uh... kay...
seems that one of the comps on this LAN got infected with a new strain of worm...
problem? the whole LAN's protected by a router.

tried starting up the comp, the system process SVCHOST.EXE starts to take up 100% of the CPU usage and nothing moves an inch.
force-delete with the Task Manager, another instance of the SVCHOST.EXE starts to take up about 30-40% of the CPU usage, force-delete again.
once that's done, things seem to finally continue... or so you might think.

Norton Antivirus failed to start-up properly, it brings up an error message that it cannot do e-mail protection.
What's more, the computer cannot view websites.
Neither can programs access the internet, and nadda.  Although it seems that the computer can still access the network, and be accessed from the network.

I go into Safe Mode, I do a thorough search...
5-6 instances of a trojan, that's fine, they're deadmeat.
nothing else comes up, so I restart the comp, and see if it starts up properly.

IT DOESN'T.
The same symptoms occur again.

So, 1 out of 4 comps down on this LAN, and I'm betting this WinXP server that I've been running for 31wks 5days 11hrs 25mins will also die if I attempt to restart it.  A version of Norton Antivirus killed my entire access to the internet, including virus definition updates themselves, so I haven't had a proper antivirus program running for that long.

Oh yeah, it's fun.  Probably too late to put up a firewall on this comp...
Take care, everyone, apparently routers aren't enough to stop this new strain, and I'm wondering if firewalls can stop it.

So far, I'm trying to find out what I can about this new worm/virus... if anyone has info, lemme know.

EDIT:
The problem has been solved.
Found out why nothing special appeared on Norton AntiVirus... it WASN'T a worm/virus.
A freakin bunch of spyware crap simply took over most of the bandwidth between that comp and the router... or something along those lines.
Still don't understand why the comp couldn't view websites while it could still access other comps on the same LAN... Mind you, I was able to send files to the comp, and view files through the LAN.
Wonderful lesson on running spyware-detecting programs, eh?

wow.. that exact same thing happened to me about 3 days ago. i got an ad-aware program taht found over 305 spy wares on my machine. nice to know im not hte only target out there   :P  

bah. once a friend of mine was having his computer checked out by a tech cause it was actin really crappy. one of the first things the tech did was run an a/v program.....and found that every single file on his computer (10,000 plus files) was infected with various viri. beat that.  :ph34r: