Bad virus

[Major Fubar 0]

Anyone know a good, free antivirus prog for Win XP?

When I was on Win 98, I always used Norton Gold, but the version I have can't install on XP.

If there are no good freebies around, I'll guess I'll have to shell out for new software (1 or 2 less lapdances next week I guess )

[Koolkid101 0]

Anyone know a good, free antivirus prog for Win XP?

When I was on Win 98, I always used Norton Gold, but the version I have can't install on XP.

If there are no good freebies around, I'll guess I'll have to shell out for new software (1 or 2 less lapdances next week I guess   )

Don't people get shot in those kind of bars?

[bn880 5]

LOL

Lapdances versus protection. Hmmm

[5hole 0]

Anyone know a good, free antivirus prog for Win XP?

When I was on Win 98, I always used Norton Gold, but the version I have can't install on XP.

If there are no good freebies around, I'll guess I'll have to shell out for new software (1 or 2 less lapdances next week I guess   )

Housecall.

Web-based, but should do the trick for the moment. I cannot stress enough that you really should go out and buy a good AV program. A lapdance or two is NOTHING compared to all the ones you'll miss while you're home formatting your HD...

-5hole

[FSPilot 0]

I'm behind a router so I don't really have to worry about hackers that much, but we still keep norton up and running all the time in case I open an infected email or something like that.

[edc 0]

I belive my ISP's said something about blocking port 135, because of viruses/hackers/etc.  I've got a router too(i disabled the firewall though, causes problems in AIM) and still have Norton(though the demo period ran out, it still can scan your HD but I'm not spending my $$ to get updates, maybe I can convince my parents).

[theavonlady 2]

but I'm not spending my $$ to get updates, maybe I can convince my parents).

This is a big mistake, IMO.

[Major Fubar 0]

OK, you've convinced me...I'll buy a decent AV program.

What's the best Win XP compatible one going?

[theavonlady 2]

OK, you've convinced me...I'll buy a decent AV program.

What's the best Win XP compatible one going?

Norton.

BTW, I downloaded and installed all of the BAS Blackhawk files being mirror at The FAQ. I ran a fully updated NAV and scanned my Windows directory. All clean! Nothing found.

[Mister Frag 0]

I belive my ISP's said something about blocking port 135, because of viruses/hackers/etc.  I've got a router too(i disabled the firewall though, causes problems in AIM) and still have Norton(though the demo period ran out, it still can scan your HD but I'm not spending my $$ to get updates, maybe I can convince my parents).

You should really keep the firewall enabled, and configure it to open the AIM port. By default, it uses TCP port 5190 I believe, but that can be configured.

Some of the problems mentioned in this thread could easily be avoided with a firewall. It would protect from the RPC exploit that is currently going around (best case: your computer shuts down or restarts because of the Recovery configuration in the Services applet; worst case: some nasty payload gets executed on your PC, and then all bets are off), as well as Magic Packets that can turn PCs on when received by the network adapter.

[waffendennis 0]

Well if you have WinXP and your PC is restarting all the time... Then you have the Bug from WinXp and you need to get the latest patch that fix that Bug

[Mister Frag 0]

Well if you have WinXP and your PC is restarting all the time... Then you have the Bug from WinXp and you need to get the latest patch that fix that Bug  

Of course, you should always apply all Hotfixes and Security Updates that Windows Update offers.

But it is important to note that unsolicited traffic from the Internet wouldn't even get to a computer that is behind a half-way decent firewall.

Also, the RPC buffer overflow bug is present in all NT-based Windows operating systems, not just XP.

[Schoeler 0]

Ok, update. I just came back from work and DL'ed adaware software and found 119 processes at work on my computer! Quarrantined most and deleted the ones I could. Nice little free program.

Then, I DL'ed the W32.Blast virus fix from symantec, shutdown my internet connection and ran the program from the desktop and voila! it found that virus. Needless to say, I still have something at work because I still can't reinstall my Norton 2003 Professional edition. It nearly completes the installation then rolls back the whole thing. I did manage to update virus defs on my Norton Corporate Edition and am currently running another scan.

[SpecOp9 0]

Yea I currently have a little nerd from the OFP community wasting his life on my computer.

I keep getting an NT AUTHORITY/SYSTEM error.

I have no idea what this is, but Malboeuf said it was a trojan and somebody is activating this Batch file that shuts down my computer.

This is getting extremely annoying.

The message has not been popping up. So I guess the little nerd went to sleep finally...

But yes very annoying.

It's sad to think Freckle-faced, buck tooth, glasses wearing nerds find pleasure in fooling around with somebody elses computer.

Not only that, but I think Virus protection software should track down the sender and send a message to your local police department so they can bust whoever the hell has no life.

Just my thoughts...

[theavonlady 2]

Yea I currently have a little nerd from the OFP community wasting his life on my computer.

What anti virus and firewall programs are you running? Are they fully updated? Do you shut them down at times?

[Mister Frag 0]

An AV program is very important, but so is a firewall. Without one, someone could exploit open shares or buffer overflows and deposit a payload on your computer.

If that payload runs as a root kit in Ring 0, it can hide itself from any AV scanner -- the virus file(s) may exist in a given directory, but FindFirst/FindNext calls (and thus the Explorer shell, CMD prompt, and AV scans) won't see it. It can also hide itself from the list of running processes, or when enumerating other handles.

[Schoeler 0]

That Trojan was entirely a separate bug than the W32.Blaster was, so I probably have the same little dickhead spying on me too.

Hey geek, get a life, find a girlfriend and grow up!

[theavonlady 2]

If that payload runs as a root kit in Ring 0

/sometimes i cant help wondering whether pcs were designed by quack dentists

[Mister Frag 0]

I have no idea what this is, but Malboeuf said it was a trojan and somebody is activating this Batch file that shuts down my computer.

It's not a batch file, it's the default recovery setting for the RPC service.

Go to Control Panel -> Administrative Tools -> Services -> Remote Procedure Call (RPC) -> Properties -> Recovery, and there you can change it.

However, I would suggest that you don't -- it is there to protect you. The worm is not perfect, and the RPC service detects a fault resulting from the attempted buffer overflow exploit, shutting the machine down.

Just install a firewall -- enable XP's built-in one if you must, or get ZoneAlarm, which is much nicer. Better yet, get a router with a firewall that supports SPI (Stateful Packet Inspection) and UPnP (Universal Plug-and-Play). The former is crucial, and the latter is becoming more and more important, and the only way to get full Windows/MSN Messenger functionality, for instance.

[benu 1]

Yea I currently have a little nerd from the OFP community wasting his life on my computer.

I keep getting an NT AUTHORITY/SYSTEM error.

I have no idea what this is, but Malboeuf said it was a trojan and somebody is activating this Batch file that shuts down my computer.

Any more info on this one? A friend of mine has the same problem. Probably one of the security holes that popped up in the last few weeks?

I never had any virus/trojans, and i think the best one can do is to always install security patches, disable services one does not need and configure ie/oe to never run active content. Or better, as ie/oe (and media player and and and, the list goes on, i get the feeling in win everything has to be able to run code) have a tradition of executing code even when they are configured not to do so one should not use them at all but mozilla/opera/firebird/pegasus/eudora/thebat/etc. Next important thing is a virus scanner with UP-TO-DATE signatures. There are free ones too. You don't have tu run the guardian/monitor all the time but you should make a habit of checking files you downloaded that are executable (.exe especially). Least important is firewall, if it is a personal firewall you can probably turn it off at all and have no change in security at all.

[Schoeler 0]

I still can't reinstall my Norton 2003 Professional. It just rolls back the entire installation in the last 8 seconds. Tomorrow I'm buying a bigger harddrive and reinstalling my OS, then I'm going to build a bombproof firewall. Take that Geek!

[CrunchyFrog 0]

http://www.cnn.com/2003/TECH/internet/08/11/internet.attack.ap/index.html

[theavonlady 2]

http://www.cnn.com/2003/TECH/internet/08/11/internet.attack.ap/index.html

There you have it, folks! The source of the "BAS Virus".

[Schoeler 0]

Chalk it up to coincidence and unfortunate timing for the BAS release date.

[Balschoiw 0]

Have the virus

I have no virus scanner installed, so I am a bit panicing atm.

Reinstall is not an alternative. To much data on my drives.

I hope I can fix it without 1230 restarts.