i got wormed going from a clean install of windows to the microsoft site for my updates ?
be on the lookout for this guys , it restarts your computer (when you're online)
i had the 'c' and 'f' versions of it,yuk,i feel violated...

i'll attempt to attach a fix thing for it here (from symantec)
it should quickly scan and then kill the sasser worm thing when you double click on it and it doesn't need NAV for it to work
windows update site has all the info if you need it .
apparentley this thing came out a while ago but someone has managed to reincarnate it, bastards! :skull:

i just heard about this worm on cnn today

/me beats Windows users with the Windowsupdate.com stick

i just heard about this worm on cnn today
Our virus gateways stopped some 88,000 (no that's not a typo) instances of it in a day. The estimates are that if you are unprotected, 10 minutes on the Net will do ya (it searches for open ports).

I *highly* recommend Norton Anti-virus - apart form the continuous timely updates (sometimes several times a day if need warrants as it did in this case), in corporate evaluations that we conducted it beat the crap out of the McAfee junk.

We use SAV (Symantec Anti-Virus - the corporate version of Norton Anti-Virus) for 11,000 workstations where I work - I use it on my five machines at home.

I'm trying out Avast! anti-virus on the recomendations of a few forum guys, and it's holding out well so far.

Of course, I have a firewall (XP SP 2's built in jobby) on the gateway, so not much is gonna get in that way - but if it did I'm quite sure my network would withstand any attack.

/me puts on the tin-foil hat and hides in the corner - they're all gonna get me now I said that!

I'm trying out Avast! anti-virus on the recomendations of a few forum guys, and it's holding out well so far.

Of course, I have a firewall (XP SP 2's built in jobby) on the gateway, so not much is gonna get in that way - but if it did I'm quite sure my network would withstand any attack.

/me puts on the tin-foil hat and hides in the corner - they're all gonna get me now I said that!
There is no earthly possible way I'd trust my AV to freeware. You get what you pay for. Anything that doesn't update defs *at least* once a day to keep current is useless today.

As to firewalls, MS' efforts are a joke. Get a decent hardware firewall, close all incoming ports and direct all spurious ports to an IP address on your network that doesn't actually exist.

Microsoft Security? That's an oxymoron, I'm afraid.

=) I have Kaspersky 5 on hand if needed, but I tend to use Brain 1.0 to avoid anything the extra "oomph" would be needed against...

And about MS's firewall? I think you'll find SP2's firewall to be half decent. Enough for home use, anyway!

If someone's really determined to get in to the computer, let them - there's nothing of any interest on it and I can easily restore an image and get back up and running if the worst comes to the worst (it hasn't yet in all my years of computing).

My OS is always updated the second (and I do mean second with SP2) anything's available for it, let the script kiddies do their worst, tbh.

In my experiance, too much security is a bad blankie to hold on to, inconviences the user with a lot of settings and jiggery pokery, and quite minimal gain. I never had Slammer, never had Blaster, and haven't seen hide nor hair of this new jobbie floating about - so I'll take ease of use over deadbolts upon padlocks upon guards.

Don't get me wrong, I wouldn't install a clean XP and put it on the net, I'm not daft...but the tinfoil hat is for special occasions only =)

(and if you want to try and get in to my computer, you have formal permission to drop a file on my desktop or C: drive of your choosing ;) )

Still, even with software firewall turned off, i sincerely doubt that a n00b could just hack into a computer running windows xp. Without hacker programmes, i'm pretty sure windows is very well protected and would not just leave gates open for hackers to exploit. The problem with windows is that in all these years, the basic script of the OS (or what do you call it?) has changed little. An experienced hacker would just need to alter a few codes in his nicely made hacker programme and bingo!

Don't get me wrong, I wouldn't install a clean XP and put it on the net, I'm not daft...but the tinfoil hat is for special occasions only

i actually thought i'd get away with going DIRECTLY to the windows update site
pre NAV install , i was wrong , never again shall that be done by me... :skull:

roj - what exactly is supposed to be with wrong with McAfee VirusScan? I've been using it for years and it has always served me very well. Of course I also have a strong firewall (ZoneAlarm Pro), which is just as important in the case of a worm which seeks open ports; as far as I (and Steve Gibson's port probe test) know my PC is invisible to predators.

roj - what exactly is supposed to be with wrong with McAfee VirusScan? I've been using it for years and it has always served me very well. Of course I also have a strong firewall (ZoneAlarm Pro), which is just as important in the case of a worm which seeks open ports; as far as I (and Steve Gibson's port probe test) know my PC is invisible to predators.
On the issue of noobs getting thru the firewall (this isn't aimed at you Brian, it's for Todd - it's just early in the morning here and I'm trying to kill two birds with one stone before heading off to work) - that's not the problem. It's the worms like sasser and the new variant of welchia that just surfaced yesterday (you won't see that in the media yet).

On McAfree - like many a virus prevention tool, it integrates itself very tightly with the OS. The problem is that it does this so sloppily that it can cause far more problems than it is worth (at least one large corporate client that I know of (and shall remain forever nameless) has gotten rid of them for just that reason). Also, when we tested we were unable to get the product to work correctly in our corporate environment. Their engineer came over and attempted to do so - and produced a beta version to install. We do NOT evaluate beta versions for purchase - only production code. Those two issues automatically tossed them as far as we were concerned. Also, my personal observation outside of that is that they are not quite as responsive to new threats as the Symantec folks. In a world containing threats such as sasser, that's a disadvantage.

On MS' firewall - thanks very much but I'll keep my hardware firewall and the rules installed on it over their junk - it won't consume any cycles on my PC and it won't break any software by its mere presence.

=) I have Kaspersky 5 on hand if needed, but I tend to use Brain 1.0 to avoid anything the extra "oomph" would be needed against...

And about MS's firewall? I think you'll find SP2's firewall to be half decent. Enough for home use, anyway!

If someone's really determined to get in to the computer, let them - there's nothing of any interest on it and I can easily restore an image and get back up and running if the worst comes to the worst (it hasn't yet in all my years of computing).

My OS is always updated the second (and I do mean second with SP2) anything's available for it, let the script kiddies do their worst, tbh.

In my experiance, too much security is a bad blankie to hold on to, inconviences the user with a lot of settings and jiggery pokery, and quite minimal gain. I never had Slammer, never had Blaster, and haven't seen hide nor hair of this new jobbie floating about - so I'll take ease of use over deadbolts upon padlocks upon guards.

Don't get me wrong, I wouldn't install a clean XP and put it on the net, I'm not daft...but the tinfoil hat is for special occasions only =)

(and if you want to try and get in to my computer, you have formal permission to drop a file on my desktop or C: drive of your choosing ;) )While I generally keep very cureent on MS security patches (there are exceptions because their patches break other software), unless I see a VERY compelling reason it is extremely unlikely that SP2 will ever see my machine. There is too much stuff that it breaks and it is not friendly to things like DVD Xcopy Platinum. Also I particulary find abhorrent the DRM filth they are including in it. I will NOT use their firewall and AV solutions since they cannot hope to match the solution I already have in place and do not like the fact that it breaks solutions of that ilk by third party vendors. I'm generally quite pro MS but this is going way too far - you cannot graft security on to an OS (any more than you can multiprocessing support) and be successful - that's a ground-up-design decision. Also, slipping in control factors to help the MPAA and RIAA under the guise of "security" (can you spell DRM) is dirty pool. XP may be my last MS OS if that trend continues.

My machines do have a LOT of things on them that are important to me which is why I have the setup that I do. Are there a plethora of restrictive settings? No. However I have firewall rules of varying descriptions and a few ground rules such as no peer-to-peer file sharing programs being permitted on this network - period. Break that rule and you lose access to your machine for a "thinking period". Do it again and you get to use the public library from there on in for your Net access.

Can someone get in if they want to? Sure. Is it a trivial matter? Nope - you're gonna have to work for it. That will generally deter the script kiddies.

Purely out of interest Roj, as I can see you know your onions as far as coporate league security is concerned, what's your take on stuff like BlackICE (the new one from when ISS took over) - it seems some of the people in the USENET security groups (in which I hang about and try and learn a bit more) are split over wether it's a Good Thing (tm) or not.

Ever used it?

And yep, a hardware f/wall would be a great thing to have, I just can't be arsed setting it all up, then making it work with my games, msn, and all that jazz. Not that it isn't do-able, just I see no real problem with my current set-up (and remember I'm not what the media would call a Joe Average), maybe that will change in the future - but my PC runs p2p, ics, and god knows how much other stuff, other boxes just tend to get in the way a bit!

roj - thanks for the insights. I guess the corporate issues with McAfee aren't always evident where a freestanding PC is concerned. As for firewalls, I would never use the Microsoft one; as far as I can see, ZoneAlarm Pro is doing a very effective job of keeping my shields up. Of course it would be so much better if the instigators of security threats could all be shipped off to the Mars colony.

Purely out of interest Roj, as I can see you know your onions as far as coporate league security is concerned, what's your take on stuff like BlackICE (the new one from when ISS took over) - it seems some of the people in the USENET security groups (in which I hang about and try and learn a bit more) are split over wether it's a Good Thing (tm) or not.

Ever used it?

And yep, a hardware f/wall would be a great thing to have, I just can't be arsed setting it all up, then making it work with my games, msn, and all that jazz. Not that it isn't do-able, just I see no real problem with my current set-up (and remember I'm not what the media would call a Joe Average), maybe that will change in the future - but my PC runs p2p, ics, and god knows how much other stuff, other boxes just tend to get in the way a bit!
Aw man, yer gonna make me late for work (again!). :)

On BlackIce - my bent isn't firewalls, et. al., although I do know a bit about them (I know a bit about many a thing as you may have gathered). I will however ask our other security analysts about it when I get in today. My particular bent is anti-virus, anti-spam and malware.

On setting up a hardware firewall, my settings were arrived at through trial and error with a lot of Net research. Yes, it was a pain in the ass and I caught flack for it when I broke things like instant mressaging file transfer for example or webcam access and then had to figure out a way to make it work while being relatively safe.

My hate on for P2P is based on the vast amounts of malware that generally accompany it and can choke a machine's performance - Kazaa for example, is filth, pure and simple. By "malware" I mean browser hijacks, etc. - that sort of thing.

Gotta run folks - later! (something has to pay for this online time) :)

Purely out of interest Roj, as I can see you know your onions as far as coporate league security is concerned, what's your take on stuff like BlackICE (the new one from when ISS took over)
Quick update on the above:

It appears our firewall analysts aren't particularly sanguine aobut this new release. I'll have more details later when I get some time.

My hate on for P2P is based on the vast amounts of malware that generally accompany it and can choke a machine's performance - Kazaa for example, is filth, pure and simple. By "malware" I mean browser hijacks, etc. - that sort of thing.

I agree, Kazaa is spawn from hell :skull: Only after installing it and running it once, you end up with, lets see, 200 adware/malware hits. Nope that can't be good :gasmask:

i actually thought i'd get away with going DIRECTLY to the windows update site
pre NAV install , i was wrong , never again shall that be done by me... My roommate just did the same. Clean install of WinXP and then he thought it would be a good idea to install all Windows updates before installing NAV... After installing NAV he ran a full scan and found 3 vira. :reallymad

At the risk if being called all kinds of nasty names (pausing to don body armor, helmet, etc) I have pretty much had it with bloated overpriced commercial antivirus protection. I use (and have for over 2 years) Grisoft AVG. It has NEVER missed a virus on my system, has daily updates, and is free.

(lowering face shield and ducking)

At the risk if being called all kinds of nasty names (pausing to don body armor, helmet, etc) I have pretty much had it with bloated overpriced commercial antivirus protection. I use (and have for over 2 years) Grisoft AVG. It has NEVER missed a virus on my system, has daily updates, and is free.

(lowering face shield and ducking)
Yeh i'm using avg free edition at the moment too. It seems to work pretty well, and so far has picked up all viruses that have found there way on to my computer. The major complaint i have about it is the method it uses when it finds a virus. Instead of giving you specific options as to what to do, it only recommends a full system scan, and nothing else is done about it!
Generally, download something from the web, i scan it first thing, so a virus doesn't really get the chance to execute, but some don't even require you to manually execute them.... whats going to happen then?
So at the moment i'm looking to get a new antivirus, just not sure what to get...

Yeh i'm using avg free edition at the moment too. It seems to work pretty well, and so far has picked up all viruses that have found there way on to my computer. The major complaint i have about it is the method it uses when it finds a virus. Instead of giving you specific options as to what to do, it only recommends a full system scan, and nothing else is done about it!
Generally, download something from the web, i scan it first thing, so a virus doesn't really get the chance to execute, but some don't even require you to manually execute them.... whats going to happen then?
So at the moment i'm looking to get a new antivirus, just not sure what to get...


Do you have a check mark in the box "Ask what to do next"? It gives you some options.

AVG detected a trojan inside UNDISKER (http://www.undisker.com/) norton didn't , bizarre... :skull:

Most of the problems I usually hear about anti-virus stuff is usually BECAUSE of Norton! I'm always hearing about how its buggered up or its damn tray me-jig has blown up or something stupid like that. Now i have nothing against Norton and its probably because all the problems i've heard about with it are due to it being the crappy home edition "Norton Anti-Virus Personal" or something like that. Which to be honest in my experice has been utter crap. I think the 2004 version thats come out recently is better but i've yet to see that. Now McAfee on the other hand i've never heard or seen a problem with it. I have the latest McAfee VirusScan 8 and Firewall 5. And both seem to perform very well. VirusScan 8 updates 3 times a week which is more then previous verions and the same as Norton (the versions i've seen). So i'm sticking with McAfee! if it ain't broke don't fix it! :o

i don't use norton anymore,i use AVG and zonealarm
i found it easier to reinstall windows than to uninstall norton (so i did)
still pretty spooky that a trojan slipped past an 'expensive' antivirus
and a free one detected it ... i no longer have undisker :skull:

I'm currently using AVG 7 Network Edition and a hardware firewall. I've had a few trojans but that's only because my 13-year old sister always visits those bloody Doll AIM Icon sites :reallymad. Other than that, I haven't had any problems. All I have to say about protecting your computer is that if you have a strong firewall and constantly update, you are still likely to get a virus from somewhere that you will least expect it. If you want really good antivirus though, I recommend you save up and buy the good stuff.