WARNING: Virus in 'No More Triton LE Thread'

[jazzwee]

Just a warning. MODERATOR PLEASE NOTE.

 

Everytime I open the 'No More Triton LE Thread by Avram, a Virus is intercepted by Norton Antivirus

 

Bloodhound Exploit.38

 

Jazzwee

[pighood]

I just got rabies from opening an envelope. I've ruled out A, D & R. I suspect "S."

[jazzwee]

Anyone who intentionally puts a virus in a post in this forum should be banned forever. When we become a member here we expect some community here. This is really offensive.

[HuskerDude]

[Yoozer]

I can't confirm it - I don't use a virusscanner. The exploit doesn't get through if you have this update here installed > http://www.microsoft.com/technet/security/Bulletin/MS05-036.mspx installed.

 

I'll move it to the moderator forum just in case and see what's in there that might be the cause.

[Diametro]

Yes, when I opened the thread, my virus protection software said the same thing ...

[BillyWa]

I hope is was not my photo of...egads, an Arranger.

 

 

 

[BillyWa]

Originally posted by HomeInMyShoes It's probably my fault, I did suggest originally that he was probably looking for an Ranger. I told you it was the R.

 

[donaldcrunk]

[BillyWa]

YIKES!!!

[jazzwee]

BillyWa, that's a pretty deadly arranger. That turns of the GAS urge in me, let me tell ya (that is, if I would ever want one).

[jazzwee]

There is also a virus in the HOW DID HE DO IT Thread.

 

What's going on here?

[mytee2.0]

 

Originally posted by jazzwee There is also a virus in the HOW DID HE DO IT Thread. What's going on here?

 

 

stop using internet explorer

 

no problems here...

[DINpluggedIN]

The offending code for Bloodhound.Exploit.38 is typically hidden in graphics files, PDFs, etc. The weakness that's being exploited can be read about here:

http://www.symantec.com/avcenter/venc/data/bloodhound.exploit.38.html

http://www.securityfocus.com/bid/14214/discuss

http://www.microsoft.com/technet/security/bulletin/MS05-036.mspx

[zeronyne]

Originally posted by BillyWa

 

Wow, I actually owned and painted that AD&D figure when I was in 7th grade. I think I threw up a little in my mouth.

[Reverend179]

 

Originally posted by zeronyne Wow, I actually owned and painted that AD&D figure when I was in 7th grade. I think I threw up a little in my mouth.

 

 

IIRC that's a figurine from the Warhammer turne based war game.

[kooki_sf]

tra.lala.lala....*prances around in his mac based world of unicorns, butterflies, and lack of virii*

[Khazul]

He *still* hasnt been banned?

 

Avram, Egens and one or two or aliases - ban + IP ban + email ban the lot of them.

[Yoozer]

1) I can't ban people.

2) I've given him a warning, I have yet to receive a reply to that or see if it has worked.

3) You can't be 100% sure - innocent until proven guilty.

4) The exploit didn't set off any red lights here at work.

[Khazul]

Originally posted by Yoozer 1) I can't ban people. 2) I've given him a warning, I have yet to receive a reply to that or see if it has worked. 3) You can't be 100% sure - innocent until proven guilty. 4) The exploit didn't set off any red lights here at work.

 

Shoot first - questions later

 

More seriously - even of this is in doubt - his posts that you have had to moderate arnt.

 

I would say this fits a pattern - and chat with an admin over a pint could be good

[Khazul]

Originally posted by HomeInMyShoes Viruses do exist for Macintoshes, but they are much more rare. Microsoft has done a terrible job with their OS's structure, add in the fact that if you were going to write a virus and wanted to affect the most people what OS would you target, and it's no wonder Windoze is plagued by this stuff.

 

I think that is a a misconception from earlier versions which were bad - all OS's were. I dont see that any of the other modern common OSs are actually any better, and if anything may not be. I certainly remember the years when linux was a joke from an exploits perspective - I had a hand in fixing several of them back in those days.

 

Most viri will target the windows platform - because its the most common by far and thus a lame virus programmer can have the greatest impact and have a chance of hitting both servers and desktops. Its barely worth targetting one of the apple operating systems - that doesnt make it actually more secure at a code level, it just means an apple user is far less likely to be a target and is thus probably alot safer.

 

All OS vendors are in a catch up phase at the moment with respect to code security - some much further ahead than others and throwing *alot* more resources at the problem - in MS case - they actually stopped OS development for several months to *just* focus on reviewing code for potential exploits and fixed alot in the process as well as creating lots of guidelines for ISVs. Cant speak for apple as I dont know - they seem to rewirite their platform ever few years anyway just to annoy developers

 

Whether current windows is now the most secure platform or not - it still only takes one exploit to be discovered to make it worth targetting. And as with all OSs - users need to ensure thay have the latest patches and fixes if thir machine is on a network - so if this particular exploit gets you - well - you have had a year to be prepared for it - shouldnt have switched off windows update - thats usually the real problem (given there are lamers who write viri) - users (regardless of platform) dont keep upto date with fixes.

[BillyWa]

I love how you go to the Microsoft home page and Spybot blocks all sorts of spy and adware. WTF?

[Khazul]

 

Originally posted by BillyWa I love how you go to the Microsoft home page and Spybot blocks all sorts of spy and adware. WTF?

 

 

Could you let me know in more detail - ie specifically what ads/spyware etc you are seeing? I dont get any of that - using ie7b3.

 

PM me if you like.

[BillyWa]

Avenue A. Not even sure what that is.

[Khazul]

 

Originally posted by BillyWa Avenue A. Not even sure what that is.

 

 

OK - your browser has been hijacked. Sounds like an adware hijack that random throw up ads, popups etc and sometmes they do so when you visit specific sites - ms.com would be an obvious choice to ensure ms get the blame.

 

I suggest trying anti-spyware app on it. Also look in the IE plugins - you could disable it from there. What version of windows are you running - is it pre XP+SP2?

 

There are NEVER any third party popups on microsoft.com and certainly there would not be adware/spyware. I dont even think microsoft themselves use popups except for the occasional customer feedback survey thing.

 

[Disclaimer - personal observations/opinions only].