Ok, I've been using computers for the longest time. I've went through many different operating systems, of course I skipped some, but I went from using DOS-prompt, to something like Norton Desktop or whatever it was I used, I forgot, then to Windows 95, then to Windows 98, now Windows XP.

I use my computer heavily and is online heavily. I do everything from downloading crap, uploading crap, email, making webpages, chatting, playing games, etc. etc.

Never have I EVER contracted a virus. I am always very careful. And I was never under attack by hackers.

Now, on Windows XP, I just found out I had 3 different worms on my computer, and I'm under attack by hackers constantly. What, Windows XP is full of features, so it's full of backdoors? That's gay, please please please fix all this stuff Microsoft!!

<hr>
--"General Hammond, request permission to beat the crap out of this man." -Col. Jack O'Neill -Stargate SG-1
--Capt. Carter: "You think it might be a booby trap?"
â â Teal'c: "Booby?"
--"I'm a bomb technician, if you see me running, try to catch up" -in Russian on a bomb tech's shirt from "The Sum of All Fears"
--"All my life, I've been waiting for someone and when I find her, she's a fish!" -Tom Hanks "Splash"
--"War is not about who's right, it's about who's left." -Anders Russell

Ok, I've been using computers for the longest time. I've went through many different operating systems, of course I skipped some, but I went from using DOS-prompt, to something like Norton Desktop or whatever it was I used, I forgot, then to Windows 95, then to Windows 98, now Windows XP.

I use my computer heavily and is online heavily. I do everything from downloading crap, uploading crap, email, making webpages, chatting, playing games, etc. etc.

Never have I EVER contracted a virus. I am always very careful. And I was never under attack by hackers.

Now, on Windows XP, I just found out I had 3 different worms on my computer, and I'm under attack by hackers constantly. What, Windows XP is full of features, so it's full of backdoors? That's gay, please please please fix all this stuff Microsoft!!

<hr>
--"General Hammond, request permission to beat the crap out of this man." -Col. Jack O'Neill -Stargate SG-1
--Capt. Carter: "You think it might be a booby trap?"
â â Teal'c: "Booby?"
--"I'm a bomb technician, if you see me running, try to catch up" -in Russian on a bomb tech's shirt from "The Sum of All Fears"
--"All my life, I've been waiting for someone and when I find her, she's a fish!" -Tom Hanks "Splash"
--"War is not about who's right, it's about who's left." -Anders Russell

i TOTALLY agree. im just minding my business OFF the internet but like many people in my area, the Cable Modem is always on 24/7 due to it's weird setup.

all of a sudden, a popup appears out of nowhere that my popup blocker does not stop. what kinda crap is this?


also, i dunno how many of you get this but, for some reason, im getting this weird download called "LiveGirls" without my approval. it just downloads into my computer by itself CONSTANTLY EVERYDAY!


whenever im playing a game or w/e, such as Day of Defeat (great mod guys!) it kicks me back into the desktop and i lose my sound.



MICROSOFT! YOU GIVE US ALL THESE SOFTWARE SECURITY UPGRADES LIKE EVERYDAY, MAKE THEM WORTH THE DOWNLOADS PLEASE

--------------------------------------------------

http://www.imagestation.com/picture/sraid38/peb74ef3fbb6a2510dbb4d0e1cc77107f/fd148b6d.jpg


Can't forget about it



http://www.harrelsonfamily.com/USA/bush_ashganistan.jpg

bastages

<hr>
--"General Hammond, request permission to beat the crap out of this man." -Col. Jack O'Neill -Stargate SG-1
--Capt. Carter: "You think it might be a booby trap?"
â â Teal'c: "Booby?"
--"I'm a bomb technician, if you see me running, try to catch up" -in Russian on a bomb tech's shirt from "The Sum of All Fears"
--"All my life, I've been waiting for someone and when I find her, she's a fish!" -Tom Hanks "Splash"
--"War is not about who's right, it's about who's left." -Anders Russell

Oh, anyhow, I think that pop up you had is part of the MS Messenger service, which you can turn off by going to your control panel, performance and maintenance, administrative tools, then double click on "Services" and scroll down until you find one called Messenger. Double click on it or right click it and select properties, and click the button that says stop. Then change the setting from Automatic to Disabled.

You shouldn't get anymore pop-ups.

<hr>
--"General Hammond, request permission to beat the crap out of this man." -Col. Jack O'Neill -Stargate SG-1
--Capt. Carter: "You think it might be a booby trap?"
â â Teal'c: "Booby?"
--"I'm a bomb technician, if you see me running, try to catch up" -in Russian on a bomb tech's shirt from "The Sum of All Fears"
--"All my life, I've been waiting for someone and when I find her, she's a fish!" -Tom Hanks "Splash"
--"War is not about who's right, it's about who's left." -Anders Russell

"all of a sudden, a popup appears out of nowhere that my popup blocker does not stop. what kinda crap is this?"

Peanut_Bidder, chance are you may have an advertising program on your computer. They are usually packed with spyware as well. Adware is common with the now-declining Kazaa. There is an alternative, but I'm not gonna tell you, because I like to support singers by paying for their music.

-Tango47, otherwise known as [BGE]Tanhauser

This might seem weird, but here's a link to a piano tabs site:
http://www.sheetmusicoutlet.com/pvc-pop-2.html

Off-topic you say? Well, it is, however, they have a script on the site that automatically checks your browser for adware plugins, and when detected, it'll show you a message on the top of the page alerting you of the adware you have, and clicking on it will bring you to instructions on how to remove it. Follow them step by step, don't skip any. Give it a try. Get rid of them one by one until you can go to that site without any notices.

<hr>
--"General Hammond, request permission to beat the crap out of this man." -Col. Jack O'Neill -Stargate SG-1
--Capt. Carter: "You think it might be a booby trap?"
â â Teal'c: "Booby?"
--"I'm a bomb technician, if you see me running, try to catch up" -in Russian on a bomb tech's shirt from "The Sum of All Fears"
--"All my life, I've been waiting for someone and when I find her, she's a fish!" -Tom Hanks "Splash"
--"War is not about who's right, it's about who's left." -Anders Russell

Yesh. XP sucks more than a pervert and a puckerfish.

_________________________________________
----====LungTung and Friends====----

http://www.vap3r.com/stunts/uploads/yanyan.jpg

Tango47 wrote:
- "all of a sudden, a popup appears out of nowhere
- that my popup blocker does not stop. what kinda crap
- is this?"
-
- Peanut_Bidder, chance are you may have an
- advertising program on your computer. They are
- usually packed with spyware as well. Adware is
- common with the now-declining Kazaa. There is an
- alternative, but I'm not gonna tell you, because I
- like to support singers by paying for their music.
-
--Tango47, otherwise known as [BGE]Tanhauser

i dont have Kazaa or any form of P2P downloading on THIS computer(and all the other computers no longer have those. i like to pay for the singers too after seeing an message in the movie theater about supporting the people who construct the movie sets and how the supporting people are most affected). i do have however, those Hotbar IE decorations which seem to cause the popups.

--------------------------------------------------

http://www.imagestation.com/picture/sraid38/peb74ef3fbb6a2510dbb4d0e1cc77107f/fd148b6d.jpg


Can't forget about it



http://www.harrelsonfamily.com/USA/bush_ashganistan.jpg

I make my navigation thing on the top as small as possible. I get rid of the links tab completely, and put the menu items on the same level as the navigation buttons, and the address bar right under that. I also use small icons, and have no text labels. So it's only two short skinny rows on the top of my screen, the rest is browser space. So Hotbar would have been a total waste of time, not that I really care how that part looks anyhow.

I choose to not install anything that is "free" but with ads, too annoying.

<hr>
--"General Hammond, request permission to beat the crap out of this man." -Col. Jack O'Neill -Stargate SG-1
--Capt. Carter: "You think it might be a booby trap?"
â â Teal'c: "Booby?"
--"I'm a bomb technician, if you see me running, try to catch up" -in Russian on a bomb tech's shirt from "The Sum of All Fears"
--"All my life, I've been waiting for someone and when I find her, she's a fish!" -Tom Hanks "Splash"
--"War is not about who's right, it's about who's left." -Anders Russell

MS messenger thing and this Worm virus are from some forms of random auto probing. Like the thing Homer Simpson bought that automatically dial people to sell winds. Same thing on Internet.

So those pop up you get are signs that you have open ports, and msblast worm take advantages of open ports. From what I've understand, the virus take port 135 and infect your computer and your computer start to probe in random other IP for another port 135. Plus it create DDoS attack to Microsoft Windows Update to prevent user to get updates and create massive slowdown on the MS website.

This is sad because, M$ released a security patch for that matter last month and millions of PC around the world are now infected because of their lazyness to download security patches. This is why I always leave Auto Updater On by default, I can't understand people desactivating it. In the other hands it always good to have firewall or router. The one native in XP is enough to stop the msblast v. I got no soft firewall but a router and I guess it saved me today (unless the MS patch don't works so well as many stated).

So in my book, XP-2000 doesnt sucks, but the ignorant people are (no offense intended /i/smilies/16x16_smiley-tongue.gif )



<center><a href=http://jonz.no-ip.com>http://www.angelfire.com/ex/jonz/r6g362.jpg </a>
<table style="filter:glow[color=red, strength=5)"><td>-> JonZ Artworks *updated 07-20-03* <-</font> (http://jonz.no-ip.com><font)</table></center>

yeehaaaaaaa, yeeeeeeehaaaaaahaaaaaaaaa, yeeeeeeeBOOOOOOOOOOOOOOOOOOM! - Dr. Strangelove
My english grammar is unéducated and french biased

Yah, the router is supposed to be protection since it masks your internal IP address, but they still got through mine, so, uh, just be careful, haha.

<hr>
--"General Hammond, request permission to beat the crap out of this man." -Col. Jack O'Neill -Stargate SG-1
--Capt. Carter: "You think it might be a booby trap?"
â â Teal'c: "Booby?"
--"I'm a bomb technician, if you see me running, try to catch up" -in Russian on a bomb tech's shirt from "The Sum of All Fears"
--"All my life, I've been waiting for someone and when I find her, she's a fish!" -Tom Hanks "Splash"
--"War is not about who's right, it's about who's left." -Anders Russell

if they got through yours then you have the port 69, 135-139 or 4444 open in some way.

If not there's no way they could break in.

you can check by yourself there:
https://grc.com/x/ne.dll?bh0bkyd2

Open = no good
Closed = risky
Stealth = no way in.

<center><a href=http://jonz.no-ip.com>http://www.angelfire.com/ex/jonz/r6g362.jpg </a>
<table style="filter:glow[color=red, strength=5)"><td>-> JonZ Artworks *updated 07-20-03* <-</font> (http://jonz.no-ip.com><font)</table></center>

yeehaaaaaaa, yeeeeeeehaaaaaahaaaaaaaaa, yeeeeeeeBOOOOOOOOOOOOOOOOOOM! - Dr. Strangelove
My english grammar is unéducated and french biased

it mask your local IP but not your WAN IP

doesn't mean it not accessible, if your puter is in the DMZ then uuugh. otherwise the router may have some forwards that redirect "evil!" packets into your computer masked or not /i/smilies/16x16_smiley-happy.gif

you might check these forwards options

<center><a href=http://jonz.no-ip.com>http://www.angelfire.com/ex/jonz/r6g362.jpg </a>
<table style="filter:glow[color=red, strength=5)"><td>-> JonZ Artworks *updated 07-20-03* <-</font> (http://jonz.no-ip.com><font)</table></center>

yeehaaaaaaa, yeeeeeeehaaaaaahaaaaaaaaa, yeeeeeeeBOOOOOOOOOOOOOOOOOOM! - Dr. Strangelove
My english grammar is unéducated and french biased

Demon_Mustang wrote:
- Never have I EVER contracted a virus. I am always
- very careful.

I still haven't. There are only two ways to contract a virus. 1) execute a file or give one permission to be (which includes installing software) or 2) release it yourself.

- And I was never under attack by hackers.

Oh yes you were, you just didn't know it. I have *never* seen a machine that was online and NOT being probed. Ever. Including dialup. Only once have I ever been directly attacked myself, and I quickly put a stop to that by uninstalling microsoft networking (this was under win98).

- Now, on Windows XP, I just found out I had 3
- different worms on my computer, and I'm under attack
- by hackers constantly.

The only way you got a worm was by accepting it (or failing to block it). Period. You opened an email (this included previewing it), ran an attachment, installed some software (did you know it's pretty common for worms and backdoor software to be embedded into exe files for mods and such, then distributed from a second source?) or something. You clicked yes, or accidentally clicked yes and didn't know it on a web popup. Careful is not perfect. http://ubbxforums.ubi.com/infopop/emoticons/icon_smile.gif And like I said, you've been probed more than all alien abductees combined if you've ever been online. You just didn't realize it. I've been up less than 45 minutes, and I've already got about 8 non-isp related probes. Attacked is another story, and you don't say why you believe you're being attacked.

- What, Windows XP is full of features, so it's full of backdoors?

Pretty much. Actually Microsoft (and most other software companies) biggest problem is that their default settings are the *least* secure, and while the security is there, they leave it up to the user to figure out where they have to configure and enable things. Dumb dumb dumb. What they should do is lock everything down by default, and then let users open things up as necessary. ISP's, particularly cable and dsl are *really* bad about this. There is NO security on most isp networks. They allow all kinds of tom-foolery with and across their routers and gateways. Half the crap that shows up in my firewall is from idiots on my cable node who don't know how to secure their own computers on an insecure network.

And let's not forget that they still haven't integrated virus protection services into the OS, so you have to be running a 3rd party program all the time.

PB:
"i do have however, those Hotbar IE decorations which seem to cause the popups"

I'd bet money that's where it came from. Those little cursor craplets and such are loaded with spyware and adware. There are several little aps out there that will kill all that crap for you.

The site Jon posted is a pretty good one. I encourage a thorough read on securing your pc on a network there.

<TABLE ALIGN=LEFT BORDER=0 CELLPADDING=5 CELLSPACING=5 RULES=NONE COLS=2 WIDTH=80%>
<TR><TD>http://mywebpages.comcast.net/jakal30/nightsig.gif </TD>
<TD><font color=white size=-2>"...the Goddess could not spend all Her time persuading the
Kings and Queens of the world of the idiocy of war. Therefore
She invented tacticians..." - Diane Duane</font></TD></TR>
</TABLE>

Well JonZ, the test of the first 1055 ports showed all green. Think that's only because of the firewall though, I'm sure some of them were open, or at least not "stealth" when I wasn't using ZoneAlarm.

<hr>
--"General Hammond, request permission to beat the crap out of this man." -Col. Jack O'Neill -Stargate SG-1
--Capt. Carter: "You think it might be a booby trap?"
â â Teal'c: "Booby?"
--"I'm a bomb technician, if you see me running, try to catch up" -in Russian on a bomb tech's shirt from "The Sum of All Fears"
--"All my life, I've been waiting for someone and when I find her, she's a fish!" -Tom Hanks "Splash"
--"War is not about who's right, it's about who's left." -Anders Russell

yea just do an attempt without ZA and you might see alot of surprises /i/smilies/16x16_smiley-wink.gif

But fine.

Oh just to add to Ghost:

- There are only two ways to contract a virus. 1) execute a file or give one permission to be (which includes installing software) or 2) release it yourself.

This msblast virus perhaps rule out these rules, because it send packets to DCOM, these packets tell to DCOM service to download MSBLAST.EXE somewhere in net and install it into windows32. It doesn't install directly in your OS but it tell to your OS to install it (which is remotely impossible at this day), and the user isn't involved. nasty isnt it?

I can already see crackers-hackers release that kind of stuffs regulary soon /i/smilies/16x16_smiley-sad.gif

<center><a href=http://jonz.no-ip.com>http://www.angelfire.com/ex/jonz/r6g362.jpg </a>
<table style="filter:glow[color=red, strength=5)"><td>-> JonZ Artworks *updated 07-20-03* <-</font> (http://jonz.no-ip.com><font)</table></center>

yeehaaaaaaa, yeeeeeeehaaaaaahaaaaaaaaa, yeeeeeeeBOOOOOOOOOOOOOOOOOOM! - Dr. Strangelove
My english grammar is unéducated and french biased

Message Edited on 08/13/0312:05AM by JonZ

My router is protecting me pretty good GRC says

<Center>

Is there any way to block msblast from ever being installed again? Like if a file called "msblast.exe" is already in the system32 folder, would it simply let it be, or would it just override this file?

<hr>
--"General Hammond, request permission to beat the crap out of this man." -Col. Jack O'Neill -Stargate SG-1
--Capt. Carter: "You think it might be a booby trap?"
â â Teal'c: "Booby?"
--"I'm a bomb technician, if you see me running, try to catch up" -in Russian on a bomb tech's shirt from "The Sum of All Fears"
--"All my life, I've been waiting for someone and when I find her, she's a fish!" -Tom Hanks "Splash"
--"War is not about who's right, it's about who's left." -Anders Russell

no, unless you desactivate the DCOM service or do some critical windows update and download the concerned patches. If you are already infected it wont get rid of it because your computer will find a way to install it again and again until your computer never boot (some cases). So firewall will not stop it.

Did you completly get rid of the virus? if not you can follow these forums which are good IMO

http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html
(blaster removals)

http://www.dslreports.com/forum/security,1
http://www.dslreports.com/forum/winme

Message Edited on 08/13/0312:25AM by JonZ

- day), and the user isn't involved. nasty isnt it?

Failure to properly secure a machine using the most basic of firewalls constitutes user involvement in my book. I know for the average person who would actually buy a computer from that pimple faced NON-geek at Best Buy who doesn't even know that you can use a molex y connecter as an extender (who said you HAD to plug something into the other y?), it seems unfair. But computers are not dvd players (well, they can be, but you get the point). If you can't program your vcr and get the clock to stop blinking on any and every appliance in your home, you should not be online with a 24/7 connection. http://ubbxforums.ubi.com/infopop/emoticons/icon_wink.gif

Actually, this worm isn't nearly as scarey as some of the other recent developments.

<TABLE ALIGN=LEFT BORDER=0 CELLPADDING=5 CELLSPACING=5 RULES=NONE COLS=2 WIDTH=80%>
<TR><TD>http://mywebpages.comcast.net/jakal30/nightsig.gif </TD>
<TD><font color=white size=-2>"...the Goddess could not spend all Her time persuading the
Kings and Queens of the world of the idiocy of war. Therefore
She invented tacticians..." - Diane Duane</font></TD></TR>
</TABLE>

Demon_Mustang wrote:
- Is there any way to block msblast from ever being
- installed again? Like if a file called "msblast.exe"
- is already in the system32 folder, would it simply
- let it be, or would it just override this file?

Depends on how smart the worm is. Either case is a vaild answer.

<TABLE ALIGN=LEFT BORDER=0 CELLPADDING=5 CELLSPACING=5 RULES=NONE COLS=2 WIDTH=80%>
<TR><TD>http://mywebpages.comcast.net/jakal30/nightsig.gif </TD>
<TD><font color=white size=-2>"...the Goddess could not spend all Her time persuading the
Kings and Queens of the world of the idiocy of war. Therefore
She invented tacticians..." - Diane Duane</font></TD></TR>
</TABLE>

that worm was pretty easy to fix once we knew what it was

<Center>

Yeah, unlike my past experiences at work with SQL Slammer and CodeRed II, MSBlast was definitely much easier to contain and remedy.