Home |
Search |
Today's Posts |
|
UK diy (uk.d-i-y) For the discussion of all topics related to diy (do-it-yourself) in the UK. All levels of experience and proficency are welcome to join in to ask questions or offer solutions. |
Reply |
|
LinkBack | Thread Tools | Display Modes |
#1
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
I received a suspect mail and sent it off to the virus scan site.
: Subject SCAN. This is what they sent back) The interesting thing is not that there was a virus the I was almost sure the was..but how many sites *didn't* find it.. Complete scanning result of "WW_671282.zip", processed in VirusTotal at 08/12/2008 14:39:39 (CET). [ file data ] * name..: WW_671282.zip * size..: 49434 * md5...: aefa2457dce9214b1349403bba664d12 * sha1..: c4aa3c90299e783113bb5c97d830f15a618bb226 * peid..: - [ scan result ] AhnLab-V3 2008.8.12.0/20080812 found nothing AntiVir 7.8.1.19/20080812 found [TR/Spy.ZBot.DPI] Authentium 5.1.0.4/20080812 found [W32/Downldr2.DIFW] Avast 4.8.1195.0/20080811 found nothing AVG 8.0.0.156/20080812 found [Pakes_c.SH] BitDefender 7.2/20080812 found [Trojan.Spy.Wsnpoem.GH] CAT-QuickHeal 9.50/20080811 found nothing ClamAV 0.93.1/20080812 found [Trojan.Zbot-1936] DrWeb 4.44.0.09170/20080812 found nothing eSafe 7.0.17.0/20080811 found nothing eTrust-Vet 31.6.6027/20080812 found [Win32/Kollah.NG] Ewido 4.0/20080812 found nothing F-Prot 4.4.4.56/20080812 found [W32/Downldr2.DIFW] F-Secure 7.60.13501.0/20080812 found [Trojan-Spy.Win32.Zbot.dvy] Fortinet 3.14.0.0/20080812 found nothing GData 2.0.7306.1023/20080812 found [Trojan-Spy.Win32.Zbot.dvy] Ikarus T3.1.1.34.0/20080812 found [Win32.Outbreak] K7AntiVirus 7.10.412/20080812 found nothing Kaspersky 7.0.0.125/20080812 found [Trojan-Spy.Win32.Zbot.dvy] McAfee 5358/20080811 found nothing Microsoft 1.3807/20080812 found [PWS:Win32/Zbot.gen!G] NOD32v2 3348/20080812 found [Win32/Spy.Agent.PZ] Norman 5.80.02/20080812 found nothing Panda 9.0.0.4/20080812 found nothing PCTools 4.4.2.0/20080812 found nothing Prevx1 V2/20080812 found nothing Rising 20.57.12.00/20080812 found nothing Sophos 4.32.0/20080812 found [Troj/Dloadr-BPX] Sunbelt 3.1.1542.1/20080812 found [Trojan-Spy.Win32.Zbot.gen (v)] Symantec 10/20080812 found [Trojan.Wsnpoem] TheHacker 6.2.96.396/20080812 found nothing TrendMicro 8.700.0.1004/20080812 found [TROJ_DLOADR.IM] VBA32 3.12.8.3/20080811 found nothing ViRobot 2008.8.12.1333/20080812 found nothing VirusBuster 4.5.11.0/20080811 found nothing Webwasher-Gateway 6.6.2/20080812 found [Win32.NewMalware.PU!59392] |
#2
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
On Tue, 12 Aug 2008 13:50:11 +0100, The Natural Philosopher
wrote: I received a suspect mail and sent it off to the virus scan site. : Subject SCAN. This is what they sent back) The interesting thing is not that there was a virus the I was almost sure the was..but how many sites *didn't* find it.. Interesting, but not surprising. Did you read this article http://resources.zdnet.co.uk/articles/features/0,1000002000,39440184,00.htm: ----- Begin Quote ----- Eva Chen, chief executive of Trend Micro, has strong views about how effective the antivirus industry has been over the past 20 years. Show related articles According to Chen, the security industry has over-hyped how effective its products are — and so has been misleading customers — for years. Chen believes that no single company can offer adequate protection against the sheer volume of new viruses that are being churned out by cybercriminals. According to the security industry, five and a half million new samples were detected in 2007. ----- End Quote ----- -- Martin Jay |
#3
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
The Natural Philosopher wrote:
I received a suspect mail and sent it off to the virus scan site. : Subject SCAN. This is what they sent back) The interesting thing is not that there was a virus the I was almost sure the was..but how many sites *didn't* find it.. Not that surprising really. If it's a new one, I imagine it'll take a few days before all the companies become aware of it and update their virus definition files. Probably if you resubmitted it tomorrow, there would be a far higher detection rate. At the end of the day, common sense is your first line of defence against viruses. You'd have to be a real dweeb to imagine that a file with a name like "WW_671282.zip" attched to an email *wasn't" a virus. Tim |
#4
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
Tim Downie wrote:
The Natural Philosopher wrote: I received a suspect mail and sent it off to the virus scan site. : Subject SCAN. This is what they sent back) The interesting thing is not that there was a virus the I was almost sure the was..but how many sites *didn't* find it.. Not that surprising really. If it's a new one, I imagine it'll take a few days before all the companies become aware of it and update their virus definition files. Probably if you resubmitted it tomorrow, there would be a far higher detection rate. At the end of the day, common sense is your first line of defence against viruses. You'd have to be a real dweeb to imagine that a file with a name like "WW_671282.zip" attched to an email *wasn't" a virus. Tim trouble is the Dweebs live amongst us ,I am working with 300+ programmers and professionals for a Major credit card company and last week alone we have had 6 different viruses caused by them opening dodgy emails or surfing weird sites during lunch breaks -- Kevin R Reply address works |
#5
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
"Kevin" wrote in message
... trouble is the Dweebs live amongst us ,I am working with 300+ programmers and professionals for a Major credit card company and last week alone we have had 6 different viruses caused by them opening dodgy emails I just don't see them. I don't know what virus filtering services my ISP (34sp) uses but pretty well nothing at all ever gets through. Look, hardly any email uses actually *want* to receive these viruses, surely to goodness, so why doesn't *every* ISP just silently dump them by default? -- Tim Ward Brett Ward Limited - www.brettward.co.uk |
#6
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
On Tue, 12 Aug 2008 13:50:11 +0100, The Natural Philosopher
wrote: I received a suspect mail and sent it off to the virus scan site. : Subject SCAN. This is what they sent back) I'm surprised it reached there at all...LOL The interesting thing is not that there was a virus the I was almost sure the was..but how many sites *didn't* find it.. |
#7
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
Tim Downie wrote:
The Natural Philosopher wrote: I received a suspect mail and sent it off to the virus scan site. : Subject SCAN. This is what they sent back) The interesting thing is not that there was a virus the I was almost sure the was..but how many sites *didn't* find it.. Not that surprising really. If it's a new one, I imagine it'll take a few days before all the companies become aware of it and update their virus definition files. Probably if you resubmitted it tomorrow, there would be a far higher detection rate. At the end of the day, common sense is your first line of defence against viruses. You'd have to be a real dweeb to imagine that a file with a name like "WW_671282.zip" attched to an email *wasn't" a virus. Oh, I totally agree. But this is not a particularly new one I think. Tim |
#8
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
Trouble is, they are designed to look like something else.
I suspect the OP may have received the same or a similar email to the one I got this morning, which claimed to be from UPS concerning a package I had posted a month ago. What I presume was a payload pretended to be some sort of form 'UPS' wanted me to complete, in a zip. Fortunately, I haven't posted anything via UPS recently, so I knew straight away it was spam, and killfiled it. Recently, I have also received spam pretending to be from Microsoft in conjunction with one of the phone companies, or perhaps it was the other way round, saying that I had won a draw for Microsoft website users. As I do have a Microsoft website ID, and Microsoft do have some form of relationship with that company, this was potentially quite convincing, especially as I need the money! Nevertheless I forwarded the letter to the phone company's CS department to ask if it was genuine. As I had no reply, I eventually presumed it was fake and killfiled it. There have been a number of other such recently, but I can't remember details now. I think one concerned the National Lottery, or Premium Bonds, or perhaps there was one of each. AFAICR the one thing they all had in common was that the email address of the sender didn't appear to be connected with the company being impersonated. Accordingly I would advise anyone that receives an unexpected email to check 1) That the sender's email address is from a domain controlled by the company/ies purporting to be contacting you - in the Microsoft example, does it actually come from microsoft.com, or the actual phone company's domain, rather than just a superficially similar domain name. 2) Try and learn to check out and understand email headers, so you can get some sort of idea of the route the mail took to reach you. Anything you are not convinced of, try and obtain local expert advice. Anything that definitely doesn't add up, leave well alone. Also emails are sent unencrypted, and can be trawled as they cross the net. Never give out anything like bank or other such details to anyone in an email. I've even had my mobile number trawled like that - when I emailed it to someone a few months ago, I started to receive porno texts within 24 hours. I contacted both my phone company's CS and some overview umbrella organisation explaining the illegal way the number must have been obtained, and the texts stopped without my ever having to reply to them, or my being charged for them. On Tue, 12 Aug 2008 15:26:23 +0100, "Tim Ward" wrote: Look, hardly any email uses actually *want* to receive these viruses, surely to goodness, so why doesn't *every* ISP just silently dump them by default? |
#9
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
The Natural Philosopher wrote:
But this is not a particularly new one I think. Oh the payload attached to the UPS emails has been changing pretty rapidly, far faster than some AV vendors update their virus definitions. Once a day doesn't really cut it any more. The advice not to follow links or open attachments unless you've confirmed in some way that they are genuine is much more useful. Especially as the scam ones like this are getting more convincing. -- http://lnr.livejournal.com/ |
#10
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
Tim Ward wrote:
"Kevin" wrote in message ... trouble is the Dweebs live amongst us ,I am working with 300+ programmers and professionals for a Major credit card company and last week alone we have had 6 different viruses caused by them opening dodgy emails I just don't see them. I don't know what virus filtering services my ISP (34sp) uses but pretty well nothing at all ever gets through. Look, hardly any email uses actually *want* to receive these viruses, surely to goodness, so why doesn't *every* ISP just silently dump them by default? thats ok if your ISP knows its a virus, how it differentiates between an unknown virus and your friend emailing you a holiday video Zipped up is where the problem lies, do you want your ISP to filter out a wanted emails because it might be a virus? -- Kevin R Reply address works |
#11
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
"Java Jive" wrote in message news Trouble is, they are designed to look like something else. I suspect the OP may have received the same or a similar email to the one I got this morning, which claimed to be from UPS concerning a package I had posted a month ago. What I presume was a payload pretended to be some sort of form 'UPS' wanted me to complete, in a zip. Fortunately, I haven't posted anything via UPS recently, so I knew straight away it was spam, and killfiled it. OH S!!T I recd. that a few days ago and I opened it as I WAS expecting a dellivery... I realised what it was too late ...... :-(((( I then updated AVG and did a full scan which found nowt. Everythins _seeeeems_ OK, but.... Now what? Is my Dell going toturn into a pumpkin next Friday the thirtenth? (Currently rescanning all with updated AVG again....X's fingers Grrrrrrrrrrrrrr -- ¦zulu¦ |
#12
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
The Natural Philosopher wrote: I received a suspect mail and sent it off to the virus scan site. : Subject SCAN. This is what they sent back) The interesting thing is not that there was a virus the I was almost sure the was..but how many sites *didn't* find it.. That happened to me once. It was a 'rare' virus. Had to do a manual removal based on a method from one its cousins ! Graham |
#13
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
As long as you didn't open the zip, I *think* you should be ok ...
On Tue, 12 Aug 2008 18:07:02 +0100, "zulu" wrote: I recd. that a few days ago and I opened it as I WAS expecting a dellivery... [snip] (Currently rescanning all with updated AVG again....X's fingers |
#14
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
"Java Jive" wrote in message ... As long as you didn't open the zip, I *think* you should be ok ... Darned if I can remember now... ) AVG is still scanning. gulp -- ¦zulu¦ |
#15
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
"Kevin" wrote in message
... thats ok if your ISP knows its a virus, how it differentiates between an unknown virus and your friend emailing you a holiday video Dunno, but they seem to be good at it. Zipped up is where the problem lies, Ah, well, they've got this clever trick, see, have had for years, which is to look *inside* an archive. (Any worthwhile virus scanner does that.) -- Tim Ward - posting as an individual unless otherwise clear Brett Ward Limited - www.brettward.co.uk Cambridge Accommodation Notice Board - www.brettward.co.uk/canb Cambridge City Councillor |
#16
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
"Brian Morrison" wrote in message
k... What happens when a weird attachment arrives that you need just happens to resemble a virus and is silently binned? Yup, a real risk. Which so far as I know (and therefore so far as matters to me) has never happened. So that's fine then. -- Tim Ward - posting as an individual unless otherwise clear Brett Ward Limited - www.brettward.co.uk Cambridge Accommodation Notice Board - www.brettward.co.uk/canb Cambridge City Councillor |
#17
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
On Tue, 12 Aug 2008 19:59:40 +0100, Tim Ward passed an empty day by
writing: "Kevin" wrote in message ... thats ok if your ISP knows its a virus, how it differentiates between an unknown virus and your friend emailing you a holiday video Dunno, but they seem to be good at it. Zipped up is where the problem lies, Ah, well, they've got this clever trick, see, have had for years, which is to look *inside* an archive. (Any worthwhile virus scanner does that.) A great many gateway scanners use clamav - no doubt because it is free, and it's been looking in archives for a long time. AFAIR it is also able to deal with password protected archives and even tell the difference between a spoofed file extension because of the mime type (that is a .exe that has been rename to .jpg). It does depend on how the gateway scanner is set up mind you. Only problem is Trend have been trying to make a few people **** the bed as far as clamav is concerned, but that is a different story. The thing is malware (or Window$ self-distributing freeware as I call it) should not be the responsibility of your ISP. Even the best scanners can be spoofed by telneting directly into an ISP's server and dumping a virus on in for a local user by injecting it in base64. You need to be guarding at your own gateway for this. -- powered by Linux - *******ized by Window$ - |
#18
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
"Klunk" wrote in message
... The thing is malware (or Window$ self-distributing freeware as I call it) should not be the responsibility of your ISP. That, surely to goodness, is a matter for grown-ups to arrange between themselves. My ISP chooses to offer this service, and I choose to buy it. Neither of us needs anybody else telling us that it's "not [his] responsibility". -- Tim Ward - posting as an individual unless otherwise clear Brett Ward Limited - www.brettward.co.uk Cambridge Accommodation Notice Board - www.brettward.co.uk/canb Cambridge City Councillor |
#19
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
Tim Ward wrote:
"Kevin" wrote in message ... thats ok if your ISP knows its a virus, how it differentiates between an unknown virus and your friend emailing you a holiday video Dunno, but they seem to be good at it. Zipped up is where the problem lies, Ah, well, they've got this clever trick, see, have had for years, which is to look *inside* an archive. (Any worthwhile virus scanner does that.) trouble is most users have no idea what a virus is or can do and don't use firewalls or virus scanners, they think that the windows must be safe as Microsoft would not sell a insecure system would they???, and these people do exist as I have been asked to fix their pc's -- Kevin R Reply address works |
#20
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
The interesting thing is not that there was a virus the I was almost
sure the was..but how many sites *didn't* find it.. For everyone else, there are a couple of similar sites that do comparative testing, such as... http://virusscan.jotti.org http://www.av-comparatives.org is also useful for checking out the relative strength of an updated and un-updated machine. |
#21
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
trouble is the Dweebs live amongst us ,I am working with 300+
programmers and professionals for a Major credit card company and last week alone we have had 6 different viruses caused by them opening dodgy emails or surfing weird sites during lunch breaks I'd have to query the accessibility of the machines if it's that prevalent - let me guess, your site uses IE, allows activex, and uses an old version of java ? Perhaps it's time to treat them like babies - given the offenders a linux box, and add site filtering software to everything else (like K9 web protection) |
#22
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
AVG is still scanning.
gulp If you're stuck, check out some of the links on my site - http://www.coreutilities.co.uk Start with Sysclean (kill AVG temporarily first), and scan with Spybot S&D as well once you're done. If you're not sure if the system is clean, try to stay offline for 2-3 days to let the virus signatures catch up, then download the latest sigs / spyware definitions from another machine and install them with your main system remaining offline. I've just had to do this for a colleagues' fathers laptop - an initial scan showed 18 viruses, mainly of the bank account stealing sort, and another 20 traces of the same appeared in Spybot S&D. A scan a couple of days later came up with a couple more things, but these seemed to have been rendered useless by the earlier scans. |
#23
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
"Colin Wilson" o.uk wrote
in message g... let me guess, your site uses ... an old version of java ? Given that there are different bugs in different versions of Java, and even when there aren't "bugs" that can be proven as such there are incompatibilities, you sometimes need different versions of Java in order to be able to run different applications. If you're *very* unlucky this means each machine needs several versions of Java, and each user needs to be adept at spotting when an application is trying to run with the wrong version and fixing it. More common is the situation that you find a version of Java that works for most of your users most of the time ... but it's quite likely not the latest one, given the application development and upgrade cycle times, hence people using "an old version of Java" for extremely good reasons is not going to be uncommon. -- Tim Ward - posting as an individual unless otherwise clear Brett Ward Limited - www.brettward.co.uk Cambridge Accommodation Notice Board - www.brettward.co.uk/canb Cambridge City Councillor |
#24
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
you sometimes need different versions of Java in order to be
able to run different applications. Although I don't use java heavily, I don't recall a single application written using the official (non-microsoft-*******ised-pseudo-java) version not working with the latest release :-} Sadly, our place is keen to use activex and *******ised-non-java-java for almost everything from intranet to bespoke applications :-/ ....and yes, now we find ourselves in the same situation where we need to have java switchers in place to run what I warned them about years ago. |
#26
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
The Natural Philosopher wrote:
I received a suspect mail and sent it off to the virus scan site Had the same, it's due to your computer being infected by a virus BEFORE the email. Assuming your replies, this is a troll, but, Boot a live CD and scan. Ask for more help on this, or better yet, Google and learn a ****-load. |
#27
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
Cork Soaker wrote:
The Natural Philosopher wrote: I received a suspect mail and sent it off to the virus scan site Had the same, it's due to your computer being infected by a virus BEFORE the email. Assuming your replies, this is a troll, but, Boot a live CD and scan. Ask for more help on this, or better yet, Google and learn a ****-load. Oh dear. This idiot isn't killfiled here. Didn't you bother to see I was posting on a Mac, and it couldn't e infected with a windws virus? |
#28
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
"Colin Wilson" o.uk wrote in message g... you sometimes need different versions of Java in order to be able to run different applications. Although I don't use java heavily, I don't recall a single application written using the official (non-microsoft-*******ised-pseudo-java) version not working with the latest release :-} Sadly, our place is keen to use activex and *******ised-non-java-java for almost everything from intranet to bespoke applications :-/ How are they doing that? M$ dumped their java like language years ago. You can't download the engine or any fixes from M$. You can't get a license to run their engine so its probably illegal if you are. All the existing licenses were revoked IIRC. ...and yes, now we find ourselves in the same situation where we need to have java switchers in place to run what I warned them about years ago. |
#29
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
zulu wrote:
I recd. that a few days ago and I opened it as I WAS expecting a dellivery... I realised what it was too late ...... :-(((( I then updated AVG and did a full scan which found nowt. Everythins _seeeeems_ OK, but.... With the virus that was in the first batch of emails you'd have known if you ran the program in the zip file as the machine would have immediately rebooted. It's not clear if the later ones work in exactly the same way, but I suspect it's similar. Spybot S&D is quite good at detecting and removing things, and you probably need something like it to remove actual infections rather than just relying on your usual AV software, which is better for detection and prevention. http://www.safer-networking.org/ -- http://lnr.livejournal.com/ |
#30
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
Eleanor Blair wrote:
zulu wrote: I recd. that a few days ago and I opened it as I WAS expecting a dellivery... I realised what it was too late ...... :-(((( I then updated AVG and did a full scan which found nowt. Everythins _seeeeems_ OK, but.... With the virus that was in the first batch of emails you'd have known if you ran the program in the zip file as the machine would have immediately rebooted. It's not clear if the later ones work in exactly the same way, but I suspect it's similar. Spybot S&D is quite good at detecting and removing things, and you probably need something like it to remove actual infections rather than just relying on your usual AV software, which is better for detection and prevention. http://www.safer-networking.org/ I know it isn't free, but how well to you rate Troan Hunter? http://www.misec.net/trojanhunter/ -- Heard melodies are sweet, but those Unheard are sweeter FN 2°°8 +, Mungo Brandybuck of Buckland |
#31
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
Flyiñg Ñuñ 2°°8 + wrote:
I know it isn't free, but how well to you rate Troan Hunter? http://www.misec.net/trojanhunter/ I don't know it personally, and it's not one of the ones explicitly suggested by the University's Technical User Support team, but that may just be because it's not free. Sorry I can't help. -- http://lnr.livejournal.com/ |
#32
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
On Tue, 12 Aug 2008 23:38:24 +0100, Colin Wilson wrote:
you sometimes need different versions of Java in order to be able to run different applications. Although I don't use java heavily, I don't recall a single application written using the official (non-microsoft-*******ised-pseudo-java) version not working with the latest release :-} I've seen it happen a few times... I can't help thinking something like VMWare would help with situations like this, though - with disk space and memory being as cheap as it is, it's easy to keep a few virtual images around with different configurations and trivial to roll things back to a 'known-good' snapshot. Run any untrusted apps under the virtual image, but save user data somewhere under the host OS. cheers Jules |
#33
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
On Tue, 12 Aug 2008 20:00:58 +0100, Tim Ward wrote:
"Brian Morrison" wrote in message k... What happens when a weird attachment arrives that you need just happens to resemble a virus and is silently binned? Yup, a real risk. It seems acceptable to me though, providing such things aren't silently binned but can be retrieved from the ISP on a case-by-case basis (in a similar way I tend to scan my junk mail folder a couple of times a week before clearing it out - every once in a while there's something legitimate in there) cheers Jules |
#34
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
Brian Morrison wrote:
"Tim Ward" wrote: Look, hardly any email uses actually *want* to receive these viruses, surely to goodness, so why doesn't *every* ISP just silently dump them by default? What happens when a weird attachment arrives that you need just happens to resemble a virus and is silently binned? It's possible to set things up so that legitimate messages sent from standards-compliant sites never disappear silently even when they trigger the anti-virus filter, and without causing any collateral spam or backscatter. Tony. -- f.anthony.n.finch http://dotat.at/ BISCAY FITZROY SOLE: WESTERLY 6 TO GALE 8, OCCASIONALLY SEVERE GALE 9 IN SOLE. ROUGH OR VERY ROUGH, OCCASIONALLY HIGH. SQUALLY SHOWERS. MODERATE OR GOOD. |
#35
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
Sadly, our place is keen to use activex and *******ised-non-java-java
for almost everything from intranet to bespoke applications :-/ How are they doing that? M$ dumped their java like language years ago. You can't download the engine or any fixes from M$. You can't get a license to run their engine so its probably illegal if you are. All the existing licenses were revoked IIRC. Who knows - sadly, I could care less right now, we've just been informed they're rolling out another image to all machines, which if it's anything like the last one they did, it'll kill all USB functionality (not a lot of use when you have users who need to get pictures off digital cameras regularly). AFAIK I was the only one thinking straight and got a card reader a few years ago - they were still trying to force us to use smartmedia via one of the Sandisk Flashpath floppy device adaptors... Hell, if it's anything like my existing install, it'll take 25-30 minutes to boot minimum (it's not a particularly slow machine either) |
#36
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
I can't help thinking something like VMWare would help with situations
like this Been there, suggested that. |
#37
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
On Tue, 12 Aug 2008 20:38:56 +0100, Tim Ward passed an empty day by
writing: "Klunk" wrote in message ... The thing is malware (or Window$ self-distributing freeware as I call it) should not be the responsibility of your ISP. That, surely to goodness, is a matter for grown-ups to arrange between themselves. My ISP chooses to offer this service, and I choose to buy it. Neither of us needs anybody else telling us that it's "not [his] responsibility". It's your system and you are free as a 'grown up' to take you own approach. It is one thing to let a virus pass on to a customer, it is another for that customer to take responsibility for his or her actions on opening it. -- powered by Linux - *******ized by Window$ - |
#38
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
On Wed, 13 Aug 2008 22:46:37 +0100, Brian Morrison wrote:
On Wed, 13 Aug 2008 08:35:18 -0500 Jules wrote: On Tue, 12 Aug 2008 20:00:58 +0100, Tim Ward wrote: "Brian Morrison" wrote in message k... What happens when a weird attachment arrives that you need just happens to resemble a virus and is silently binned? Yup, a real risk. It seems acceptable to me though, providing such things aren't silently binned but can be retrieved from the ISP on a case-by-case basis (in a similar way I tend to scan my junk mail folder a couple of times a week before clearing it out - every once in a while there's something legitimate in there) Well, you are of course free to do as you both please, and have obviously considered whether the risk is acceptable to you. Well, I would assume that any ISP-run scheme has a complete opt-out. It's just that the OS vendors don't seem to be doing anything much to make their products more secure, the end users seem to be, on the whole, utterly clueless, and there are just so many new virus variations per day that it's hard for them to keep up anyway. I just think that putting the technology in at the ISPs might be the only route left - and that it might take quite a bit of effort initially, but if every ISP were doing it the problem would eventually go away anyway as there's be no incentive to write viruses (or spam) in the first place. I decided I was happy to run virus scanners on the mail server and on the Windows PCs to give more defence in depth, so that's fine with me. Not running Windows helps me a lot with the defence side of course, but what really annoys me is that someone out there feels the need to send me this crap in the first place - hence screening it further upstream would seem like a nice idea... Everyone aware of their own risks, and happy. Except that by and large, they aren't aware... cheers J. |
#39
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
Kevin wrote:
trouble is the Dweebs live amongst us ,I am working with 300+ programmers and professionals for a Major credit card company and last week alone we have had 6 different viruses caused by them opening dodgy emails or surfing weird sites during lunch breaks Which is probably why my Bank when ape-sh*t yesterday and called me to cancel my VISA card *even* due to the fact there had been no funny transactions recorded on it. Not convienient for me as I'm travelling soon :-( -- Adrian C |
#40
Posted to uk.telecom.broadband,cam.misc,uk.d-i-y
|
|||
|
|||
Virus check...
Kevin wrote: trouble is the Dweebs live amongst us ,I am working with 300+ programmers and professionals for a Major credit card company and last week alone we have had 6 different viruses caused by them opening dodgy emails or surfing weird sites during lunch breaks Nice one. I have a very good friend who works for a very well known anti- virus company. The support staff have a document to follow if a virus is sent in that has not been identified. Would you believe it reads; "First of all confirm the file is a virus." How do you think they have been doing this? Why, by opening them and running them on their windows desktops and looking to see if the AV (which never caught it in the first place, hence why the customer has submitted it) detects it. You could not make this up if you tried. -- powered by Linux - *******ized by Window$ - |
Reply |
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
Warning! Virus! | Electronics Repair | |||
Virus Warning | Woodturning | |||
THIS ATTACHMENT CONTAINS A VIRUS | Woodturning |