virus submissions

I was surfing around McAfee's VIL and I skimmed through how they want you to submit a file for review. The last section is funny:

What NOT to Send – When using standard mail to send samples to AVERT only use floppy diskettes or CD’s. Any other media (such as ZIP Drives, Hard Drives, Full Computer Systems) will not be reviewed and will not be returned. (emphasis mine)

I can just picture it: Some guy is so fed up with his computer and all the viruses and other malware it has on it, that he just up and sends the ENTIRE MACHINE to McAfee.

The thing is, logically, the reason they put that on their site is because they have been sent entire systems before.

Ha. I found that quite humorous.

viruses for fun

have you ever wanted to get a virus just so that you can fight it off and win? :) I have. In fact, I did it today. The big huff that's going around, that I blogged about earlier (about how supposedly "Alternative browser spyware infects IE")...I went to the webpage that does this and clicked "Yes"...hehe, just to see what would happen.

Before I went I ran SpyBot S&D and Ad-Aware to make sure I was all clean...I was :).

Then I went to the page and let them try to mess my computer up. Here's the report (I think I counted correctly):

4 viruses detected right away by AVG (and either, healed, or sent to the vault...caught right away!)

14 registry changes detected by S&D (I allowed it just to see what it would do...yeah, it's a weird kind of fun)

I ran Ad-Aware and SpyBot again and they found:

Ad-Aware:
252 new objects:
3 processes
2 modules
50 registry keys
157 registry values
31 files
9 folders
(fixed 'em all)

SpyBot:

57 problems found
(fixed 'em all)

AVG actually didn't catch one virus right away, I found that out 'cause IE popped up a few pop-ups (and I wasn't even running it). The pop-ups were pretty pointless 'cause they were so small you could barely see what was in it, and it didn't change anything on my computer...not sure what guy who writes viruses can't size windows correctly...oh well. But AVG did catch the virus on my next full scan (which I manually ran right after I let the viruses install.

I'm all clean again.

Anyway, that's my fun for the day :).

holes in FF?

i read this blog about how people think there's a security hole in FireFox.

well, there isn't, the security hole would be in the dummy's head who clicks "Yes" or "Install" when Java tells them "Warning - Security" and "Publisher Authenticity Cannot Be Verified" and "The security certificate was issued by a company that is not trusted" and "The Security Certificate has expired or is not yet valid". Let me give you a tip: If you see a popup window that asks you a question, first of all, READ ALL OF IT. Second, if it says things like that one did, DON'T DO IT! Really, you don't need to be that desperate to have a Java applet run!

see also:
The blog entry here

I love the quote in this write-up:

"Maybe we should have a gate on the Internet saying 'you must be at least this smart to ride on this network.'"

That's FYI from E.