IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User

Welcome to IWETHEY!

New AVG seems to be more...

Avast has missed a few lately. LIke right now they haven't released and update for the Internet Worms: Bagle.AI, Bagle.AF, Zafi.B and Kibuv

But that was this morning.
[link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwethey
No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do, the bottom line is that the serious, gut-wrenching problems happen on Windows, not on Linux, not on Mac OS. -- [link|http://www.eweek.com/article2/0,1759,1622086,00.asp|source]
Here is an example: [link|http://www.greymagic.com/security/advisories/gm001-ie/|Executing arbitrary commands without Active Scripting or ActiveX when using Windows]
New What's the oldest Win 9X AVG will run on?
I have 2 boxes running Win 95 and Win 98 original, and Norton has been expired on them for years. Will AVG run on wither on? Their website doesn't answer the question. Any other free alternatives?

"Windows XP has so many holes in its security that any reasonable user will conclude it was designed by the same German officer who created the prison compound in "Hogan's Heroes." - Andy Ihnatko, Chicago Sun-Times
[link|mailto:bconnors@ev1.net|contact me]
New Avast www.avast.com
Runs very well on old machines.
New Arrr
Chris Altmann
New scurrrrvay knave :)
New Take a look here...

AVG Free Edition:
Windows 95\tyes\nWindows 98\tyes\nWindows Me\tyes\nWindows NT\tyes\nWindows 2000\tyes\nWindows XP\tyes

There you are.
[link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwethey
No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do, the bottom line is that the serious, gut-wrenching problems happen on Windows, not on Linux, not on Mac OS. -- [link|http://www.eweek.com/article2/0,1759,1622086,00.asp|source]
Here is an example: [link|http://www.greymagic.com/security/advisories/gm001-ie/|Executing arbitrary commands without Active Scripting or ActiveX when using Windows]
New Thanks for finding the info!
And you didn't even Google for it...:-D
"Windows XP has so many holes in its security that any reasonable user will conclude it was designed by the same German officer who created the prison compound in "Hogan's Heroes." - Andy Ihnatko, Chicago Sun-Times
[link|mailto:bconnors@ev1.net|contact me]
New No probs.
[link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwethey
No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do, the bottom line is that the serious, gut-wrenching problems happen on Windows, not on Linux, not on Mac OS. -- [link|http://www.eweek.com/article2/0,1759,1622086,00.asp|source]
Here is an example: [link|http://www.greymagic.com/security/advisories/gm001-ie/|Executing arbitrary commands without Active Scripting or ActiveX when using Windows]
New Got it...didn't help...and its getting worse....
OK- downloaded AVG, got it set up and running. Performed full scan of all local drives...no viruses. Cool, I guess. disable McAfee AV, but leave McAfee firewall running

Now dial back up to the Net, and...right off the bat, I get an attempt to TFTP to someplace. I deny it. Then...WHAM! Continuous attempts by SVCHOST to open a port for TCP connection. No sooner do I deny it, than another one appears. Opening The Task Mgr shows that one of my two SVCHOST instances as well as cpd.exe are taking turns hammering the processor each to around 50% of the CPU. Still, the priority of these two is low enough so that I do not notice any real degradation of performance. Task manager will not let me kill either of the two processes, but The Firewall will. So I kill the SVCHOST instance...and the cpd.exe instance goes away too.


Does anybody know what cpd.exe is?

Also, I discovered where McAfee firewall hides the details about what it filters. The IP address for the TFTP happens to be one of the servers of my own ISP (or more accurately, the ISP who bought the ISP who bought my ISP)! I'm going on a business trip, so I can't track it down untill next week :-(, but when I get back, they got some 'splainin to do!
shrub\ufffdbish (Am., from shrub + rubbish, after the derisive name for America's 43 president; 2003) n. 1. a form of nonsensical political doubletalk wherein the speaker attempts to defend the indefensible by lying, obfuscation, or otherwise misstating the facts; GIBBERISH. 2. any of a collection of utterances from America's putative 43rd president. cf. BULLSHIT

New Re: what cpd.exe is?
cpd - cpd.exe - Process Information

Process File: cpd or cpd.exe
Process Name: CPD
Description: Background task from McAfee Personal Firewall. The application implements the firewall security features. In older versions, the task was named CPDCLNT.exe.
Company: Network Associates, Inc.
System Process: No
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): No

"If you can control the meaning of words, you can control the people who must use the words." -- Philip K. Dick, US science fiction writer
New Caveat
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): No
Unless you've already got a virus that replaced it.

Implicitly condoning stupidity since 2001.
New Thanks.
One of these days, I'll finally get it through my thick head that Google is a resource to be mined. Not as usefull as the Omnicient LRPD, but quite useful nonetheless.

So all the cpd.exe activity was the firewall rejecting attempts by the renegade svchost to phone home. Nice...just like it's supposed to!
shrub\ufffdbish (Am., from shrub + rubbish, after the derisive name for America's 43 president; 2003) n. 1. a form of nonsensical political doubletalk wherein the speaker attempts to defend the indefensible by lying, obfuscation, or otherwise misstating the facts; GIBBERISH. 2. any of a collection of utterances from America's putative 43rd president. cf. BULLSHIT

New Re: Got it...didn't help...and its getting worse....
You don't understand - you don't have to be infected with ANYTHING. Your machine is scanned and found to be vulnerable. A rogue file is downloaded to your machine - really a tftp server riding on the back of a legitimate Windows file. This happens WITHOUT any beastie being on your machine prior to the scan. Every time you connect to the net you'll be rescanned. Until you fix the root problem you'll never be able to get back on the net.

Did you install service pack 1a? Not 1, 1a. You can't install it over the net, you have to DOWNLOAD the entire thing and install it locally with the net cable unplugged.

(Can you imagine the numbers of machines with the same problem and their owners completely unaware? The net is a cesspool, and Windows is a scandal.)

New Service Pack 1a for what?
W2K? No, I only installed W2K, then immediately W2K-SP2 (which, as I said, is the end of the line for Windows, as far as I am concerned.)

What is SP1a?

Now, as far as the beastie is concerned, what you're talking about, if I read you correctly, is a Trojan. AVG is supposed to identify trojans of this sort. If I am being pinged by someone trying to activate it, I would expect that 1) the firewall would bitch about the incoming ping, and 2) that the trojan infected file would be rooted out by AVG or somebody like that (McAfee might just miss it if it were relatively new).

There is a third possibility, of course. That being that Real replaced a Windows DLL with one of its own, and the uninstaller for it "conveniently" declined to replace it when I uninstalled it. Of course, Micros~1 swears up and down that that can't happen in Win2K, but I don't believe it for a minute. So, does anybody have details about Real...I seem to recal some kind of brouhaha over Real's "phoning home" some time back....

shrub\ufffdbish (Am., from shrub + rubbish, after the derisive name for America's 43 president; 2003) n. 1. a form of nonsensical political doubletalk wherein the speaker attempts to defend the indefensible by lying, obfuscation, or otherwise misstating the facts; GIBBERISH. 2. any of a collection of utterances from America's putative 43rd president. cf. BULLSHIT

New Sorry, thought you were on XP
Install Service Pack 4. D/L the entire thing and install locally.

It sounds like you've got the RPC server exploit, see here:


You need at least SP3. Installing 4 will fix it.
New The trouble w/ SP>2 is
That Micros~1 added the "Phone Home" virusfeature to W2K at that point. While I'd like very much to be rid of that problem, I don't want BillG(e) mucking around in my machine...not sure which is better.

Now if there were a way to disable the "Phone Home" virusfeature....
shrub\ufffdbish (Am., from shrub + rubbish, after the derisive name for America's 43 president; 2003) n. 1. a form of nonsensical political doubletalk wherein the speaker attempts to defend the indefensible by lying, obfuscation, or otherwise misstating the facts; GIBBERISH. 2. any of a collection of utterances from America's putative 43rd president. cf. BULLSHIT

New Re: The trouble w/ SP>2 is
Well you're not going to fix it any other way.

There is no 'phone home' feature in W2K. That's hooey.
New He's talking about an implementation in the license
more than in actual software.
--\n-------------------------------------------------------------------\n* Jack Troughton                            jake at consultron.ca *\n* [link|http://consultron.ca|http://consultron.ca]                   [link|irc://irc.ecomstation.ca|irc://irc.ecomstation.ca] *\n* Kingston Ontario Canada               [link|news://news.consultron.ca|news://news.consultron.ca] *\n-------------------------------------------------------------------
New Re: Service Pack 1a for what?

Just in case anyone was wondering.

Install this, then SP2.

[link|http://www.debian.org|Shill For Hire]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
New SP4 on W2K
     Any ideas as to WTF is going on? - (jb4) - (53)
         Re: Any ideas as to WTF is going on? - (altmann) - (16)
             Thanx...BTW I'm running W2Ksp2 - (jb4) - (14)
                 I've got tons of systems on SP4 with no home-phoning. - (Silverlock) - (13)
                     OK, Now I'm confused... - (jb4) - (12)
                         Sigh. - (pwhysall) - (11)
                             What he said. - (Silverlock)
                             Unroll yer eyes, and use them to read! - (jb4) - (9)
                                 Wow, approaching Conrattitude! -NT - (deSitter) - (1)
                                     Conrattitude! /me likes! ;-) -NT - (jb4)
                                 Ooh, snippy. - (pwhysall)
                                 Oh, and I did. - (pwhysall) - (5)
                                     Yerah, but read for *contex*t, and you'll hafta admit... - (CRConrad) - (4)
                                         I know, I know... - (pwhysall) - (3)
                                             How the **** could I? Effing bastidge. -NT - (CRConrad) - (2)
                                                 buy ticket, fly over, drink beer, fly home, nurse hangover. -NT - (Steve Lowe) - (1)
                                                     Nurse Hangover? sounds like a chr from MASH -NT - (deSitter)
             Yep exactly - he's RPC exploited seems like -NT - (deSitter)
         Antivirus installed? - (pwhysall) - (23)
             Tried Avast? Very nice, very free - (deSitter) - (1)
                 Not tried, AVG is adequate. And free. -NT - (pwhysall)
             Yes...McAfee - (jb4) - (20)
                 AVG seems to be more... - (folkert) - (19)
                     What's the oldest Win 9X AVG will run on? - (lincoln) - (18)
                         Avast www.avast.com - (deSitter) - (2)
                             Arrr -NT - (altmann) - (1)
                                 scurrrrvay knave :) -NT - (deSitter)
                         Take a look here... - (folkert) - (14)
                             Thanks for finding the info! - (lincoln) - (1)
                                 No probs. -NT - (folkert)
                             Got it...didn't help...and its getting worse.... - (jb4) - (11)
                                 Re: what cpd.exe is? - (a6l6e6x) - (2)
                                     Caveat - (drewk)
                                     Thanks. - (jb4)
                                 Re: Got it...didn't help...and its getting worse.... - (deSitter) - (7)
                                     Service Pack 1a for what? - (jb4) - (6)
                                         Sorry, thought you were on XP - (deSitter) - (3)
                                             The trouble w/ SP>2 is - (jb4) - (2)
                                                 Re: The trouble w/ SP>2 is - (deSitter) - (1)
                                                     He's talking about an implementation in the license - (jake123)
                                         Re: Service Pack 1a for what? - (pwhysall) - (1)
                                             SP4 on W2K -NT - (deSitter)
         I found something you might want to do. - (folkert) - (11)
             Oooohh! Nice! - (jb4)
             Done! - (jb4) - (9)
                 How'd it do for you? - (folkert) - (8)
                     Well.... - (jb4) - (7)
                         !!! - (deSitter) - (6)
                             Not if it means that I have to go beyond W2K SP2!!! - (jb4) - (5)
                                 Yes, you are. - (inthane-chan) - (4)
                                     Dude...I'm on DIALUP! - (jb4) - (3)
                                         I used my D-Link DI-704P on dialup before I got cable... - (Another Scott) - (2)
                                             Yep... - (folkert)
                                             What he said. What I said. -NT - (deSitter)

Catapultam habeo. Nisi pecuniam omnem mihi dabis, ad caput tuum saxum immane mittam!
349 ms