hi,

if you go to the forum-site a virus/trojan:

JAVA/Byteverify.6.3 and JS/Dldr.Agent.ab.12

will be installed !!!

“Trojan.ByteVerify is a Trojan Horse that exploits the vulnerability described in Microsoft Security Bulletin MS03-011 and could provide a hacker the ability to run arbitrary code on an infected system”

Did you attempt to notify the odforce guys before making this public? How certain are you that is the site that caused this? That sort of thing can be pretty hard to track down at the root of the problem.

J.C.

Eessh…..

Something is up that's for sure. I went to the forums with Firefox and didn't have any problems. Tried it with IE and Kaspersky went bonkers blocking stuff left and right. While its possible that it maybe a false positive, I'd be a bit careful for the time being.

I'll play some more and see what I can find out.

If you allow the JAVA/Byteverify.6.3 and JS/Dldr.Agent.ab.12 stuff to run it tries to download and execute a .wmf file (xpladv428.wmf). The wmf file library had some bad exploit a few months back.


That said, I agree with JC, these sorts of things are really hard to track down. It could be nothing at all, it could be that someone hacked the PHP code and added a “evil” line or two, or it could be something completely unrelated to odforce.

Hey Guys

Firstly, if I could make a very, very strong recommendation that you stop using IE. Just stop. Forever. It's a piece of crap that has more holes in it than Spongebob, and if it wasn't for it's shitty nature then people wouldn't be able to try and force you to download an infected wmf file.
As it is, spammers get to deface our site and add this nonsense in to try and get a backdoor to your computer.

Do you want your computer to be a zombie?


I didn't think so, so stop using IE!

Having said that, I have found and removed the offending bits of code from odforce, please return to your scheduled browsing activities.

Marc

Thanks Marc!

I concur about IE having more holes that Spongebob. (Although Spongebob is funny, IE is not.)



*hugs firefox*

I am agree with Marc advice:
Stop using IE!
Nobody guarantees that the many many holes are going to be solved, and nobody can solve them apart from Microsoft.
Moreover you are paying for this type of “software” with this “quality”.

Still amazes me the majority of users out there are using that piece of crap. I guess that's the entire reason MS went through that battle with the DOJ, and lost, sorta, and yet, *still* got to bundle a browser and convince people it was the best way to browse the net.

I can understand the casual computer users getting caught in this, but I still get into arguments with people in some forums that constantly defend IE, think it's somehow “easier” than FF, and that most sites out there require it. *sigh*

Cheers,

J.C.

It's indeed amazing,

What really amazes me is webdesigners and web programmers defending it, i'd expect people designing/developing with IE in mind would really change their minds that exact moment, but surprisingly as it may seem that's not the case, many ppl out there still defend IE even if working on the web design/programming field.

cheers

To be honest, it's very seldom I find a site that requires IE these days. Firefox is on the rise and many sites are becoming web standards compliant.
I also do (some) webdevelopment and all the webdesigners I know are actually recommending standards-compliant browsers. Myself included, of course.

Dragos

people use IE because it's there, and it's easy…
I have to admit that I do so little web browsing at home that I often forget to use anything else…which I guess is fortunate because I was probably the first person to realise that od had been infected…and was still slightly infected even a few days ago…
now I check with IE every night just in case….
the stupid thing about the crap that infected the server was that it didn't even do much…no porn popups or anything…if you're going to to infect my machine with a virus at least give me a little porn while you're at it… :roll:

Actually the IE problem is getting worse. Just how some software vendors are bundling mozilla/firefox browsers with their applications, more and more video games that have in-game browsers rely not on Mozilla but on IE. *cough* Valve *cough*

Actually(I love extending these threads ), there's a good reason for that - if a developer wants to draw an html window within an app they distribute(which is becoming quite common), they have only two options - either do what SESI does and distribute an entire browser engine, or (on windows of course)call dcom. It's fine to call up an html in the standard browser(which could be IE, FF, Opera), but to have it in a custom window, you only have the option to call the system level browser, which in windows is IE, or have your own engine. The only solution I know of is for the Mozilla guys to get a great API out there which would reliably override IE, be stable, secure and full-featured - no easy task.

It's another way that unsafe IE can creep into the equation very easily - and it's hard to blame the developers. Valve would likely have howls of protest if they forced gamers to download a mozilla distribution.

Cheers,

J.C.

Hello,


when opening the Odforce page today , I got a Trojan Virus (Norton shutts off automatically…)



thanks

Bernard
Hello,
when opening the Odforce page today , I got a Trojan Virus (Norton shutts off automatically…)

All is good now, thanks for the heads up. Hopefully by later this week we can be rid of this vulnerability for once and for all.

Thanks Jason, that would be great!



bern