1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Greetings Guest!!

    In order to combat SPAM on the forums, all users are required to have a minimum of 2 posts before they can submit links in any post or thread.

    Dismiss Notice

Site Unsafe ?

Discussion in 'UHall' started by BIGJON, Jun 15, 2010.

  1. BIGJON

    BIGJON Guest

    Why Do I Still get this from Norton when I come to this site?


    Threat Report
    Total threats found: 24


    Drive-By Downloads (what's this?)
    Threats found: 24
    Here is a sample:

    Threat Name: MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=gameitem&id=2135



    Threat Name: MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=hunters&id=2438



    Threat Name: MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=gameitem&id=2291



    Threat Name: MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=hunters&id=2492



    Threat Name: MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/content/arms-armor/artifacts.php?category=765



    Threat Name: MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=gameitem&id=2340&cat=3117



    Threat Name: MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=gameitem&id=2336&cat=3116



    Threat Name: Direct link to MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=gameitem&id=2335



    Threat Name: Direct link to MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=hunters&id=91



    Threat Name: Direct link to MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/
     
  2. Petra Fyde

    Petra Fyde Peerless Chatterbox
    Stratics Veteran Alumni Stratics Legend

    Joined:
    Jan 5, 2001
    Messages:
    30,889
    Likes Received:
    5,174
  3. Beer_Cayse

    Beer_Cayse Guest

    Because Norton is not as reliable in all cases as they would have you believe. AVG and CA and Trend have not had issues - only Norton and the folks who use it.

    Why not get 1 or 2 additional products ... use all of them and if ... say, 2 out of 3 agree there's an issue - then there is an issue.

    I use 3 AV products and 3 malware products. I do not trust only one to save my hide.
     
  4. Mapper

    Mapper Crazed Zealot
    Stratics Veteran Alumni Stratics Legend

    Joined:
    Oct 24, 2005
    Messages:
    3,528
    Likes Received:
    110
    Affected
    Microsoft Internet Explorer 5.5, 5.5 SP1, 5.5 SP2, 6.0, 6.0 SP1

    Well anyone using IE6 really needs to change asap..
     
  5. Petra Fyde

    Petra Fyde Peerless Chatterbox
    Stratics Veteran Alumni Stratics Legend

    Joined:
    Jan 5, 2001
    Messages:
    30,889
    Likes Received:
    5,174
    Thank you Adam that's most informative.
    For anyone who needs that patch the download is here:
    http://www.microsoft.com/downloads/...48-c538-46f6-b7c8-2fbfd0d237e3&displaylang=en
    As you will see from the link it was released 7/2/2004
     
  6. By the way, for anyone using Windows XP, Microsoft is going to stop testing vulnerabilities and not patching XP starting sometime next month. If you are using an old version of MSIE or Windows XP, you really should upgrade or at least stop complaining about those vulnerabilities because there will be even more.

    Don't blame someone else if the world moves on without you after years of warnings. :)
     
  7. smip

    smip Slightly Crazed
    Premium Stratics Veteran Stratics Legend

    Joined:
    Dec 1, 2001
    Messages:
    1,443
    Likes Received:
    9
    I'm useing IE8.. I also get it on Firefox. I also get the threats on Mcafee. So it's not just those that you listed.

    What else can I do to fix this? Or THEY need to fix it.

    Threat Report
    Total threats found: 24


    Drive-By Downloads (what's this?)
    Threats found: 24
    Here is a sample:

    Threat Name: MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=gameitem&id=2135



    Threat Name: MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=hunters&id=2438



    Threat Name: MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=gameitem&id=2291



    Threat Name: MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=hunters&id=2492



    Threat Name: MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/content/arms-armor/artifacts.php?category=765



    Threat Name: MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=gameitem&id=2340&cat=3117



    Threat Name: MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=gameitem&id=2336&cat=3116



    Threat Name: Direct link to MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=gameitem&id=2335



    Threat Name: Direct link to MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/database/view.php?db_content=hunters&id=91



    Threat Name: Direct link to MSIE ADODB.Stream Object File Installation Weakness
    Location: http://uo.stratics.com/



    [​IMG]

    IE8

    [​IMG]

    Firefox

    And here is what happends when I go to your FIX page:

    [​IMG]

    Any other answers to the unsafe website?
     
  8. Lord Chaos

    Lord Chaos Always Present
    Stratics Veteran

    Joined:
    May 12, 2008
    Messages:
    10,075
    Likes Received:
    0
    A simple solution would be to not use that crappy Norton and switch to any of the numerous excellent alternatives that are free even.

    Heck, even Microsoft Security Essentials is much better than Norton and its free.
     
  9. smip

    smip Slightly Crazed
    Premium Stratics Veteran Stratics Legend

    Joined:
    Dec 1, 2001
    Messages:
    1,443
    Likes Received:
    9
    I have already said that I have used several programs. Not just norton...

    I have been comming to stratics since day one... even when UO had it's own web site I still utlized Stratics .... I would hate to stop comming to it because it has trojens.
     
  10. Aurelius

    Aurelius Babbling Loonie
    Stratics Veteran Stratics Legend

    Joined:
    Feb 26, 2004
    Messages:
    2,756
    Likes Received:
    689
    What, exactly, is your non-Norton security program saying?

    So far your screenshots are all of Norton alerts, and has been said several times what Norton is doing is picking up an issue that browsers have been patched to protect against for many, many years - even if all you have done is the absolute minimum of updating you are incredibly unlikely to have any sort of problem.
     
  11. Aurelius

    Aurelius Babbling Loonie
    Stratics Veteran Stratics Legend

    Joined:
    Feb 26, 2004
    Messages:
    2,756
    Likes Received:
    689
    Just out of interest, several other sites have also had this problem with Norton identifying them as a potential security risk, and when they contacted Norton they were able to get this 'notification' cleared up and Norton confirmed there was no problem - one example being the very heavily used Networked Blogs sits

    http://support.networkedblogs.com/n...security_doesnt_like_the_networked_blogs_site

    I suspect Stratics have already been in touch with Norton (just in case, there's a link for site owners to get Norton to check when their supposed security software flags false problems, Stratics owneers can get to it from

    http://safeweb.norton.com/report/show?url=uo.stratics.com&x=0&y=0

    but Norton will need them to register there as the site owner, I don't think even Norton charge for that though!) and it's being sorted out, but it would only progress as quickly as Norton act, and my past experience of them as both a personal and 'business' customer is not good....
     
  12. Viper09

    Viper09 Grand Poobah
    Stratics Veteran

    Joined:
    May 16, 2008
    Messages:
    6,680
    Likes Received:
    824
    I run AVG and Firefox with AVG safe search on. I am getting absolutely nothing.
     
  13. Wenchkin

    Wenchkin Babbling Loonie
    Stratics Veteran Alumni

    Joined:
    May 16, 2008
    Messages:
    2,779
    Likes Received:
    434
    Patched up Windows with IE 8 shouldn't be vulnerable to something which affects much older versions of IE. If it did affect your software, I would have expected the following list to include IE8. Taken from the Symantic page here:-

    "Affected
    • Microsoft Internet Explorer 5.5, 5.5 SP1, 5.5 SP2, 6.0, 6.0 SP1"
    See above, if it doesn't affect the software on your system, I expect the patch isn't intended for use on your system either.

    Unless by some chance you still have IE6 or earlier on that system (should be feasible to remove it if you do) then I believe you're safe.

    I suspect this warning relates to the previous infection we had as our staff have been doing a lot of work to fix and secure the site. See here - if you still have concerns send George Vanous or Petra a PM.

    Wenchy
     
  14. Evlar

    Evlar Guest

    My two best solutions....

    Don't use Norton. An anti-virus company that feels the need impregnate system checking utilities into other software downloads, without giving you the option to select "No thanks", is nothing better than spyware itself IMO. I don't see any of the other anti-virus companies using unsolicited downloads as ways to "promote" themselves.

    Check the web for user feedback on different anti-virus options. I use the pro version of AVG and have yet to have any issues. Also, get a couple of spyware search programs, such as Spyware S&D, then do periodic checks.

    Don't use crappy Internet Explorer. In fact, use anything but IE... The biggest alarm bells ring when you see update after update on Windows Update, just for security issues with IE.

    I regularly use one or all of the following on my machines:

    · Opera
    · Firefox
    · Google Chrome

    Good Luck :)
     
  15. Petra Fyde

    Petra Fyde Peerless Chatterbox
    Stratics Veteran Alumni Stratics Legend

    Joined:
    Jan 5, 2001
    Messages:
    30,889
    Likes Received:
    5,174
    In very simple words:

    The 'hole' Norton is identifying was patched in 2004

    It will not affect any pc having windows and browser newer than that.

    You can't download the patch for internet explorer 8 because the hole doesn't exist in that version of internet explorer.
    they fixed it in 2004
    and apart from that, we fixed the site too. Norton is behind the times on that as well, but only by a few days, not 6 years.
     
  16. Evlar

    Evlar Guest

    Using big text, is a bit like shouting at the deaf, in the faint hope they'll hear you better ;)
     
  17. Beer_Cayse

    Beer_Cayse Guest

    Oops! <sees chink in Admin armor and hands over a glass of Merlot> It's the best I have right now ... take a few sips and count slowly to 100. Ten isn't enough.
     
  18. Mapper

    Mapper Crazed Zealot
    Stratics Veteran Alumni Stratics Legend

    Joined:
    Oct 24, 2005
    Messages:
    3,528
    Likes Received:
    110
    If people are using IE6, Windows XP and Norton I'm not sure shouting will help. :(
     
  19. Taylor

    Taylor Former Stratics CEO (2011-2014)
    Professional VIP Stratics Veteran Supporter Alumni Campaign Benefactor Alumni

    Joined:
    Oct 21, 2008
    Messages:
    8,023
    Likes Received:
    1,714
    Q.F.Fricken.T.
     
  20. Tanivar

    Tanivar Crazed Zealot
    Stratics Veteran Stratics Legend

    Joined:
    May 28, 2003
    Messages:
    3,594
    Likes Received:
    1,463
    I won't use Windows 7 until it's SP2 comes along. I'm sticking with XP with IE8 until then. They usually have the bulk of the bugs worked out by then. Seems to be the pattern after 95, 98, & XP. If they stop supporting XP before then, oh well. <shrugs> Using Microsoft Windows always has been risky.
     
  21. They announced to not only stop supporting XP, but stop testing vulnerabilities in XP beginning next month. Good luck with it.

    *makes a mental note to check back here in the future when Tanivar complains about getting a virus from Stratics*
     
  22. Wenchkin

    Wenchkin Babbling Loonie
    Stratics Veteran Alumni

    Joined:
    May 16, 2008
    Messages:
    2,779
    Likes Received:
    434
    Tanivar, there's always the dark side... linux. It's not invulnerable, but I've kept an old drive with Win XP "just in case" and popped linux on another partition.

    If you do fancy a nosey at it, I like this distro and it's pretty beginner friendly.

    Wenchy
     
  23. Evlar

    Evlar Guest

    Even more so, if they're using one of these...

    [​IMG]

    :lol:
     
  24. Beer_Cayse

    Beer_Cayse Guest

    I'm with you ... XP/SP3, IE8 (Firefox too!), and any AV except Norton. My MS experience parallels yours ... by SP2 it's stable enough and major kinks ironed out that I can install it on the 3 systems at home.
     
  25. Tanivar

    Tanivar Crazed Zealot
    Stratics Veteran Stratics Legend

    Joined:
    May 28, 2003
    Messages:
    3,594
    Likes Received:
    1,463
    I'm not worried in the least about getting a virus from Stratics, and the defense setup I have has been gotten through once (that I know of :) ) over the years. I'm a Wary Warrior when wandering the Internet.

    That one time was about three years ago when I reconnected to the Internet after a year away and was running the unupdated CD install of Norton due to a mid-year harddrive failure. I got the bright idea to clean out my Favorites List and got a driveby from, *ding*, a virus hoax site. <g> As annoying as it was, it was amusing. :)
     
  26. BIGJON

    BIGJON Guest

    Well so far here is what I did. I downloaded IE8 problem still there, then downloaded 4 year old patch installed it problem still there. So
     
  27. the 4th man

    the 4th man Lore Master
    Stratics Veteran Stratics Legend

    Joined:
    Jul 31, 2005
    Messages:
    1,088
    Likes Received:
    45
    Not quite,
    http://content.usatoday.com/communi...top-security-updates-for-windows-xp-sp2-pcs/1

    According to this site, Windows Xp still using the service pack 2 will not get patches or support. XP users, especially home users who automatically recieve updates are more than likely running SP3.
     
  28. Tanivar

    Tanivar Crazed Zealot
    Stratics Veteran Stratics Legend

    Joined:
    May 28, 2003
    Messages:
    3,594
    Likes Received:
    1,463
    I've considered Linux. I may well switch to it. I had it downloaded last year but never installed it. Just never got around to it and the ancient 15 gig HD I had as a drive D to put it on has given up the ghost.

    This system I'm using was built back in 2002, give or take a year and would just handle Windows 7. I need to retire it to the dinosaur graveyard and build a new desktop computer or get a modern laptop. It seems to be about to that point. :)
     
  29. Alvinho

    Alvinho Great Lakes Forever!
    Stratics Veteran

    Joined:
    Sep 7, 2003
    Messages:
    14,075
    Likes Received:
    2
    It is just really coincidental that stratics was sold or transferred to this new team and all of a sudden there are problems major security problems
     
  30. Tanivar

    Tanivar Crazed Zealot
    Stratics Veteran Stratics Legend

    Joined:
    May 28, 2003
    Messages:
    3,594
    Likes Received:
    1,463
  31. Alvinho

    Alvinho Great Lakes Forever!
    Stratics Veteran

    Joined:
    Sep 7, 2003
    Messages:
    14,075
    Likes Received:
    2
    gotta love the new advertisement now on this site.


    [​IMG]
     
  32. Taylor

    Taylor Former Stratics CEO (2011-2014)
    Professional VIP Stratics Veteran Supporter Alumni Campaign Benefactor Alumni

    Joined:
    Oct 21, 2008
    Messages:
    8,023
    Likes Received:
    1,714
    So use Chrome. It's faster, less resource-intensive, and more secure than IE. http://www.google.com/chrome.
     
  33. Tanivar

    Tanivar Crazed Zealot
    Stratics Veteran Stratics Legend

    Joined:
    May 28, 2003
    Messages:
    3,594
    Likes Received:
    1,463
    IE8 isn't on the list of vulnerable browsers. You should be o.k.

    Norton apparently still reports it even though the browser isn't one listed. There may be a way to change browser settings in IE8 to restore that vulnerability so Norton still shows the warning. Norton does tend to be overly thorough about security. :thumbup1:
     
  34. ingsmsico

    ingsmsico Visitor

    Joined:
    Oct 17, 2009
    Messages:
    484
    Likes Received:
    0
    ridiculous...

    why don't you do your job and find out?
     
  35. Taylor

    Taylor Former Stratics CEO (2011-2014)
    Professional VIP Stratics Veteran Supporter Alumni Campaign Benefactor Alumni

    Joined:
    Oct 21, 2008
    Messages:
    8,023
    Likes Received:
    1,714
    That's not her job. That's TGN's job. Need me to explain the difference between the UOStratics Managing Editor and the TGN/Stratics Administrator?

    If you want to complain, leave Petra alone and contact George - as has been noted again and again throughout these threads. He and Gamer Guru are the only folks who can do anything about it.
     
  36. ingsmsico

    ingsmsico Visitor

    Joined:
    Oct 17, 2009
    Messages:
    484
    Likes Received:
    0
    this crappy advice. IE is targeted because it is the most popular. there are a myriad of bugs with firefox or any web browser.
     
  37. ingsmsico

    ingsmsico Visitor

    Joined:
    Oct 17, 2009
    Messages:
    484
    Likes Received:
    0
    she is the one giving her opinion on the subject. as far as I'm concerned she is the face of Stratics in this thread and all she has said is that she doesn't know what is going on. maybe she should not be replying to these threads with her lack of experience in these matters?
     
  38. Taylor

    Taylor Former Stratics CEO (2011-2014)
    Professional VIP Stratics Veteran Supporter Alumni Campaign Benefactor Alumni

    Joined:
    Oct 21, 2008
    Messages:
    8,023
    Likes Received:
    1,714
    Do you know what's going on? If not, maybe you should not be replying to this thread.
     
  39. RawHeadRex

    RawHeadRex Slightly Crazed
    Stratics Veteran

    Joined:
    Jan 6, 2010
    Messages:
    1,324
    Likes Received:
    12
    not this stubborn bs again... dl and use fox and import nothing during install. done.
    the only reason I can think of someone NOT updating IE is they have bogus software and can't update.
    even if that's the case, download fox or opera or chrome and put a cork in it.
     
  40. watchertoo

    watchertoo Sage
    Stratics Veteran Alumni

    Joined:
    Aug 5, 2006
    Messages:
    693
    Likes Received:
    19
    I just got home from work and taking a couple minutes to catch up. I think we would all agree that seeing something like the Threat Report from Norton can be "scary" but you have to take it for what it is. It is the warning of potential problems, not that there is a current problem, but that the app detected a vulnerability. In this case, it is components in IE that, before security patches closed the holes, were potential avenues for attack.

    There are no absolutes in internet/computer protection. If you access the internet, at some time, you will run into an issue with virus/malware/trojan/"bugs". It is essential to do a few things to protect yourself, most have been mentioned already.

    1. Update, update, update. Keep your OS and your browser patched to current. I don't like that Microsoft has 15 security patches every two days anymore than the rest of you but you need to keep up with them.
    2. Virus protection. There are a lot of good ones. I will NEVER EVER use Norton again. If you have ever had an uninstall of Norton go wrong you will come away convinced it is a tool of the devil and the worst malware you have ever met... *grins*. Personal opinion. Run malware protection as well... maybe even a trojan detector. HijackThis can give you a readout of settings changed by malware.
    3. Do not run your "everyday" profile as system administrator. For day to day activities run as a lesser rights user. You can always run an app, etc., using "run as" if you find that you don't have enough privileges.
    4. Know what should be running on your system. Notice a change, check your running processes. One you don't recognize, google it.
    5. If you do get bit by a bug, run in safe mode to remove it. Many times a process associated to the bug and running in normal mode will prevent your malware/virus software from removing it.
    6. Turn off system restore before cleaning your system. Dump restore points, clean your system, turn on Restore and make a new restore point. If you get a bug and the system sets a restore point, the bug is lurking in there as well.

    That said, I have to tell you all I intentionally went looking to get "caught" by anything that could have possibly been on the site. I ran my computer in full admin, with a virus scanner and with no virus scanner, went to every possible link, site that was under any scrutiny and nothing happened. I chased obscure links in source code, I edited and ran java scripts from the source code. Nada.

    When I reloaded a virus scanner I loaded Kaspersky. It is so "fussy" that is goes ballistic over UOAssist and asks if I want to delete it everytime I try to play...*grins*. It has flagged no problems on the site. It is running on an XP64 machine with FireFox, IE8, Chrome and I have detected nothing. My second machine is running Windows 7 with AVG, IE 8 and Chrome and has found/flagged nothing. My systems are fully patched/updated.

    And if it matters, I work for a school district as a Data Tech/Desktop Support with full administrative rights to all servers and systems in the district. One of my jobs is to chase down and squash "bugs" and yes, we do get them ... when some unthinking but wonderful teacher decides that "click here" really means "click here"... ;) ... the systems do not become fully infected because group policies prevents the "bug" from running... until one of us unsuspecting admin types logs in with elevated privileges to install/fix something....*sigh*... then the fun begins ;)
     
  41. kelmo

    kelmo Old and in the way
    Professional Stratics Veteran Alumni Dread Lord

    Joined:
    May 12, 2008
    Messages:
    17,379
    Likes Received:
    4,698
    *walks into the thread with a big stick*

    I will talk quietly now. Petra has little more to with the "security" of this site than any of us. She is concerned with managing content. She is concerned with making UOStratics the best it can be.

    This last year has been incredible for UOStratics. Petra has bonded with a bunch of old staff, and discovered many new folks to volunteer their skills and talents.

    Security is a huge concern of ours. All staff members.

    It seems safe to everyone except folks that use archaic protection.
     
  42. kelmo

    kelmo Old and in the way
    Professional Stratics Veteran Alumni Dread Lord

    Joined:
    May 12, 2008
    Messages:
    17,379
    Likes Received:
    4,698
    Everything I have thrown at Stratics says it is safe. I refuse to use Norton any more due to a major crash that disabled my system during a Norton down load. I had to wipe my HD.
     
  43. ingsmsico

    ingsmsico Visitor

    Joined:
    Oct 17, 2009
    Messages:
    484
    Likes Received:
    0
    this doesn't mean much coming from you considering you work/volunteer for stratics and Norton is the one flagging your site as infected.

    it's unfortunate because you have given other good tips, but a statement like this makes people not trust you.

    not really, see above post. you surely know that no one seems to care that Steven Chu and Barack Obama are Nobel Laureates when criticizing them about the response to the oil gusher.
     
  44. ingsmsico

    ingsmsico Visitor

    Joined:
    Oct 17, 2009
    Messages:
    484
    Likes Received:
    0
    again, Kelmo, Norton is flagging your site as infected. therefore your trash talk of Norton really holds no weight.
     
  45. kelmo

    kelmo Old and in the way
    Professional Stratics Veteran Alumni Dread Lord

    Joined:
    May 12, 2008
    Messages:
    17,379
    Likes Received:
    4,698
    Stay on topic.
     
  46. ingsmsico

    ingsmsico Visitor

    Joined:
    Oct 17, 2009
    Messages:
    484
    Likes Received:
    0
    lol... why not just ban me? you know you want to and there's nothing stopping you from doing it.
     
  47. kelmo

    kelmo Old and in the way
    Professional Stratics Veteran Alumni Dread Lord

    Joined:
    May 12, 2008
    Messages:
    17,379
    Likes Received:
    4,698
    Do you use Norton?
     
  48. RawHeadRex

    RawHeadRex Slightly Crazed
    Stratics Veteran

    Joined:
    Jan 6, 2010
    Messages:
    1,324
    Likes Received:
    12
    it does hold weight actually. think about this for one second ...



    norton is the ONLY antivirus product that has it's OWN removal tool for problematic installs and uninstalls.
     
  49. ingsmsico

    ingsmsico Visitor

    Joined:
    Oct 17, 2009
    Messages:
    484
    Likes Received:
    0
    this is not about me, it is about Stratics. and whether you like it or not you and everyone else that posts here with your "special titles" and "special icons" represent Stratics. Norton is flagging your site as infected and your only response has been to bad mouth Norton.

    again, your opinion holds no weight as you are an involved party.

    not to mention, this is not the first time this has happened, in the past few weeks I believe this has happened at least 3 times. what is your response to that?