Korean Job Discussion Forums

[bassexpander]

Anyone caught this recently? Microsoft Security Essentials flagged and deleted it today on a full scan. Can't seem to find anything on their site or online that tells me exactly what it is.

MS says this:

[Bloopity Bloop]

What kinds of websites do you even visit to contract viruses like this? My computers have always been virus free (and all I do is download stuff).

[eamo]

[bassexpander]

One word: hanmail

Also, testing antivirus programs has become a hobby of sorts. Been spending a lot of time at antivirus test site forums.

[Italy37612]

I just light my computer on fire. Burn the virus out of it

[Hindsight]

Shoot, when I moved in to my current place and got hooked up with that wonderful KT DSL with its mahhvelous 200kps connection, I got warnings of virus attacks every few minutes, until I finally blocked the messages. And I wasn't even logged in to anything, didn't even have a browser open.

I haven't gotten infected recently, but I've gotten warnings. And when I've been infected in the past, sometimes I've had to reinstall Windows. I remember one time when every time I hit a key, it was like a bullet hole appeared in the screen.

By the time you get infected, it's too late. Bassexpander is be commended for warning everyone. It sounds like it something in or transmitted through Java? So you need to keep your java up to date. And you think your school does????? Heck, I get Java messages all the time, and when I ask my co-teacher, all I get is a shrug. Since the computer is in Korean, I don't know what's going on.

You've got to have virus protection in Korea. And if you even use a USB key at work and then at home you are at risk. A lot of school computers are infected, partly because the public schools do not have DP people maintaining the computers, partly because most of the teachers are clueless, partly because updates aren't even turned on for many computers, and partly because Korean sites are often invasive. Oh, and because the kiddies sometimes get on to the computers and play games on sites that just love to do bad things to the computer. Don't let students touch your computer.

Not every antivirus program catches every threat. So you could have something lurking on your home or work computer and not even know it.

It's not just hanmail. I got an e-mail from a friend that looked suspicious. I didn't open it or respond to it because it looked like something had gotten ahold of his email list. He is not Korean, but is a foreigner, so he might have gotten infected through someone from his country.

Here's another way you can get suspicious e-mail. I got an e-mail recently that looked like a job offer. The person said they saw my resume on the internet. Sound familiar? A)There's sites that don't keep your personal info private. And B) There's sites that look like a recruiter, but aren't on the up and up, particularly offering jobs in China. Be careful!

As to the what kind of sites do you go to questions, I don't think it's the one's most people think of. I was looking at a site that offered a free download of some software, just give them your e-mail address. Looked a bit odd. The ringtone sites show up a lot on google warnings. Maybe avators, too? Seems to be the something for nothing syndrome.

Obviously, most sites are safe. But my point is the innocuous site you don't know could also be a problem. So everyone needs to be careful.

[bassexpander]

I've got into the habit of installing free antivirus protection for people or computers I encounter that don't have it. My current favorite choice is Microsoft Security Essentials. A lot of Korean computers aren't updated to service pack 3 (or even 2) so it sometimes needs additional files loaded to run. Avast can also be downloaded (in Korean, which is kind of better) but Avast is only good for a year before re-registration. At least the new Avast has a very easy registration policy. You now click a button within the program to register, rather than messing with E-mail codes.

[Hindsight]

I'm getting virus attack warning messages from Avast every few minutes again. It is a "DCOM exploit attack," and it lists the ip address of the source. I was getting them when I first moved in here and got this pathetically slow KT dsl connection.

Here's what one website says about the DCOM exploit attack: