Help - Search - Members - Calendar
Full Version: IMPORTANT: Be cautious browsing the web
914World.com > The 914 Forums > 914World Garage
Brando
Jan 27 2006, 10:53 PM
Here's a new one on me, and maybe those of you more experienced (skline) will be more familiar with it.

Lastnight I noticed Norton got a hit on a java applet that was downloaded. I was browsing through car forums, come to realize this was an applet that was downloaded as an embedded advertisement on a website. Okay, restart into safemode, scan, nuke it -- my problem should go away right? Negative.

I'm chillin this eve on WoW and notice an Internet explorer window pop up and dissappear. WTF? Open up task manager and I see some not-so-familiar processes running. DLLHOST.exe? end process tree. Services32.exe -- same. Service.exe - same. winPE.exe ... that's odd? End process tree and OH WOW my PC restarts...

Disconnect LAN cable and boot normally. Do a search for files created/modified within the last day and I find the programs I mentioned above, a service pack of some sort (invalid MS Knowledge Base article reference), winPE, and a sleu of content in my IE.5 cache. I use firefox... wtf indeedly-do.

So I think to myself... what was the last thing I did? Oh yeah, to install SP2 I had to enable help and support, background intelligence, RPC Locator. I go back and turn all of those off (I'm not on a domain, home network).

I just spent a fucking hour nuking every file those programs created (and the programs themselves). This all originated from a trojan that was part of a website advertisement in Java. Scanning the .idx and applet revealed it contained the trojan. It was bundled with some Free Support bar installer which I vicariously vivisected from my hard-drive.

So, disable java in your browser, and if you don't use IE make sure you set it for highest security settings, keep your virus scanner defs updated and watch your rear ports!
rhodyguy
Jan 27 2006, 11:09 PM
the auto update check on my ms spyware program was set for 2am. i hadn't received any update notifications in some time dry.gif . checked about an hour ago. needed the ones from something like 2851 to 287something. oops, reset for update check for 8am. when i'm on line rolleyes.gif .

k
John Kelly
Jan 28 2006, 06:55 AM
"vicariously vivisected" Nice illiteration! Did you feel viciously violated...visibly vilolent?

John www.ghiaspecialties.com
lotus_65
Jan 28 2006, 07:39 AM
trouble-free surfing available here:

peace to all my 914 brothah's and sistah's cool_shades.gif
bd1308
Jan 28 2006, 07:47 AM
av-943.gif

true though.

I love my mac smile.gif

but ironically I have microsoft stock dry.gif

b
lotus_65
Jan 28 2006, 07:55 AM
'nuthin wrong with being a smart investor!
seanery
Jan 28 2006, 08:10 AM
I actually have more issues with my mac than my pc wacko.gif
jasons
Jan 28 2006, 09:01 AM
QUOTE (seanery @ Jan 28 2006, 06:10 AM)
I actually have more issues with my mac than my pc wacko.gif

I installed SUSE 10 and I haven't looked back. Best of all.... Its Free!
KaptKaos
Jan 28 2006, 10:54 PM
Damn NE rogues always causing problems when I am in the MC.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2024 Invision Power Services, Inc.