infected by web site script?
Results 1 to 7 of 7

Thread: infected by web site script?

  1. #1
    Junior Member
    Join Date
    Jan 2002
    Posts
    2

    Unhappy infected by web site script?

    I was browsing through some web sites when my Norton AntiVirus popped up a warning. It was one of those sites mentioned in the links section on Antionline.com. I don't remember the warning exactly but I told Norton Antivirus to block the script.
    Anyway in the logs it shows as follows:

    'Date: 4/22/02, Time: 16:14:48, administrator on 'mymachine'
    Script Blocking detected suspicious activity.
    File: EXPLORER.EXE Object: FileSystem Object Activity: GetSpecialFolder
    This script was stopped.'

    But when I refused it, the entire desktop disappeared showing only the desktop background, all the icons disappeared and all my programs shut. I had to reboot my pc to access anything.

    Does this mean I've been infected or is this that what the pc needs to do after denying the script any access?
    I have Windows 98 Second edition.

  2. #2
    It kinda sounds a little like JS/Seeker, although I could be way off. Check your Home/Search page settings in your default browser. Seeker isn't malicious, more just a pain in the ass, although it does make a few registry changes...


    I could be of more help if you could provide me with the link you clicked on before getting the alert message....

  3. #3
    Senior Member
    Join Date
    Apr 2002
    Posts
    712
    Not to be a smart-ass, but, you could probably fix it by visiting one of these two sites:

    http://www.opera.com/download/get.pl...win&force=6.01

    http://home.netscape.com/computing/download/


    Seriously though... you might want to check some of your settings in IE and disable most of the active scripting (activex, javascript, etc). Of course, AntiOnline also has some small Javascript dependancies... Grrr...
    \"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"

  4. #4
    Banned
    Join Date
    Apr 2002
    Posts
    156
    it was probably a site with a virus code posted on it. I have done this before. Just scan for viruses and make sure your definitions are up to date.

  5. #5
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    if your going to go browsing sites 'off the beaten path', it would be a good idea to disable jave scripting or at least have it if you want to allow it.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  6. #6
    Junior Member
    Join Date
    Jan 2002
    Posts
    2
    Conf1rm3d_K1ll , it was the armenian crack site.

  7. #7
    Crack sites are renowned for that type of antisocial behaviour. Take the good advice offered by everyone who replied, run a virus scan with an up to date data base.....

    If you do suspect seeker is the culprit follow THIS link and check for registry changes, etc.....


    It's also a good idea to disable java scripting as previously stated by Tedbo1.....


    Good Luck.....

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •