July 15th, 2002, 04:27 AM
JS/NoClose is a trojan file and its effects did work on me. The ad window was minimized and I had to keep right clicking on it and nothing would happen for like 2 minutes. Then the little Close, Minimize, or Maximize thingy came up. "In HTML form, a browser window is created which is minimized and can not be easily maximized or closed." This is what happened to me because it was in HTML form (it was an ad window). To see more about it click on this URL: http://vil.nai.com/vil/content/v_99279.htm
July 15th, 2002, 02:38 PM
You could have got this trojan from almost anywhere.. Kazza being only one possable..
How well did you read the info on the link you posted?
here is a C&P from ryans link....http://vil.nai.com/vil/content/v_99279.htm
So Ryan you may need to avoid some of the web sites you were visiting around the time of the infection..
In HTA form, an HTML Application is created which is not visible to the user and can not be closed.
In HTML form, a browser window is created which is minimized and can not be easily maximized or closed.
Typically these window "tricks" are seen associated with advertisement and banner ad programs. Especially affiliated with pornographic sites and sites which pay commissions to others for displaying banner ads.
The trojan does not contain any other payload and does not cause any damage to the local system. Files which trigger this detection should be deleted.
Top of Page
Minimized web browser window which can not be easily maximized.
Top of Page
Method Of Infection
played with *nix latley?
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
July 15th, 2002, 02:43 PM
i agree with und3rtak3r u can get a trojan from almost anwhere on the web embbeded in websites hidden in files etc
By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
The 20th century pharoes have the slaves demanding work
July 17th, 2002, 07:04 AM
August 13th, 2002, 06:02 PM
No, it was from KaZaA. Almost everytime I open KaZaA up, I get McAfee popping up telling me that it found the JS/NoClose virus. The file name is always the same. It is KZPOP(1).HTM. Doesn't that look alot like KazaaPopup(1).HTM? The way I can tell is that I right click on the minimized ad and nothing happens. I have to keep clicking for about 2 minutes and then the little "Restore, Maximize, Close" thing comes up (the thing that comes up when you right click a minimized site). No internet exploring programs are running at the time.
Doesn't that also sound alot like KaZaA advertising?
"sites which pay commissions to others for displaying banner ads"
August 13th, 2002, 06:15 PM
For Norton Firewall/Internet Security users...if you enable the ad blocking feature, that should help with the ads, on Kazaa or off Kazaa.
\"When I give food to the poor, they call me a saint. When I ask why the poor have no food, they call me a communist.\" -- Dom Helder Camara
August 13th, 2002, 07:21 PM
well I relly do believe it is not from kazia,I mean hey you probabily downloaded something or someone mailed you the virus,I should know about mail virus cos I wrote some myself.I trust tha kazia software..
August 13th, 2002, 10:26 PM
Alright I don't claim to be an expert on trojans, but I do have some knowledge of the subject. I've used trojans on my own network for research purposes, so I understand the basic structure of them. From what I've seen in every case so far, a trojan is a client and server based structure of two files. Both client and server are executable files. The client is sent to the victim, and the victim believes it to be another program, thus clicking on it. Once clicked on, the Server has the ability to connect to the client, allowing him to take control of the victim's computer. With this being the basic structure of a trojan, I do not believe what you are dealing with is a trojan at all, because a trojan would be used by the attacker to gain access to your computer, and that does not seem to be the case. Like what was said previously, I believe you just ran into some malicious code.
Please correct me if I am wrong about the structure of trojans.
The radiance of ignorace in a world of nothingness and all of this time your pestilence has created nothing but uselessness
August 13th, 2002, 10:56 PM
I quit using any flavor of KaZaA months ago and I block pop-ups at my router. I don't want to see or redistribute ads for anyone else. I pay monthly for a cable connection and I think that's good enough. Why do these people want to aggravate and track users so relentlessly? Free society no longer exists? When I want to buy something I know where to go. I have never bought something because of a frigging pop-up.
August 13th, 2002, 10:56 PM
Yeap kaazalite is far better, no adverts, and kaaza wonder why people get annoyed with all the adverts
Kazaa dosn't wonder, Kazaa dosn't give a ****. Its not like this is unusual for them. **** like this happens all the time. Their making money and thats all they care about.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”