August 16th, 2004, 03:20 AM
yeah unfortunatly most people in gov. seem to think if they got it from porn or warez they deserve it. but their are plenty of other sites that lure users with "freebies" like graphics or game related things that do this for a buck as well.
Originally posted here by groovicus
I wish I did Tedob. The people that I help are usually tight lipped when I try to find out where they have been, so I have to guess the usual warez and porno sites.
Next time I run across one, I'll see if I can get a user to match up a time of infection with their browsing history.
I do have an installer for this though if you would like to play with it. It doesn't give alternate data streams though. I'm still trying to get ahold of one of those.
anything special about the D/Ler? i would like to take a look at it. run strings against it. probably have to decode the urls but yes i would like a look at it. every thing else is probably your typical trojan dropper...write to reg, download files register services etc.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
August 11th, 2005, 06:40 PM
Originally posted here by jinxy
And i do not think you answered in a roundabout way.
I do understand the reticents from victims to tell where they got infected though. I have one friend who asked me to have a look at his laptop. He did a complete format and install befor he let me have his box. Doh.
Still he paid me for updating it and giving him some protection.
AAAAAAIGH!!! I found several of both in one of my home computers!! ok, the roommate was playing around and now I've got a computer to fix. None of these are secured in the slightest, and everyone on the lan seems convinced that downloading adaware will save them. heaven forbid they should download a shareware or two and actually pay for the use? ok. sorry, I'm ranting. It looks like I got the one with the about:blank oage, and so I'm going to follow the instructions here. And then I'm going to sector the bejesus out of this guy's hard drive, to make him think. finally, advice on a forum I can use. thanks for helping me through this.
August 11th, 2005, 06:48 PM
i see u are an 'old' newbie.
It seems that the general practice here is to try not to re-open threads at their one-year
Difficult takes a day, Impossible takes a week~Kthln01!