Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Analysis of an Ecard Exploit Page
Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Compilation of Malware/AV Repair Tools for USB Flash Drive »
« Amateur Programming Error Exposes Facebook Code  
redwolfe_98

join:2001-06-11
·RoadRunner Cable

2 edits

Re: Analysis of an Ecard Exploit Page

thanks, magnus.. i have been downloading a lot of those ecard.exe files and then uploading them to "virustotal", sometimes submitting them to av-vendors, as well..

today, i noticed that something was strange with the webpage where i was downloading another one of the ecard files from and i wanted someone to look at it, though i never contacted anyone about it..

i have been kind of paranoid because when i tried to download the ecard file, the first time, i clicked cancel but then it downloaded anyway, where "antivir" then flagged it.. (uhg) i didn't have all of my security-apps up at the time, either..

i wasn't able to find anything that indicated that my computer was infected by the malware.. i booted into safe mode and looked for the "spooldr.exe" and "spool.sys" files..

i also tried going through the same routine again, only with my other security-apps running to see if anything was flagged, but it wasn't..

the ecard files that i downloaded today would infect the cdrom.sys file instead of the tcpip.sys file..

i am glad that misec is at least looking into this zhelatin stuff..

as for checking for the patch, running the "belarc advisor" would be one way to do it, or (for me) to look at the update-history at the "windows updates" website.. belarc seems like the easy way to do it..

i deleted all of the windows updates log files, so i can't check those..

update: i just ran the "belarc advisor" and i can see that i have the update, according to the belarc advisor..
permalink · 2007-08-13 19:03:11 · Print · Reply to this
Forums » Up and Running » Security » SecurityCompilation of Malware/AV Repair Tools for USB Flash Drive »
« Amateur Programming Error Exposes Facebook Code  

Sunday, 06-Dec 04:41:06 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [163] Comcast Releasing Promised Usage Meter
· [147] Avast Antivirus Has Gone Mad
· [128] Comcast Makes NBC Universal Acquisition Official
· [124] The Bandwidth Hog Does Not Exist
· [105] Graduate Student Unveils Sprint's GPS Sharing With Feds
· [101] Google Invades ISP, OpenDNS Turf With Google Public DNS
· [85] FCC Ponders Moving From PSTN To IP Voice
· [82] Latest Consumer Reports Survey Not Kind To AT&T
· [80] New Bill Aims To Limit ETFs
· [75] Sprint Defuses GPS Privacy Media Bomb
Most people now reading
· False positive in Avast! or is it real? [Security]
· Windows 7 boot manager editing questions [Microsoft Help]
· [DNS] Google's public DNS... performance increases? [Comcast HSI]
· [Newsgroups] Newzleech down? [Filesharing Software]
· Wife might have to work in.... Iowa for a few months!!! [General Questions]
· Is there any true cure for, or way to prevent, a hangover? [General Questions]
· Looking for 3.1 DK PvP build. Please help [World of Warcraft]
· [ PVP] 3.2 DK PvP D/W Spec... [World of Warcraft]
· Bandwidth Limits/Congestion Management - All discussion here [Comcast HSI]
· UPS - What do you people think happened? [General Questions]