mysecPremium
join:2005-11-29
kudos:4 | reply to chris_j11
Re: virus/spyware: divxturka.net said by chris_j11:initially i remember Java 6 gui floating on top of the site and all the sudden - virus/spyware how did i get it
If you didn't click to install something, then it installed by remote code execution (drive-by download).
and how to prevent it
Most of these exploits install an executable file. so to have execution prevention of some type will block the download of the payload:
i still want to use the website
Not too advisable without protection better than what you have now.
----
rich |
|
| Looks like several different exploits all java based. I got two different ones than Rich got.
XP SP2, Firefox 3.6.8 with scripts allowed I got notes1.pdf, 7/41 hits at virus total »www.virustotal.com/analisis/04f3···80534403 When I ran the file it slowed the machine to a crawl but nothing else executed.
With IE 6 wide open I get example{1}.htm. When I ran the file the VM locked up so I don't know what either file does. Both files came from penarea.ru. I was unsuccessful in capturing the file but Antivir thinks it's HTML/ExpKit.Gen2. It's possible they are VM aware, I did not try hiding the VM processes and drivers to see if they would run.
Looks like you can get a lot more than movies at divxturka. |
|
