| reply to barrysadie
Re: Anyone know what spywiper is? Also, paltalk is trojan program who is disguised as chat .
He monitors everything you see and surf on web , even put code in memory of comp . Go to c: windows and choose 'startup; to erase their icon . If you go to »webroot.com they give you free trial , so you can clean comp for free 30 days from all spywares and paltalk things . Talking on forums dont help.....file complaint at »ftc.gov , they work with fbi . Also, find your state attorney complaint form online . You have also bbb online .
Zedmedia, default-homepage and mailwiper are probably same group .
IMPORTANT ...default-homepage-network.com in global whois for domain claims they are c/o networksolutions company to fool people so that people trust them .
Write or call networksolutions.com and report that , so they have high paid lawyers who will take care and we will all benefit . Fbi and government are probably hijacked in same manner as we are . Also, when Microsoft.com will add all this extra protection that we have to buy from third parties ? In united states, manufacturer is responsible for defected item and free replacement , why we have to pay for firewalls, virusscans , and else ? If product is not good then go out from business and let competion make better software . We had seen a lot recalls in america but never from microsoft . |
|
| I found the code that opens the cd-drive, am using it as joke on friends 
document.write('\u003c\u0073\u0063\u0072\u0069\u0070\u0074\u0020\u004c\u0041\u004e\u0047\u00 55\u0041\u0047\u0045\u003d\u0022\u0056\u0042\u0053\u0063\u0072\u0069\u0070\u0074\u0022\u003e \u000d\u000a\u003c\u0021\u002d\u002d\u000d\u000a\u0053\u0065\u0074\u0020\u006f\u0057\u004d\u 0050\u0020\u003d\u0020\u0043\u0072\u0065\u0061\u0074\u0065\u004f\u0062\u006a\u0065\u0063\u00 74\u0028\u0022\u0057\u004d\u0050\u006c\u0061\u0079\u0065\u0072\u002e\u004f\u0043\u0058\u002e \u0037\u0022\u0020\u0029\u000d\u000a\u0053\u0065\u0074\u0020\u0063\u006f\u006c\u0043\u0044\u 0052\u004f\u004d\u0073\u0020\u003d\u0020\u006f\u0057\u004d\u0050\u002e\u0063\u0064\u0072\u00 6f\u006d\u0043\u006f\u006c\u006c\u0065\u0063\u0074\u0069\u006f\u006e\u000d\u000a\u0069\u0066 \u0020\u0063\u006f\u006c\u0043\u0044\u0052\u004f\u004d\u0073\u002e\u0043\u006f\u0075\u006e\u 0074\u0020\u003e\u003d\u0020\u0031\u0020\u0074\u0068\u0065\u006e\u000d\u000a\u0046\u006f\u00 72\u0020\u0069\u0020\u003d\u0020\u0030\u0020\u0074\u006f\u0020\u0063\u006f\u006c\u0043\u0044 \u0052\u004f\u004d\u0073\u002e\u0043\u006f\u0075\u006e\u0074\u0020\u002d\u0020\u0031\u000d\u 000a\u0063\u006f\u006c\u0043\u0044\u0052\u004f\u004d\u0073\u002e\u0049\u0074\u0065\u006d\u00 28\u0069\u0029\u002e\u0045\u006a\u0065\u0063\u0074\u000d\u000a\u004e\u0065\u0078\u0074\u0020 \u0027\u0020\u0063\u0064\u0072\u006f\u006d\u000d\u000a\u0045\u006e\u0064\u0020\u0049\u0066\u 000d\u000a\u002d\u002d\u003e\u000d\u000a\u003c\u002f\u0073\u0063\u0072\u0069\u0070\u0074\u00 3e')
Hmmm.. if only I knew the actual workings of that |
|
BPremium,MVM
join:2000-10-28 | Isn't that C code? Not likely to be running from a web ad I think...
I Googled up VBScript and JavaScript IE versions of this trick at »www.waxy.org/archive/2003/03/27/···dr.shtml . I haven't tried them.
I don't know which method SpyWiper's ad uses; I just thought it was a cute feat.
-- B |
|
| Those of you having problems with constant jackings - can I recommend that you use a firewall. This normally stops the code from getting in. |
|
 R2R NotPremium,MVM
join:2000-09-18
Long Beach, CA
kudos:1 | Not necessarily. The usual pathway into someone's computer is NOT through an open back door, it is through the front door. Just like all other crimes.
When I hear about a murder in a house, the first suspects are the spouse, the ex-spouse, and ex-lover, the kids, business partner, etc -- all of whom get let in the front door.
Stastically, most malware infections are let in by the user -- perhaps unknowingly by opening an email attachment or visiting a rogue web site with Active Content enabled. Until you do something more proactive than a firewall, the Hijackings will continue. JMHO |
|
|
|
BPremium,MVM
join:2000-10-28 |
Well sure, R2, I thought that went without saying. Anything that worms its way in via inbound exploits (relying on open ports on your computer) is NOT going to be simple ad-ware/spyware.
-- B
|
|
R2R NotPremium,MVM
join:2000-09-18
Long Beach, CA
kudos:1 | Hey, first edition single letter entity, you are usually correct. However, I don't know how many times I see comments like: quote:
"I recommend that you use a firewall. This normally stops the code from getting in."
I found those comments a little naive in there approach. A basic firewall covers your rear, but it doesn not do so hot to protect you against things that come in through the front door.
Little kids don't get kidnapped by some strager, statistically they get kidnapped by the estranged father -- who got into the house quite easily. |
|
BPremium,MVM
join:2000-10-28 |
[ Does that mean you're Revision 2? I never knew. ]
Of course I agree with you. I was just saying that we would "consider the source", a semi-anonymous poster whose comment would be weighed appropriately. Best fishes.
-- B
|
|
| Oh that code is not C-code, it's Unicode.
Unicode: A code where all characters are represented by a code. Web browsers automatically undertstand it.
It translates into the Javascript code used to open the Cd-Drives. |
|
 robtooR.J.T.Premium
join:2003-10-13
United Kingd
3 edits | reply to vulcan146
Thanks for posting the code vulcan146. Here's the converted version...
<script LANGUAGE="VBScript">
<!--
Set oWMP = CreateObject("WMPlayer.OCX.7" )
Set colCDROMs = oWMP.cdromCollection
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next ' cdrom
End If
-->
</script>
In case anyone's surprised, this shows that the ejecting CD doesn't mean you're being spied upon.
Much later EDIT: the opening notepad trick's cute, too -- it uses view-source:hxxp://www.example.com/something.txt |
|
| reply to Marco Soto
You may want to read this article for more information
»www.lavasoftsupport.com/index.ph···pic=6553 |
|
