kpatzMY HEAD A SPLODEPremium
|reply to moonpuppy |
Re: foxnews.com infected?
I was playing around in the VM, emailing a friend of mine, and noting the crazy "warnings" that my cool new anti-virus has been warning me of.
Here's a couple:
quote:So, they detect malware that won't be discovered for another 3+ months.
Internet Explorers addon Shockwave Flash vs.3 found to be linking to the FormSpy website hosted at IP address 220.127.116.11 and installing FOrmSpy using an old VBS/Psyme exploit targeting Internet Explorer. These websites are believed to have been penetrated and modified by hackers. VBS/Psyme can be deleted proactively in Internet Explorer (IE). This is a detection for a malware that was discovered in the wild on July 24, 2009 (PST). Its installer was proactively detected as New Malware.ag (now Downloader-AXM). This addon tries to send your private information to attackers IP 18.104.22.168 (Malaysia)
quote:I'll leave the VM running overnight and then see if it's harder to remove tomorrow.
"Windows Meta File Vulnerability - Vulnerability"
"The vulnerability itself is regarded as extremely critical (the highest possible rating). As yet, there is no patch for this vulnerability. Exploit this vulnerability are Trojan-Downloaders, which install other Trojan programs on the victim machine. At the moment, Trojan programs are being downloaded from unionseek.com and iframeurl.biz. New modifications of these programs may appear".
To ISPs: Leave our ports alone! If I want ports blocked, I'll do it myself, thank you.