 |
|
|
|
 |
XoxidE
Senior tranceaddict

Registered: Aug 2004
Location: TX TXTA: #79
|
|
|
| quote: | Originally posted by FogJuice
I made it pretty clear (at least I thought) that paypopup.com/clicksor.com and one of it's 3rd party advertisers were the offenders.
I'm curious, what were your findings?
I had it work on 2 computers (well 1 computer and 1 Virtual PC instance) running Windows XP and SP2 the other day. The machines were both updated with all of the current patches from Windows Update, but the patch for the 0-day VML exploit had not yet been released and therefore installed. [1] [2]
I apologize if I did not see that the thread was moved. I thought the first thread was deleted. There was no indication that it was moved (that I could see at least). Some forum software continues to display the topic in it's original place with the word 'moved' next to it for a period of time.
Like I said before, I was only trying to save someone a bit of time over the weekend that I am sure they'd rather spend outdoors, in the club, listening to music, etc -- instead of rebuilding their computer. It's entirely possible that all of the TA vistors use Firefox or a browser other than IE. Or maybe they all use an anti-virus program that detected the page from paypopup.com and stopped the trojan in it's tracks. That would be awesome!
Personally, I avoid sites who use paypopup.com. While they claim that they don't cater to 3rd party advertisers who use trojans and browser exploits to install spyware, adware, keyloggers, and viruses, it does happen quite often and they are aware of it. Google for paypopup.com or clicksor.com and you'll see what I mean.
So my advice... first off ditch IE. It's not that Firefox is inherently more secure (google for 'firefox security'), it's just (for the moment) that writing an exploit for IE has a much better chance of causing an infection (more people use IE than Firefox). To be completely fair though, the ActiveX control host implementation in IE has been the source of numerous exploits and it seems that you more or less move your mouse in IE and it becomes infected.
Second... run an anti-virus program. I use AVG because it's free. The user interface isn't the prettiest or most functional, but it seems to do a decent job detecting viruses and virus signatures are updated daily. I bought my parents the Microsoft Live Care service for 20 bucks a year (installs on 3 computers). It's OK (seems to do the job), but it installs a bunch of programs and services and takes up a fair amount of RAM. I'd recommend AVG over just about any other "suite", because it seems to be the least invasive and has the best detection ratio that I've seen. There are also non-free versions of AVG for corporate use.
Third... either don't visit sites that use paypopup.com/clicksor.com or install the AdBlock plug-in in Firefox [3] or edit your hosts file to redirect access to 127.0.0.1 effectively blocking the ads. [4]
I understand it costs something to run a heavily-trafficked site like TA, but at what expense do you risk alienating your user base?
Here was an interesting review of a couple of advertising sponsors [5]. Note what was said about paypopup.com:
[1] http://weblogs.macromedia.com/jd/ar...vml_exploit.cfm
[2] http://www.f-secure.com/weblog/arch...6.html#00000980
[3] http://adblock.mozdev.org/
[4] http://www.mvps.org/winhelp2002/hosts.htm
[5] http://forums.digitalpoint.com/showthread.php?t=118160 |
so do you like trance? or any form of techno???
___________________


|
|
Sep-30-2006 18:20
|
|
|
 |
 |
FogJuice
tranceaddict in training
Registered: Sep 2006
Location:
|
|
|
After re-reading my post (to make sure that I didn't come off as a dickhead), I came to the realization that you could listen to music and re-install your OS at the same time. You could also do it outside if you had a laptop...
ps. I pretty much like all electronic music: trance, house, ambient, electro, techno, breaks, garage, dnb, happy hardcore, etc. It really depends on what mood I'm in.
|
|
Sep-30-2006 18:26
|
|
|
 |
 |
|
 |
 |
FogJuice
tranceaddict in training
Registered: Sep 2006
Location:
|
|
|
Yeah, I'd recommend using a program of some sort over trying to do it manually.
I can't recommend a single program because it's been a while since I've used one. I used to use CWShredder (free) to clean off friends and families computers, but now it has gotten to the point where once you are infected, you might as well back up your documents, pictures and music files and just re-install.
I tried to do it manually using the sysinternals tools [1] ActiveRuns, Process Explorer & File Monitor, and I came somewhat close, but in the end I gave up and just shut down Virtual PC and deleted the virtual hard drive instance.
Some of those trojans/adware/spyware programs install some pretty crazy shit! Windows Services, Browser Helper Objects, hooks into Windows Explorer, programs set to run at startup, etc.
I can't believe people get paid to write those programs, but they do...
[1] www.sysinternals.com
|
|
Sep-30-2006 18:36
|
|
|
 |
 |
XoxidE
Senior tranceaddict

Registered: Aug 2004
Location: TX TXTA: #79
|
|
|
Sep-30-2006 18:48
|
|
|
 |
All times are GMT. The time now is 15:48.
Forum Rules:
You may not post new threads
You may not post replies
You may not edit your posts
|
HTML code is ON
vB code is ON
[IMG] code is ON
|
|
|
|
|
|
Contact Us - return to tranceaddict
Powered by: Trance Music & vBulletin Forums
Copyright ©2000-2026, Jelsoft Enterprises Ltd.
Privacy Statement / DMCA
|