Strony

czwartek, 25 sierpnia 2005

What You Should Know About Download.Ject

What You Should Know About Download.Ject: "When this Trojan horse runs on the user's computer, it may perform several actions, including monitoring Internet access to capture sensitive information such as logon names and passwords, or opening fake dialog boxes that prompt the user to enter confidential information such as credit card numbers, personal identification numbers, or other sensitive information."

4 komentarze:

  1. http://vil.nai.com/vil/content/v_101033.htm

    Minimum DAT: 4326 (02/18/2004)
    http://vil.mcafeesecurity.com/vil/datreadme.asp?seldatfiles=4326

    Updated DAT: 4558 (08/15/2005)
    http://vil.mcafeesecurity.com/vil/datreadme.asp?seldatfiles=4558

    Minimum Engine: 4.2.40
    http://www.networkassociates.com/us/downloads/updates/default.asp

    http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm

    http://support.microsoft.com/?kbid=871277

    %SystemRoot%\System32\inetsrv\iis.msc
    You may be infected with Download.Ject if the Enable document footer check box is selected and the path to the document footer file points to a file that has a name that is similar to %Systemroot%\Winnt\System32\Inetsrv\Iis<3 random digits>.dll.
    http://support.microsoft.com/?kbid=871277#XSLTH3120121122120121120120

    For information about how to recover from this compromise, visit the following Web sites:
    http://www.cert.org/tech_tips/win-UNIX-system_compromise.html (http://www.cert.org/tech_tips/win-UNIX-system_compromise.html)

    http://www.microsoft.com/technet/security/prodtech/iis.mspx (http://www.microsoft.com/technet/security/prodtech/iis.mspx)

    http://www.microsoft.com/technet/security/secnews/articles/gothacked.mspx

    OdpowiedzUsuń
  2. Trojan Characteristics:
    Downloaders are designed to pull files from a remote website and execute the files that have been downloaded.

    The JavaScript detected as JS/Downloader-AED is responsible for downloading various other JavaScripts that exploits past released Microsoft's vulnerabilities.

    The downloaded scripts are observed to use the following exploits to install various Backdoors and Trojans on the compromised machine.

    Exploit-MhtRedir.gen
    Exploit-Anifile
    Various buffer overflow vulnerabilities (such as those that are known to exist in Microsoft Internet Explorer).
    The Script contacts www.findgal.net in order to downloads these scripts.
    JS/Downloader-AED

    OdpowiedzUsuń
  3. Gazeta.pl : Forum : Technologie i media - opinie: > A po jaką cholerę ktoś z poza Polski mialby wchodzić na polskie strony?
    > Wyobrażam se n.p. Amerykanina, który chciałby o Cimoszewiczu i Kaczyńskich poczytać.... :)))))
    ===================
    Polskie strony sa dla wszystkich nie tylko dla tubylcöw.

    OdpowiedzUsuń

Komentować mogą jedynie użytkownicy z podwyższonym stopniem anonimowości. Anonimy niskiego stopnia nadal odbieram na priva, ale ich nie publikuję ze względu na hasbarę schetyniątek.
Można tu użyć niektórych znaczników HTML, takich jak <b>, <i>
"Przepis" na aktywny link w komentarzu (dla niezorientowanych):
<a href="tu wstawiamy hiperłącze w postaci http://poprawczak.blogspot.com/2013/04/anonimowe-komentowanie.html">tu wstawiamy tytuł linkowanego utworu lub frazę</a> → tutaj więcej szczegółów