Sign in to follow this  
Azazello1313

ok, you guys have a serious problem

Recommended Posts

I'm using XP Pro with IE-8 and everytime I open a new forum page I get a message that says that the website wants to run the add-on "owc10.dll". It then says that if I trust the website and the add-on and I want to allow it to run I can do so.

 

I'm not going to do that.

 

The problem is that I get this same message (along with the annoying notification 'beep' everytime I open up or refresh a page).

Share this post


Link to post
Share on other sites
I'm using XP Pro with IE-8 and everytime I open a new forum page I get a message that says that the website wants to run the add-on "owc10.dll". It then says that if I trust the website and the add-on and I want to allow it to run I can do so.

 

I'm not going to do that.

 

The problem is that I get this same message (along with the annoying notification 'beep' everytime I open up or refresh a page).

+1 same exact thing for me

Share this post


Link to post
Share on other sites

I'm on XP with Firefox and McAfee at home. No issues that I can tell. At least I hope so. :wacko:

 

Also no problems at work other than slow loading forum pages from time to time. XP and IE 6 or something.

Share this post


Link to post
Share on other sites
Can you, or anyone else, provide the pdf file name that it's trying to download?

Same as Darin, Exploit.pdf-jS.Gen.

 

Here is Bit Defenders page on it.

 

Exploit.PDF-JS.Gen

( Exploit:Win32/Pidief.D; Exploit:W32/AdobeReader.QQ )

Spreading: medium

Damage: medium

Size: variable

Discovered: 2008 Nov 23

 

SYMPTOMS:

There are no obvious symptoms until the malware manages to infiltrate the system. This can happen when opening a crafted PDF file and the javascript code inside the file is executed.

 

TECHNICAL DESCRIPTION:

This is a generic detection for specially crafted PDF files which exploit different vulnerabilities found in Adobe PDF Reader's Javascript engine in order to execute malicious code on user's computer. The exploitation mainly involves the following two functions:

util.printf() - if an attacker sends a string long enough to generate a

stack-based buffer overflow he will then be able to

execute arbitrary code on user's computer with the

same level privileges as the user who opened the PDF

file

Collab.colectEmailInfo() - a stack-based buffer overflow can be

caused by passing a string long enough (at least 44952

characters) as a parameter in the msg field of this

function.

 

The Javascript function containing the actual exploit is specified in the OpenAction tag of the PDF file. Usually this function is encoded using zlib. After decompression sometimes the script is still obscured through one or more layers of encoding in order to avoid detection and make analysis more difficult.

The javascript code inside the PDF file is used to download and execute other malware on user's computer.

Edited by rajncajn

Share this post


Link to post
Share on other sites
I'm using XP Pro with IE-8 and everytime I open a new forum page I get a message that says that the website wants to run the add-on "owc10.dll". It then says that if I trust the website and the add-on and I want to allow it to run I can do so.

 

I'm not going to do that.

 

The problem is that I get this same message (along with the annoying notification 'beep' everytime I open up or refresh a page).

for whatever reason, I'm not getting this message here at work (even though I am using the same laptop that I was using yesterday

 

:wacko:

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.