Jump to content
[[Template core/front/custom/_customHeader is throwing an error. This theme may be out of date. Run the support tool in the AdminCP to restore the default theme.]]

ok, you guys have a serious problem


Azazello1313

Recommended Posts

I'm using XP Pro with IE-8 and everytime I open a new forum page I get a message that says that the website wants to run the add-on "owc10.dll". It then says that if I trust the website and the add-on and I want to allow it to run I can do so.

 

I'm not going to do that.

 

The problem is that I get this same message (along with the annoying notification 'beep' everytime I open up or refresh a page).

Link to comment
I'm using XP Pro with IE-8 and everytime I open a new forum page I get a message that says that the website wants to run the add-on "owc10.dll". It then says that if I trust the website and the add-on and I want to allow it to run I can do so.

 

I'm not going to do that.

 

The problem is that I get this same message (along with the annoying notification 'beep' everytime I open up or refresh a page).

+1 same exact thing for me

Link to comment
Can you, or anyone else, provide the pdf file name that it's trying to download?

Same as Darin, Exploit.pdf-jS.Gen.

 

Here is Bit Defenders page on it.

 

Exploit.PDF-JS.Gen

( Exploit:Win32/Pidief.D; Exploit:W32/AdobeReader.QQ )

Spreading: medium

Damage: medium

Size: variable

Discovered: 2008 Nov 23

 

SYMPTOMS:

There are no obvious symptoms until the malware manages to infiltrate the system. This can happen when opening a crafted PDF file and the javascript code inside the file is executed.

 

TECHNICAL DESCRIPTION:

This is a generic detection for specially crafted PDF files which exploit different vulnerabilities found in Adobe PDF Reader's Javascript engine in order to execute malicious code on user's computer. The exploitation mainly involves the following two functions:

util.printf() - if an attacker sends a string long enough to generate a

stack-based buffer overflow he will then be able to

execute arbitrary code on user's computer with the

same level privileges as the user who opened the PDF

file

Collab.colectEmailInfo() - a stack-based buffer overflow can be

caused by passing a string long enough (at least 44952

characters) as a parameter in the msg field of this

function.

 

The Javascript function containing the actual exploit is specified in the OpenAction tag of the PDF file. Usually this function is encoded using zlib. After decompression sometimes the script is still obscured through one or more layers of encoding in order to avoid detection and make analysis more difficult.

The javascript code inside the PDF file is used to download and execute other malware on user's computer.

Edited by rajncajn
Link to comment
I'm using XP Pro with IE-8 and everytime I open a new forum page I get a message that says that the website wants to run the add-on "owc10.dll". It then says that if I trust the website and the add-on and I want to allow it to run I can do so.

 

I'm not going to do that.

 

The problem is that I get this same message (along with the annoying notification 'beep' everytime I open up or refresh a page).

for whatever reason, I'm not getting this message here at work (even though I am using the same laptop that I was using yesterday

 

:wacko:

Link to comment
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information