wiegie Posted October 16, 2009 Share Posted October 16, 2009 I'm using XP Pro with IE-8 and everytime I open a new forum page I get a message that says that the website wants to run the add-on "owc10.dll". It then says that if I trust the website and the add-on and I want to allow it to run I can do so. I'm not going to do that. The problem is that I get this same message (along with the annoying notification 'beep' everytime I open up or refresh a page). Link to comment
Trots Posted October 16, 2009 Share Posted October 16, 2009 I'm using XP Pro with IE-8 and everytime I open a new forum page I get a message that says that the website wants to run the add-on "owc10.dll". It then says that if I trust the website and the add-on and I want to allow it to run I can do so. I'm not going to do that. The problem is that I get this same message (along with the annoying notification 'beep' everytime I open up or refresh a page). +1 same exact thing for me Link to comment
CaP'N GRuNGe Posted October 16, 2009 Share Posted October 16, 2009 I'm on XP with Firefox and McAfee at home. No issues that I can tell. At least I hope so. Also no problems at work other than slow loading forum pages from time to time. XP and IE 6 or something. Link to comment
rajncajn Posted October 16, 2009 Share Posted October 16, 2009 (edited) Can you, or anyone else, provide the pdf file name that it's trying to download? Same as Darin, Exploit.pdf-jS.Gen. Here is Bit Defenders page on it. Exploit.PDF-JS.Gen( Exploit:Win32/Pidief.D; Exploit:W32/AdobeReader.QQ ) Spreading: medium Damage: medium Size: variable Discovered: 2008 Nov 23 SYMPTOMS: There are no obvious symptoms until the malware manages to infiltrate the system. This can happen when opening a crafted PDF file and the javascript code inside the file is executed. TECHNICAL DESCRIPTION: This is a generic detection for specially crafted PDF files which exploit different vulnerabilities found in Adobe PDF Reader's Javascript engine in order to execute malicious code on user's computer. The exploitation mainly involves the following two functions: util.printf() - if an attacker sends a string long enough to generate a stack-based buffer overflow he will then be able to execute arbitrary code on user's computer with the same level privileges as the user who opened the PDF file Collab.colectEmailInfo() - a stack-based buffer overflow can be caused by passing a string long enough (at least 44952 characters) as a parameter in the msg field of this function. The Javascript function containing the actual exploit is specified in the OpenAction tag of the PDF file. Usually this function is encoded using zlib. After decompression sometimes the script is still obscured through one or more layers of encoding in order to avoid detection and make analysis more difficult. The javascript code inside the PDF file is used to download and execute other malware on user's computer. Edited October 16, 2009 by rajncajn Link to comment
wiegie Posted October 16, 2009 Share Posted October 16, 2009 I'm using XP Pro with IE-8 and everytime I open a new forum page I get a message that says that the website wants to run the add-on "owc10.dll". It then says that if I trust the website and the add-on and I want to allow it to run I can do so. I'm not going to do that. The problem is that I get this same message (along with the annoying notification 'beep' everytime I open up or refresh a page). for whatever reason, I'm not getting this message here at work (even though I am using the same laptop that I was using yesterday Link to comment
Recommended Posts