Worse and worse and worse...

[Longboard]

This just never ends!
See some of the scan reports from the combined scanning.
http://www.bluetack.co.uk/forums/ind...howtopic=15097

Also, there is no way I could understand any of those pop-ups from PG or SSM or other utilities

Shame that more than one AV cant be run at once.
Reminder to use the on line scans and have layers like you are fighting off the winter.

The world wide spiderweb

[pykko]

Hope somebody from ESET will take a look at these. Anyway NOD32 seems to cover them well.

[TOMxEU]

If someone willingly download trojan into PC, AV can not do much to stop it.
Thanks for this interesting page, it is good to test security settings of the PC.

IP: 81.177.15.226 opened properly, but there was only written: Not found / pwn3d!!.
The rest: cgi & htm did not load, jar & php opened like txt, exe & wmf did not download.

When I finished, I scanned PC with Ewido and other software like GMER. Ewido Reported:

Code:

C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\RENB2Q8V\java[1].txt/GetAccess.class -> Downloader.OpenConnection.aj : No action taken.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\RENB2Q8V\java[1].txt/Installer.class -> Downloader.OpenConnection.aj : No action taken.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\XOUIEUP0\xpladv596[1].wmf -> Exploit.MS05-053-WMF : No action taken.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\RENB2Q8V\java[1].txt/NewSecurityClassLoader.class -> Not-A-Virus.Exploit.ByteVerify : No action taken.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\RENB2Q8V\java[1].txt/NewURLClassLoader.class -> Not-A-Virus.Exploit.ByteVerify : No action taken.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\RENB2Q8V\lpokhrbxq[1].htm -> Trojan.ProcKill.DJ : No action taken.

When I wanted to check those files with online scanner, they were already deleted by IE.

[gerardwil]

I went there as well to try with the attached result.

Gerard

[Rasheed187]

Does the site still work or what? I went to the site but the only thing that loads is the .com file, after that nothing happens. And which bug is it exploiting? I mean is this a zero day bug or what? I also get to see "Not found / pwn3d!!".

SSM does alert about the .com executable file, good to know that SSM´s protection really works. And I assume that SSM could also block the driver from loading. Would be proof that it can really save your ass from zero day attacks.