Free Republic
Browse · Search 		Smoky Backroom
Topics · Post Article

To: palmer
I defer to your analysis. The offending mechanism appears to be a hacked abheration of Verizon software.

Mccibrowser.exe function, with the operative file:

msjsetidrtj.dll

10,358 posted on 09/16/2009 5:09:03 AM PDT by Candor7 (The effective weapons against Fascism are ridicule, derision, and truth (Member NRA)
[ Post Reply | Private Reply | To 10357 | View Replies ]

To: Candor7
That DLL is probably a trojan (never heard of it). There are essentially only two ways to get infected: one is to visit a ukranian (or whoever) website that has been specifically designed to infect, usually through a specially crafted media file (WMF or something like that). Simply viewing the site will cause an infection in an unpatched system. The second way to get infected is to click on an executable and run it. There could be an infected exe on any website that allows uploads or if the website administrator accidentally downloads one and places it on the website. But it is very unlikely that the latter type would infect only upon viewing (unless the admin was both unlucky and clueless enough to install an infected file in an spot where it would be automatically downloaded (e.g. from javascript on the web page).

It is also possible that Google will alert on a site if it contains links of the first type (i.e. a link to an maliciously generated web site). It is generally possible for anyone to place such a link on a website, even here, although I have seldom seen anything suspicious here.

10,359 posted on 09/16/2009 5:35:19 AM PDT by palmer (Cooperating with Obama = helping him extend the depression and implement socialism.)
[ Post Reply | Private Reply | To 10358 | View Replies ]

Free Republic
Browse · Search 		Smoky Backroom
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson