Re: what would cause this ??


"Ant" <not@xxxxxxxxxx> wrote in message
news:i_ydnZ_rXqu5yIvanZ2dnUVZ8s-qnZ2d@xxxxxxxxxxxxxxxxxxx
"DrZaius" wrote:

Friend clicks on a link to a website:

hxxp://sajpj.eaqcfmc.cn/bupkgwd.html

That looks like the kind of link one sees in spam. A script redirects
to another site which should display the following:

ActiveX Object Error:
Your browser cannot display this image file.

You need to download new version of ActiveX
Object to view this image file.

To download and install ActiveX Object click Continue.

[Continue] [Cancel] [Details...]


Choosing [Continue] will present you with a Windows executable to run
(VideoAccessCodecInstall.exe). Choosing [Cancel] will send you into a
loop of dialogs (preventing the browser window from being closed)
until 'ok' is clicked, which has the same effect as [Continue].

This is the infamous Zlob trojan, installer of adware, bogus security
software and other malware.

What happened next, is supposedly the
printer attached to the PC, proceeded
to print off 94 pages of random words &
gibberish sentences.

The website link above is no longer
in service.

It is still live.

Question is, what kind of "attack" (if
this was one), was this ?

Social engineering.

And, what was the source of the some 94
pages of words ? (since supposedly many
of the words / sentences in the pile of
paper were contents of emails the owner
had on the machine).

Perhaps the data was intended to be sent back to the attacker.

How could just visiting a website cause a
printer to spew out 94 pages of stuff ???

I suppose your friend installed the trojan in the hope of seeing some
pr0n. Who knows what damage it has done to the system.



supposedly, this person thinks someone they met
online, deliberately aimed the attack at one specific
machine (hers).

is there a way to find out who the site belongs to?

i tried the usual methods, but came up short. my
day job is working with aircraft, not computer
security.

all those who responded/will respond thanks.



.

Relevant Pages

  • Re: Problem viewing HTML on CD - Is there a simple "HTML viewer" for this purpose?
    ... The first page would display, and the links would open a browser ... just have a browser and HTML that the content ... could run from my Vista install on a separate partition. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: what would cause this ??
    ... Your browser cannot display this image file. ... To download and install ActiveX Object click Continue. ... gibberish sentences. ...
    (comp.security.misc)
  • Re: text reading browsers and flash pages
    ... Does a text reader use this like an ALT for images? ... any browser unable to render the will simply ... can display, and no-one will be left with "Your browser doesn't ... know full we you can't install the plug-in you need on your computer". ...
    (uk.net.web.authoring)
  • IE does not install ActiveX-Objects
    ... IE has stoppped to install ActiveX Objects. ... an ActiveX-Object (e.g. Microsoft Update) I get the Informationbar telling ... Then nothing happens and the ActiveX object is not installed. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • IE6 Security Certificate Dialog not appearing
    ... I'm running XPSP2 on a LAN domain, I need IE6 to install an Activex Object, ... and it usually displays a security dialog box to accept the certifcate, ...
    (microsoft.public.windows.inetexplorer.ie6.browser)