Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

greg-search.com and dedmazai CWS Public Enemy #1

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Spyware/Adware in the News
View previous topic :: View next topic  
Author Message
webhelper
SWW Expert


Joined: 11 Apr 2004
Last Visit: 16 Jul 2011
Posts: 1090

PostPosted: Sun Jul 11, 2004 8:05 pm    Post subject: greg-search.com and dedmazai CWS Public Enemy #1 Reply with quote

greg-search.com and dedmazai CWS Public Enemy #1

Ok, hit the jackpot and have their scripts on how they overwrite the wmplayer and notepad thru their exploits.

http://www.webhelper4u.com/CWS/greg-search/index.html

These guys are going to take a week or to just to go thru all the sites they have their exploit links at. There exploit will overwrite both the wmplayer and the notepad.exe. And it is by dropping an executable file that has been renamed with a jpg extension to bypass most security. Script even searches with code that covers most wmplayer locations making it International in nature.
_________________
Wächter der Geschichten:
http://www.webhelper4u.com/thewatcher.html
Member of ASAP Since 2004
Back to top
View user's profile Send private message Visit poster's website
wawadave
Warrior Obsessed


Joined: 25 Jan 2004
Last Visit: 24 Jul 2009
Posts: 3448
Location: Illegitimus non carborundum

PostPosted: Sun Jul 11, 2004 9:47 pm    Post subject: Reply with quote

looks like you realy found some thing this time web helper!!!!
thx for the warning!!!!
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd
Back to top
View user's profile Send private message Send e-mail Visit poster's website
webhelper
SWW Expert


Joined: 11 Apr 2004
Last Visit: 16 Jul 2011
Posts: 1090

PostPosted: Mon Jul 12, 2004 7:50 pm    Post subject: Reply with quote

Getting bigger:

http://www.webhelper4u.com/CWS/greg-search/index.html
_________________
Wächter der Geschichten:
http://www.webhelper4u.com/thewatcher.html
Member of ASAP Since 2004
Back to top
View user's profile Send private message Visit poster's website
Moore
Moderator


Joined: 31 May 2004
Last Visit: 22 Jul 2013
Posts: 758
Location: °°.MooreLand.°°

PostPosted: Mon Jul 12, 2004 9:45 pm    Post subject: Reply with quote

Dont know what else to say , besides damn your GOOD. Very Happy
_________________
| Stop Malvertising | Outpost | Blocklist Pro | Hosts |
Back to top
View user's profile Send private message Visit poster's website
wawadave
Warrior Obsessed


Joined: 25 Jan 2004
Last Visit: 24 Jul 2009
Posts: 3448
Location: Illegitimus non carborundum

PostPosted: Mon Jul 12, 2004 10:06 pm    Post subject: Reply with quote

thank you again Webhelper!!!!
i blocked them at the fire wall.
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Doug Taylor
Warrior


Joined: 04 Jun 2004
Last Visit: 27 Nov 2010
Posts: 127
Location: Sonoma County California

PostPosted: Mon Jul 12, 2004 10:30 pm    Post subject: Reply with quote

Hi webhelper,

THANK YOU! I have a question! Could the exploit that affects notepad prevent a HijackThis log from (I gotta get rid of this keyboard!) displaying? I ask because I’ve been helping bounce over at CC with a win.ini problem. Got that cleared up and asked her to post a HijackThis log to the forum, she can save it, but it will not show on her PC. Right after she saves the log it would flash on the screen and disappear. I had her email me her log to see if I could open it, I could. So, I pasted into a reply back to her and she has posted it to CC. It has NDrv.dll in it. Could greg-search cause the failure to display. I will add that after we got her win.ini file she was able to install Panda and scan her system for viruses (she couldn’t do before) and found 6. I have been under the impression that one of the viruses damaged her notepad. Perhaps I am wrong to think this.

With our Lord’s blessings,

Doug
Back to top
View user's profile Send private message
webhelper
SWW Expert


Joined: 11 Apr 2004
Last Visit: 16 Jul 2011
Posts: 1090

PostPosted: Tue Jul 13, 2004 6:12 am    Post subject: Reply with quote

Doug Taylor wrote:
Hi webhelper,

THANK YOU! I have a question! Could the exploit that affects notepad prevent a HijackThis log from (I gotta get rid of this keyboard!) displaying? I ask because I’ve been helping bounce over at CC with a win.ini problem. Got that cleared up and asked her to post a HijackThis log to the forum, she can save it, but it will not show on her PC. Right after she saves the log it would flash on the screen and disappear. I had her email me her log to see if I could open it, I could. So, I pasted into a reply back to her and she has posted it to CC. It has NDrv.dll in it. Could greg-search cause the failure to display. I will add that after we got her win.ini file she was able to install Panda and scan her system for viruses (she couldn’t do before) and found 6. I have been under the impression that one of the viruses damaged her notepad. Perhaps I am wrong to think this.

With our Lord’s blessings,

Doug


ANSWER IS : YES
_________________
Wächter der Geschichten:
http://www.webhelper4u.com/thewatcher.html
Member of ASAP Since 2004
Back to top
View user's profile Send private message Visit poster's website
wawadave
Warrior Obsessed


Joined: 25 Jan 2004
Last Visit: 24 Jul 2009
Posts: 3448
Location: Illegitimus non carborundum

PostPosted: Tue Jul 13, 2004 8:44 am    Post subject: Reply with quote

this make perfect sence why they would attack notepad to stop hijackthis form being able to work. these scumware perverts are peveeimg me to no end. Evil or Very Mad
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Spyware/Adware in the News All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group