Author Topic: AVG says it was a PDF exploit  (Read 3197 times)

0 Members and 1 Guest are viewing this topic.

July 09, 2009, 07:22:11 pm
Read 3197 times


  • Newbie

  • Offline
  • *

  • 5

Can't tell what this one did.  It removed "View" from the browser menu bar (IE 7) so I couldn't ask to view source.

And from the same folks that brought you that one there was

which I did not click, having wasted half a day already undoing the first and warning everyone else on two Yahoo groups to avoid them.  I also set my firewall (Sygate) to block - hereafter.

If anyone knows what damage the first one accomplished between acquisition and removal, please reply.  Especially if you think there are additional steps I should be taking, e.g., changing dozens of passwords, etc.

July 09, 2009, 07:49:11 pm
Reply #1


  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
the payload of this

pdf exploit

is detected a password stealing trojan. Anubis report shows installation of a browser helper object.

payload url is
Code: [Select] 3/41
Ruining the bad guy's day