Re: [OT] Re: VERY strange problem? HELP!
- Posted by Al Getz <Xaxo at aol.com> Jun 28, 2004
- 481 views
CoJaBo wrote: > Yes, I know. The cracker wasn't too happy when I decoded that > and posted "What do you mean "I am the end!"?"! > Also the strangest value ?time() displayed (-3812688), when > you remove the '-' and convert it into hexadecimal, it is the ASCII > code for ""! This is where I got "54484520454E44" to call the > cracker, I don't even know what the cracker actually wants to be called. > I get hit about once per week too so i know the problems that can come up. I've had all kinds of funny stuff going on...from installing 'toolbars' in my IE to deleting programs. One time i went to open a simple text file using Notepad and got the error message something like "Unable to open file, cant find Notepad.exe" Now why on earth would a web site want to delete your Notepad???? A little investigation turned up a program that was installed overtop of Notepad (theirs) but when they deleted Notepad versions (which BTW were in about three directories which they had to hunt down to accomplish) they forgot to reinstall THEIR program in that one directory...which happend to be the one that was called to open the text file. If it wasnt for that, THEIR replacement file would have ran on my machine and who knows that else from there I also found that they also replaced the Windows media player, and during the time of the attack the were able to stop the firewall log from recording transactions! There was a void in the times between which they were doing this attack. This wasnt the first time and i know it wont be the last. I dont know what they think they will accomplish, but it wont be a heck of a lot! Even if my comp goes down it's not going to do any good for them right? I've developed some software to deal with these idiots over the years, but unfortunately this is a catch-as-catch-can situation--if i post anything to the web and it gets learned by would-be attackers, that makes it less effective for me. I've even considered posting .exe versions of the software, but once it gets into the wrong hands it allows experimentation with what passes undetected and what doesnt--so it's effectiveness still declines. Only thing i can say is run a virus detector of some kind. Take care and good luck with it, Al And, good luck with your Euphoria programming! My bumper sticker: "I brake for LED's"