Seems that I finally got hit with some spyware or the like. For more info see my other thread called weirdness. I figured I would post this in its own thread for higher visability.
This may of may not be affecting vegas but here is what happened - without any warning or OSD some things have been installed. I have SP2, I also have the latest security updates for SP2. I do not use IE at all. I use Mozilla, and I don't get any email on this machine.
Something called IEToolbar. It was installed yesterday and by all acoounts it is gone...or is it?
I found a file in my windows/system32 folder called $$$_.log and this is the info in it:
http://toolbarpartner.com/setup_iesearchtoolbar.exe
http://toolbarpartner.com/installer.exe
http://dapsol.com/private/X/500.exe
I did not visit amny of these sites. Seems that a website used a java exploit to silently download files and install them. And right now it seems like either on reboot or shutdown more files are being installed from somewhere. I removed the toolbar but on reboot I had all these mystery files running (See other thread). I searched and found about 50 files in my windows directory - all start with "sys" and are followed by a number and end with ".exe". All have today's date. I have deleted those and also have found new files in my system32 folder - dsmanager.dll and dsmanager32.dll - all dated today. (Same as the $$$_.log file) Both files have an internal name of "BHO.DLL" which turns up this (among other things) http://sarc.com/avcenter/venc/data/pf/adware.iepagehelper.html which is Adware.IEPageHelper. NOTE: The directions given do not work for this "new" varrient.
So I am cleaning my system - more details as they come up.
This may of may not be affecting vegas but here is what happened - without any warning or OSD some things have been installed. I have SP2, I also have the latest security updates for SP2. I do not use IE at all. I use Mozilla, and I don't get any email on this machine.
Something called IEToolbar. It was installed yesterday and by all acoounts it is gone...or is it?
I found a file in my windows/system32 folder called $$$_.log and this is the info in it:
http://toolbarpartner.com/setup_iesearchtoolbar.exe
http://toolbarpartner.com/installer.exe
http://dapsol.com/private/X/500.exe
I did not visit amny of these sites. Seems that a website used a java exploit to silently download files and install them. And right now it seems like either on reboot or shutdown more files are being installed from somewhere. I removed the toolbar but on reboot I had all these mystery files running (See other thread). I searched and found about 50 files in my windows directory - all start with "sys" and are followed by a number and end with ".exe". All have today's date. I have deleted those and also have found new files in my system32 folder - dsmanager.dll and dsmanager32.dll - all dated today. (Same as the $$$_.log file) Both files have an internal name of "BHO.DLL" which turns up this (among other things) http://sarc.com/avcenter/venc/data/pf/adware.iepagehelper.html which is Adware.IEPageHelper. NOTE: The directions given do not work for this "new" varrient.
So I am cleaning my system - more details as they come up.