WinZix is clearly the problem.

IWETHEY v. 0.3.0 | TODO

1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User

Welcome to IWETHEY!

Post #284,431

by static

5/10/07 9:58:40 PM

WinZix is clearly the problem.

As Box has no-doubt already found, it comes with trojan software; that is it modus operandi. Google for 'WinZix problems' and you will find lots of links about cleaning up after it.

As for the hidden IE session: I spoke to one of the MRC guys here and he said such a thing happens when a program loads an IE component. The EULA says it serves advertising - I imagine that it would use the HTML rendering component to display the ads. Nothing sinister in and of itself, until you look at the whole package, as it were. :-)

Wade.

Is it enough to love
Is it enough to breathe
Somebody rip my heart out
And leave me here to bleed

Is it enough to die
Somebody save my life
I'd rather be Anything but Ordinary
Please

-- "Anything but Ordinary" by Avril Lavigne.

· my ·
· [link|http://staticsan.livejournal.com/|blog] ·
· [link|http://yceran.org/|website] ·

Spyware running IE - (andread) - (18) - May 7, 2007, 03:48:55 PM EDT

Re: Spyware running IE - (pwhysall) - May 7, 2007, 12:14:48 PM EDT

Creating dummy accounts on message boards and spamming. -NT - (inthane-chan) - May 7, 2007, 12:24:05 PM EDT

perhaps a click thru trojan to generate ad revenue -NT - (boxley) - May 7, 2007, 12:41:34 PM EDT

Hehehe - (crazy) - (9) - May 7, 2007, 08:28:53 PM EDT

Wrong - (andread) - (8) - May 7, 2007, 09:35:20 PM EDT

Watch it as it runs - (crazy) - (7) - May 7, 2007, 10:00:01 PM EDT

tcpdump is your friend, works under winders -NT - (boxley) - May 7, 2007, 11:29:38 PM EDT

remind me of that the next time you get root kitted :-) -NT - (boxley) - (3) - May 7, 2007, 11:30:23 PM EDT

There's NOTHING that can be done once root kitted - (crazy) - (2) - May 7, 2007, 11:48:53 PM EDT

Don't agree -NT - (andread) - (1) - May 8, 2007, 10:22:15 AM EDT

You're wrong. - (pwhysall) - May 8, 2007, 12:44:09 PM EDT

So you can be helpful after all - (andread) - (1) - May 8, 2007, 10:21:37 AM EDT

The reason you fond nothing on that .exe.... - (folkert) - May 8, 2007, 12:26:55 PM EDT

Do you know the actual spyware? - (static) - (3) - May 9, 2007, 02:03:06 AM EDT

Re: Do you know the actual spyware? - (andread) - (2) - May 10, 2007, 09:38:48 AM EDT

I like their eula - (boxley) - May 10, 2007, 09:50:49 AM EDT

WinZix is clearly the problem. - (static) - May 10, 2007, 09:58:40 PM EDT

another link to your issue - (boxley) - May 10, 2007, 01:32:44 PM EDT

iwethey.org

Uno? My brain hurts. And I'm out of milk, so the coffee's not a happening thing. Pout.
66 ms