Jump to content

Recommended Posts

Hello i just learned about malwarebytes from good people and sources and decided to download the program and sign up because i like how exact it was. anyways Malwarebytes found and got rid of the adware and trojans i had BUT i was just curious as to what these certain trojans are exactly.

Im a fast learner and know quite abit about computers but didn't realize how dangerous some trojans can be. anyways heres the two im extremely concerned about...

c:\Users\*****\AppData\Local\Temp\0.3651057569845019.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.

c:\Users\*****\AppData\Local\Temp\0.3823985096076553.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.

Are these documented anywhere and there source/effect on the computer? Thank you in Advance to anyone who can help.

Link to post
Share on other sites

Hello i just learned about malwarebytes from good people and sources and decided to download the program and sign up because i like how exact it was. anyways Malwarebytes found and got rid of the adware and trojans i had BUT i was just curious as to what these certain trojans are exactly.

Im a fast learner and know quite abit about computers but didn't realize how dangerous some trojans can be. anyways heres the two im extremely concerned about...

c:\Users\*****\AppData\Local\Temp\0.3651057569845019.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.

c:\Users\*****\AppData\Local\Temp\0.3823985096076553.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.

Are these documented anywhere and there source/effect on the computer? Thank you in Advance to anyone who can help.

Oh and also for further info, these two were infected from a random update called Jucheck.exe, i know this is Java related however it's publisher was unknown and the location was in my \AppData\Local\Temp\ area, and i know thats NOT where its suppose to be. also i let it install and run by mistake for a good 2 minutes before looking for help after my Norton Anti-Virus Internet Security 2011 FAILED to find it.

Link to post
Share on other sites

You're welcome.:)

Yes. Exploit's are infections that take advantage of known bugs or vulnerabilities in applications or the operating system itself. Most of the time they plant backdoors which allow remote access to the computer it infected to gain control over it.

Link to post
Share on other sites

  • Root Admin

If you really want to learn more please consider being trained to help others.

The following are websites who host training facilities: United Network of Instructors and Trained Eliminators

Link to post
Share on other sites

You're welcome.:)Yes. Exploit's are infections that take advantage of known bugs or vulnerabilities in applications or the operating system itself. Most of the time they plant backdoors which allow remote access to the computer it infected to gain control over it.

Ah i see, so does that mean for those 2 minutes i foolishly let it run, any of my info was in trouble? I read about backdoors and understand the basics about it, but didn't read enough into it to understand everything. was there any danger?

Outdated web facing software (likely acrobat reader and/or JRE) was exploited and the detections in your log are the initial executable files dropped and executed as a result of this successful exploit.

Oh, lol im gonna sound like a complete noob, but could you dumb that down for me? i just started learning about this kinda stuff literally yesterday some am rather fresh. :P

If you really want to learn more please consider being trained to help others.The following are websites who host training facilities: United Network of Instructors and Trained Eliminators

Thank you very much sir! i'll look this up when i have time, i would love to learn more and help others if possible. ;)

Link to post
Share on other sites

  • Staff
Oh, lol im gonna sound like a complete noob, but could you dumb that down for me? i just started learning about this kinda stuff literally yesterday some am rather fresh.

Adobe acrobat reader and Java Runtime Environment are common applications installed on most systems. They are very common and since by design they interact with web content they are very common targets for exploitation. More or less you feed these applications data constructed in just the right way and you can trick them into downloading and directly executing malware from the web. As these loopholes are discovered patches are issued to plug these holes. The majority of people never update these applications and as a result simply surfing a safe site that has been hacked and contains an exploit kit can infect your system, no clicking required.

Link to post
Share on other sites

Adobe acrobat reader and Java Runtime Environment are common applications installed on most systems. They are very common and since by design they interact with web content they are very common targets for exploitation. More or less you feed these applications data constructed in just the right way and you can trick them into downloading and directly executing malware from the web. As these loopholes are discovered patches are issued to plug these holes. The majority of people never update these applications and as a result simply surfing a safe site that has been hacked and contains an exploit kit can infect your system, no clicking required.

Ah i understand clearly now, thank you very much nosirrah. but jeez that is dirty a safe site can still be corrupt even if you don't click on anything strange or out of place, i think i'll learn a lot here from you guys. :)

Thanks for putting up with me once again.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.