|
Virus/trojan launched when playing .mpg file I downloaded an .mpg file and when I double clicked it, it launched Windows Media Player and started to play. Then a bunch of browser windows started opening, directed to porn sites. Then my anti-virus software said I had js/seeker virus/trojan. Anyone know how the .mpg file was able to do this? Are the holes in Windows Media Player? Hidden File extension (not likely, since phex showed it as .mpg)? Help. Thanks. |
I bet it was a .asf file. ASF files have to ability to direct you on a website with the Internet Explorer. There he can use JavaScript to do malicious things. As far as I know there's nothing to do about the asf files opening iexplore |
Yeah, but... I downloaded the .mpg using PHEX. Phex prompts you for a file name when downloading, so I edited the filename which was quite long, and specifically entered the inocuous name "An.mpg". So there was no hidden file extension, unless Phex is hidding those exentsions as well, which seems pretty weird since its java and all. I'm fairly certain it was just a .mpg file without a hidden extension, I will do more research tonight. Is there anyway a file with an extension of .mpg (without any hidden extension) can cause a trojan to be triggered? Are there some flaws in windows Media player that allow this? Stumped. |
You can rename an asf file to mpg and it will still play, Windows Media Player just guesses what it is when it opens it. So it could have been ( and probably was ) really an asf file. |
or worse, it was a exe file and you renamed it why are you all so happy when you run a lame OS and have problems like this? :) :) :) :) :) :) |
Quote:
Quote:
|
Quote:
|
Mystery Solved Paradog and tshdos were correct. The file was in fact a asf file with an mpg extension. I had to download the Windows Media Resource kit to analyse the file. The asf file contains a script command that causes IE to go to a URL. That page contains the evil JS/seeker code. Thank you for all your help. If you have any thoughts on how I can safely play mpeg/mpg files please let me know. |
1) use a different browser (i recommend Opera) 2) set up a firewall and block Internet Explorer and Windows Media Player from connecting to the internet (there are probably a million other solutions as well, but this is the first that came to mind. someone who watches more movies on their comp should be able to assist more.) |
Re: Mystery Solved Quote:
|
Also you can just go offline and open it if you have a dialup connection like I do :) |
Quote:
|
I like Mplayer 6.8x... loads fast, simple, works.. 7.x/8 are horrid on resources and bulky. |
go to http://www.mandrake.com and install this OS and forget about viruses. Why you would still use a OS and/or a "media player" that doesen't have scripting OFF as a default (if you can even turn it off anyway) is beyond me. Outlook has the same problem, never, ever let anyone run a program on your computer! It's like letting other people run whatever they want on your computer, what are you stupid or something? Stop using microsoft products! |
you really are a moron aren't you |
Unregistered, Does the browser you are using to read these pages have the scripting turned off by default? |
yes, go get mozilla 1.0 and linux and relax mozilla will even let you turn javascript on but you can disable pop up windows and other lame **** stuff you should write web masters of any of these web sites that make you use pop up windows to see things you need to see when they could do it the "old" way. This just makes it so that more and more ad companies can annoy you, and these web masters are helping promote this abuse. |
| All times are GMT -7. The time now is 05:29 AM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 ©2011, Crawlability, Inc.
Copyright © 2020 Gnutella Forums.
All Rights Reserved.