View Single Post
Old 2007-12-05, 10:52 AM   #1
NY Jester
ICQ:147*079*406
 
NY Jester's Avatar
 
Join Date: Oct 2007
Location: Rock*ME*Hardplace
Posts: 2,996
Send a message via ICQ to NY Jester Send a message via AIM to NY Jester
Where have all the good guys gone

Well I woke up today and thought id get a head start on submitting as some TGP's fill up quickly and you have to put off submitting until the next day. Well, I get half way through my process and BAM! Something Killed my PC. I get a shut down notice, asked to save the file I had open (my submit list) and the PC restarts.

After reloading I get:
an ATL.dll error in loading some programs.
My system restore is disabled - error message System restore cannot protect your computer please restart your computer and run system
restore again
my security center is disabled - cannot open the SC to change admin values, add/remove users, etc
User Accounts are disabled - cannot access them to change settings, etc.
Control Panel some options are inaccessible...some just will not open

Internet Explorer :
Home Page changed to "blank"
History Deleted
Cookies Deleted
When I click on Internet Options : I get an error saying there are restrictions on this account please contact administrator
And my searches from IE all show up with a routed results page
the IP being 85.255.120.28/ all results get filtered through that portal although the actual search results are accurate and show the correct URL's on the search results page (which mine is google)

Here is the URL, once clicked for the results on "basket waving"
Code:
http://realsearch.cc/feed/search.php?tpl=adsense&q=basket%20weaving
along with a drop down bar which keeps advertising porn, and clicks through to:

Code:
http://www.pornattitude.com/index.php?id=48113&t=D&cs=rouge&w=0&omp=CB:UP&idf=&tracker=_cdbar_allen&langue=en
These results only occur in IE, FF runs fine, shows the results page and click through to the corresponding web site URL's

I have updated virus always on, I ran a virus scan and the results are clean.

My initial reaction was WTF!
I have narrowed it down to either the Gallery confirmation page of one TGP or the webmaster submit page of another - and Im leaning towards the submit page because the shut down didn't occur until that page had been fully loaded in. I think its pretty horseshit when another adult webmaster needs to have this type of guerrilla tactic on a webmaster accessible page (or any page thats accessible for that matter) is it wrong to assume that this attack came from one of those two sites..as they were the only things I had open at the time and up until then My pc had run fine? I didnt want to out any site just yet ubtil i hear back with an opinion but the sites are known TGP's and not just fly-by-night outfits.

Anyone have any advice on how to rid this little doosey?
Thanks in advance.

J-
__________________
The Sexy Side of Porn
NY Jester is offline   Reply With Quote