Possible Windows Defender Issue, and Java Backdoor issue

User avatar
KILROY
Posts: 1315
Joined: Sat Apr 05, 2014 8:59 pm
Location: Texas

Possible Windows Defender Issue, and Java Backdoor issue

Post by KILROY »

I'm working with Microsoft right now on the Window Defender issue. Their tech support of course didn't know anything about it and was following a flow chart and referring one to a group that can remote access your computer for a fee per hour, like all your sorry providers are doing now, but this is the error that I found:

Service C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{47124C5F-8D3E-405D-96C7-A1C12FC08D4D}\MpKsla489206e.sys (*** hidden *** ) [SYSTEM] MpKsla489206e

I'm currently working with their engineers on this issue, and will let you know what comes of it, but if they can't relay what this "hidden" issue is, they will have to try to fix it with the next update release, or I'll have to submit an issue with the FCC and possibly other World security organizations, due to this could possibly be another Equifax issue, but due to 80-90 percent of the World using some type of Windows OS, this could be bigger.

The other issues are Java Script Backdoor hacks per the below errors, showing on AT&T's network, and I have a case open with them on this also, but from what I'm seeing more people are having these same errors pop-up:

1st Error:

! An error has occurred in the script on this page.

Line: 0
Char: 0
Error: Script Error
Code: 0
URL: http://www.att.com/scripts/satellite/pr ... f31d461fe2
aef4e2d53a11a03e7f9a04c/s-code-contents-
65778bc202aa3fe011113e6b6ea6d103eda099fe5js?f1689f47

Do you want to continue running scripts on this page?

Yes No

Whether you select Yes or No, or just close this out, another error will pop-up:

2nd Error:

! An error has occurred in the script on this page.

Line: 24
Char: 9
Error: Unable to get property 'innerHTML' of undefined or null reference
Code: 0
URL: http://dnserrorassist.att.net/s/js/searchguide.js

Do you want to continue running scripts on this page?

Yes No
Then another:

3rd Error:

! An error has occurred in the script on this page.

Line: 0
Char: 0
Error: Script error
Code: 0
URL: http://www.att.com/scripts/satellite/pr ... f31d461fe2
aef4e2d53a11a03e7f9a04c/s-code-contents-
65778bc202aa3fe01113e6b6ea6d103eda099fe5js?f1689f47

Do you want to continue running scripts on this page?

Yes No

Or sometimes it will read this error:

Line: 9
Char: 5
Error: Object doesn't support property or method 'cookie'
Code: 0
URL: http://dnserrorassist.att.net/s/js/searchguide.js

Do you want to continue running scripts on this page?

Yes No

==============================================

Anyone have any insight, please feel free to share any thoughts you have, or possible things to try or do to resolve these. Be careful on trying to open the first and third link showing, it will try to install something or ask you to. The 2nd and 4th link opens a bad sight link.
perrinoia
Site Admin
Posts: 3732
Joined: Sun Jul 01, 2012 7:18 pm

Re: Possible Windows Defender Issue, and Java Backdoor issue

Post by perrinoia »

I frequently have error messages try to take over my browser and install random crap while browsing adult content.

I ignore the fake warming messages, kill the browser window, and resume in a new window, but avoid the links that got me in that situation.

Facebook used to do the same thing to my grandma until I convinced her to use Google chrome with ad block.

Ad block for Internet explorer makes Internet explorer unusable, but ad block for chrome makes the internet friendly. However, malware in adult sites are a bit more intrusive.
Image
User avatar
KILROY
Posts: 1315
Joined: Sat Apr 05, 2014 8:59 pm
Location: Texas

Re: Possible Windows Defender Issue, and Java Backdoor issue

Post by KILROY »

Yeah, that's what were thinking the last error messages are pretty much relaying, due to all of the reported issues being via some version of IE, but as for the "hidden" program issue for Windows Defender....Microsoft Engineer's haven't gotten back to me on that yet. If it's their version of "their" type of spyware then I know what it's for and will just let it ride, but only if they confirm it. If not, then it's something they need to resolve in a quick update release and I'll have to report the issue to the FCC via a priority submission, and the FCC will be kicking down their front door to resolve this before it could get out of hand.

Like I said before, everything done electronically is being watched. A simple scan you do with any type of virus, malware, etc. type of program gets reported back with the scan results to some type of monitoring company. Just using anything digital, even old school radio frequencies are being monitored. It's interesting and sometimes even entertaining what gets passed along to others that you see or hear.
AnniDv6
Posts: 1030
Joined: Mon Dec 12, 2011 3:25 pm

Re: Possible Windows Defender Issue, and Java Backdoor issue

Post by AnniDv6 »

At this point you would have to be crazy to buy anything online, use a credit or debit card, have a social security number (lol), or go outside. Basically living in a cave system that only you know about would be ideal.
User avatar
KILROY
Posts: 1315
Joined: Sat Apr 05, 2014 8:59 pm
Location: Texas

Re: Possible Windows Defender Issue, and Java Backdoor issue

Post by KILROY »

Death666 wrote:At this point you would have to be crazy to buy anything online, use a credit or debit card, have a social security number (lol), or go outside. Basically living in a cave system that only you know about would be ideal.
LOL...welcome to my World. That's how it's been for years here, but I'm on call 24 x 7.
perrinoia
Site Admin
Posts: 3732
Joined: Sun Jul 01, 2012 7:18 pm

Re: Possible Windows Defender Issue, and Java Backdoor issue

Post by perrinoia »

This is why I live on a boat and conduct most transactions with cash.
You can't run my credit if I don't have any...
Image
User avatar
KILROY
Posts: 1315
Joined: Sat Apr 05, 2014 8:59 pm
Location: Texas

Re: Possible Windows Defender Issue, and Java Backdoor issue

Post by KILROY »

Yeah, I envy you at times Perr. I'm a fisherman at heart and haven't been for many, many years now with these new job duties. I'm also old school, still get paper statement bills mailed to me, even if I have to pay for the service, nothing electronically, except for a smartphone that I only use for calls, text to people I know, and use the internet to do some looking up every now and then. I still like the 2G network service and phone I had a few years ago, instead of carrying around this suitcase now, but it's part of the requirements of the job.
perrinoia
Site Admin
Posts: 3732
Joined: Sun Jul 01, 2012 7:18 pm

Re: Possible Windows Defender Issue, and Java Backdoor issue

Post by perrinoia »

My employer rehired a 70 year old guy named Phil to train me and a new hire on our new responsibilities at work.

The 3 of us were exchanging contact info when Phil takes a notepad and pencil out of his pocket and explains that he doesn't own one of "those things" (pointing at our smart phones). He said he didn't want to be a slave to his machines like the rest of us, but he goes home and checks his answering machine every day...

I replied, "Doesn't that make you a slave to your answering machine?"

Phil: :shok:

Then we took a ride in the company truck. The new hire drove. I was in the middle, and Phil road shotgun. As Phil was climbing out, his knee spasmed and he fell down, landing in his hip.

As I helped him up he exclaimed, "You guys are lucky. At my age I could easily collect workers comp for the rest of the year, and you'd both be screwed! I bet you're both fumbling for those stupid phones of yours!"

I replied, "Nah... I was looking for your Life alert." :trolol:

He nearly fell over again from laughter.
Image
User avatar
KILROY
Posts: 1315
Joined: Sat Apr 05, 2014 8:59 pm
Location: Texas

Re: Possible Windows Defender Issue, and Java Backdoor issue

Post by KILROY »

RRRROOOOFFFLLLLL!!!!!!
User avatar
KILROY
Posts: 1315
Joined: Sat Apr 05, 2014 8:59 pm
Location: Texas

Re: Possible Windows Defender Issue, and Java Backdoor issue

Post by KILROY »

UPDATE....Issue resolved with the Windows Defender Issue.

It turns out the person had more than one Anti Virus Program installed. Windows Defender monitors your system when it operating and periodically scans it. This person just installed another program that was interfering with Windows Defender's Anti Virus programming, and when they used GMER to do a scan on their system, it brought up the RootKit Error in GMER due to the conflicting Anti Virus Programs, and the new one over taking Windows Defender, so Windows Defender stopped it's monitoring which is why it was showing as "Hidden" in the RootKit. It turns out the other program this person installed was Baidu 2015, which will overtake any program if you activate it's internal programming and when prompted confirm it.

As for the other issue's, yeah, your right Perr, it's from visiting sites they shouldn't have and it installed all kinds of PUP's, 58 to be exact. We got'em all taken care of, and they are back on track again. The funny thing......these were on a companies computer, not home based. This station is used by more than one person, so we can't tell who did the surfing online, so now monitoring programs are now being installed and all their employees are going through a mandatory seminar about how they use companies computers while at work.
Post Reply