Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Has anyone seen this behavior?


  • Please log in to reply
7 replies to this topic

#1 Guest_Yeniaul_*

Guest_Yeniaul_*

  • Guests
  • OFFLINE
  •  

Posted 05 July 2015 - 02:32 PM

I was recently employed at a school district's IT department, and one teacher sent a help request on a computer that "crashed with the error "OUT_OF_MEMORY"."

I thought this was strange. Especially since the PC in question was an Alienware! (the district was so rich they had to donate money or they would reach the limit on their 3 accounts!)

So I turned it on, and opened Task Manager. 

300 instances of Explorer.exe and growing fast!

I used taskkill to kill all of them and restarted the first Explorer (that way the desktop and stuff work) and everything works OK. No more multiple Explorer processes!

I wrote a script to end them all and restart it and made it run after ~5 seconds once everything was loaded.

It worked, but it infects routers. It infects endpoints afterward, using HTTP packets and redirecting to the router, where the code is injected into the cache and set up.

Has anyone encountered this before?


Edited by Orange Blossom, 05 July 2015 - 02:48 PM.
Moved to AII. ~ OB


BC AdBot (Login to Remove)

 


m

#2 gigawert

gigawert

    Computer Consultant


  • Members
  • 1,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Jose, California

Posted 05 July 2015 - 09:04 PM

No, but that sounds incredibly strange. Must be a prank pulled by a student.


John 3:16

 "God loved the world so much that He gave His uniquely-sired Son, with the result that anyone who believes in Him would never perish but have eternal life."


#3 PuReinSAniTY

PuReinSAniTY

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:in a basement
  • Local time:07:50 PM

Posted 07 July 2015 - 04:53 AM

children and there batch files these days...I remember when i was in school (the good ol' days) back when windows xp was popular  (2001) I was in what? 3rd grade? I don't remember but somebody sent an 'important announcement' over our school emails (even teachers opened it),all the little children ran to the computer and opened the email (all but me because i was actually taught not to open unknown emails containing malicious .bat files), and guess what it contained? the script that deleted system 32, and let me say the outcome was...bad. The administrators actually quit their job because they just didn't bother to reinstall windows on over 300 systems.


they call me te java mayster


#4 gigawert

gigawert

    Computer Consultant


  • Members
  • 1,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Jose, California
  • Local time:12:20 PM

Posted 07 July 2015 - 10:39 AM

I'm in the 8th grade and nobody even knows what a batch file is, even the teachers.


John 3:16

 "God loved the world so much that He gave His uniquely-sired Son, with the result that anyone who believes in Him would never perish but have eternal life."


#5 PuReinSAniTY

PuReinSAniTY

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:in a basement
  • Local time:07:50 PM

Posted 07 July 2015 - 07:16 PM

lol


they call me te java mayster


#6 Guest_Yeniaul_*

Guest_Yeniaul_*

  • Guests
  • OFFLINE
  •  

Posted 09 July 2015 - 08:54 PM

No, but that sounds incredibly strange. Must be a prank pulled by a student.

A little... complex for a kid, don't you think?



#7 Guest_Yeniaul_*

Guest_Yeniaul_*

  • Guests
  • OFFLINE
  •  

Posted 09 July 2015 - 08:59 PM

children and there batch files these days...I remember when i was in school (the good ol' days) back when windows xp was popular  (2001) I was in what? 3rd grade? I don't remember but somebody sent an 'important announcement' over our school emails (even teachers opened it),all the little children ran to the computer and opened the email (all but me because i was actually taught not to open unknown emails containing malicious .bat files), and guess what it contained? the script that deleted system 32, and let me say the outcome was...bad. The administrators actually quit their job because they just didn't bother to reinstall windows on over 300 systems.

 

 

I had to make a Python script to find the lines in the file, with deviation of course. 3098726 detections, and all removed.

XD So bad...



#8 gigawert

gigawert

    Computer Consultant


  • Members
  • 1,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Jose, California
  • Local time:12:20 PM

Posted 09 July 2015 - 09:15 PM

 

No, but that sounds incredibly strange. Must be a prank pulled by a student.

A little... complex for a kid, don't you think?

 

You never know...


John 3:16

 "God loved the world so much that He gave His uniquely-sired Son, with the result that anyone who believes in Him would never perish but have eternal life."





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users