Trojans in some of the forum discussion topics
-
- Posts: 7
- Joined: Jan 18th, '07, 05:21
Trojans in some of the forum discussion topics
FYI Administrators: Some of the forum topics will download trojans (backdoor, vundo). Upon opening a discussion forum topic the page sends out an signal to another site to download the trojan.
It appears to be random - embedded in the advertisements. But yes, it is true that the trojans are there. I just right now received a warning from my security software:
HTTP Acrobat PDF Suspicious File Download
http:/xxx.xxx.xxx.xxx/zzyu298298/pdf.php?id=7655
Removed the IP for security reasons. The IP address is owned by valuepromo.net. The network traffic coming from the IP address matches a signature of a known attack.
--- groink
HTTP Acrobat PDF Suspicious File Download
http:/xxx.xxx.xxx.xxx/zzyu298298/pdf.php?id=7655
Removed the IP for security reasons. The IP address is owned by valuepromo.net. The network traffic coming from the IP address matches a signature of a known attack.
--- groink
-
- Posts: 34
- Joined: Apr 24th, '07, 21:15
I figured as much
Looks like drive by downloads being sent by compromised websites.
In most cases it's spammers or the like trying to use your PC as part of a spam
generation network or russian botnet folks trying to assimilate your pc.
I work in I.T. and highly recommend downloading www.malwarebytes.org's application
to rid yourself of this malicious garbage.
In most cases it's spammers or the like trying to use your PC as part of a spam
generation network or russian botnet folks trying to assimilate your pc.
I work in I.T. and highly recommend downloading www.malwarebytes.org's application
to rid yourself of this malicious garbage.
-
- Posts: 7
- Joined: Jan 18th, '07, 05:21
I'm bringing this up because there seem to be some users who still have these problems. The source of the problem could be a infected or hijacked ad-network server which randomly sends these pdf files or an already virus-infected computer on the user's side.
So, if you have problems like reported above you should first scan your computer for virusses or malware. Second you should disable auto-opening of pdf-files in your browser. Just change your browser application settings for MIME-type "application/pdf" from open with ... to save to file. This way you can decide yourself if you want to accept an incoming pdf file or not.
There have been several discussions about this on the web. But so far I couldn't find out the root of the problem and if it still exists.
So, if you have problems like reported above you should first scan your computer for virusses or malware. Second you should disable auto-opening of pdf-files in your browser. Just change your browser application settings for MIME-type "application/pdf" from open with ... to save to file. This way you can decide yourself if you want to accept an incoming pdf file or not.
There have been several discussions about this on the web. But so far I couldn't find out the root of the problem and if it still exists.
-
- Posts: 35
- Joined: Sep 27th, '06, 04:29
- Location: Lawrence Kansas
Google Malware warnings on D-Addicts
This is a first for me, but starting today whenever I try to look at a page on d-addicts.com google spits up a Malware warning. (I'm using the Safari browser)It looks like it may be linked to the banner ads. One of the site it lists as positive for malware is ebannerz.net but that isn't the only page that gets listed as the source of the problem, most that are listed are just jumbles of numbers and letters. Anybody else running into this problem?
- Keiko1981
- Administrator
- Posts: 7571
- Joined: Apr 9th, '06, 11:27
- Location: Sweden
- Has thanked: 5 times
- Been thanked: 82 times
- Contact:
It could be either me or some of the ads at DA.
3 times in 2 days I've gotten a pop-up message (I've never clicked this message - used Alt + F4) saying that I need to scan my computer it take. If I'm not fast enough it automatically takes me to a page where you see what ones HDs, CD/DVD reader.
The website's address is the following:
When this happened the last time, a few minutes ago I had only Gmail (inbox), a Sweding-English dictionary: and D-Addicts open.
I got this message as exactly as I was leaving "Torrents" page, and went to the "Home" page.
And yesterday I got it when did log out.
Earlier today I did scan my computer with AVG 8, no viruses found, all warnings were tracking cookies, I deleted them. Yesterday I did also run CCleaner.
3 times in 2 days I've gotten a pop-up message (I've never clicked this message - used Alt + F4) saying that I need to scan my computer it take. If I'm not fast enough it automatically takes me to a page where you see what ones HDs, CD/DVD reader.
The website's address is the following:
Code: Select all
http://live-virus-scanner7.com
Code: Select all
http://lexin2.nada.kth.se/sve-eng.html
I got this message as exactly as I was leaving "Torrents" page, and went to the "Home" page.
And yesterday I got it when did log out.
Earlier today I did scan my computer with AVG 8, no viruses found, all warnings were tracking cookies, I deleted them. Yesterday I did also run CCleaner.
-
- Posts: 165
- Joined: Feb 4th, '07, 03:53
- Location: Sydney, Australia
Who is online
Users browsing this forum: No registered users and 4 guests