SpursReport.com

SpursReport.com (http://www.spursreport.com/forums/)
-   Question Forum (http://www.spursreport.com/forums/question-forum/)
-   -   Unsafe website/virus (http://www.spursreport.com/forums/question-forum/88974-unsafe-website-virus.html)

Scxeezy 04-07-10 04:37 PM

Unsafe website/virus
 
I saw another thread on this when I did a search, but it was locked. I too get the site is unsafe message sometimes when I come to SpursReport.com through InternetExplorer. This has happened to me both at home and at work. Since it does not happen all the time, I think it has to do with the ads, which are ever-changing.

Today, however, when I went to SpursReport (@11:07AM PDT), my virus scan popped up a whole lot of warnings about viruses and my browser and whole computer became very slow and unresponsive. Once I closed the browser everything eventually calmed down and later I was able to open SpursReport again and type this message.



Here are excerpts from the logs from my virus protection software (Eset NOD32):

http://91.188.59.52/x/midi.jar
a variant of OSX/Exploit.Smid.B trojan
connection terminated
quarantined
Threat was detected upon access to web by the application: C:\Program Files\Java\jre6\bin\java.exe.

http://91.188.59.52/x/midi.jar » ZIP » AppletX.class
a variant of OSX/Exploit.Smid.B trojan


http://91.188.59.52/x/jar.jar
multiple threats
connection terminated
quarantined
Threat was detected upon access to web by the application: C:\Program Files\Java\jre6\bin\java.exe.

http://91.188.59.52/x/jar.jar » ZIP » myf/y/AppletX.class
Java/TrojanDownloader.OpenStream.NAJ trojan

http://91.188.59.52/x/jar.jar » ZIP » myf/y/LoaderX.class
Java/TrojanDownloader.Agent.NAI trojan



Can somebody in IT please double-check that there is nothing (including, and especially, advertisments) trying to run malicious code on the client computers?

Thanks!

fabio 04-07-10 10:23 PM

it's in advertisements. I don't think SR has any control on it because most sites uses general ad brokers and the site displaying the ads have very little control on them, depending on the ad broker.

This being said, it could happen that you already have the downloader in your PC, and the ads only trigger it with new info. But quite probably is just the advertisements trying to get into your computer via Java or ActiveX. In 99.99% of cases, if an advertisement is based in Java is because it has every possible trojan in the world

cheesehead4spurs 04-09-10 01:33 PM

I just had a bloodhound.pdf8 pop up in my norton


All times are GMT -5. The time now is 12:52 AM.

Powered by vBulletin Version 3.7.4


Content Relevant URLs by vBSEO 3.2.0