Virus?!?

  • Thread starter Thread starter ozyran
  • 20 comments
  • 936 views
ozyran

ozyran

Messages
386
Messages
ozyran
So, there I was, surfing GTPlanet.net, when my PC Cillin picks up a virus! I did several screen captures when this happened:

virus1.jpg


virus2.jpg


virus3.jpg


virus4.jpg


This happened to me last night as well; this time, when it happened, I made sure to capture the screen a couple of times before deleting the stuff. Keep in mind, all I did was go into the Auto News forum to do some looking around. Since this has happened not once, but twice, I think it may be quite some time before I show up again.
Have a great one everybody!
~oz
 
Any ideas as to what that was all about? GTPlanet is one of the very few sites that I trust, so any clarification would be great.
 
On the screenshot, it shows you opening a windows media file from http://64.34.181.44. My guess is that the virus is in that file, and since you chose to open it instead of saving it, the file was temporarily saved in the Firefox cache. So, PC-Cillin detected the virus in the cache and alerted you.
 
evilgenius788
On the screenshot, it shows you opening a windows media file from http://64.34.181.44. My guess is that the virus is in that file, and since you chose to open it instead of saving it, the file was temporarily saved in the Firefox cache. So, PC-Cillin detected the virus in the cache and alerted you.
Click to expand...

yeah, what i was thinking. the file opening from widows media player could be just a form of virus coming from another unsafe computer, which made PC-Cillin detect the virus.
 
I got a warning from Norton also. Some ActiveX control popped up for installation and Norton warned of a virus so I declined the plugin. I don't remember what else I was doing then, but the virus was some Trojan Horse thing, probably the same one as everyone else's. Funny, I recieved a Windows security update not even a minute later. Too bad my Norton is expired, I wonder what happened to the virus.
 
Thanks, ROAD_DOGG, for posting that Microsoft link . . . I'd be in the same boat if it weren't for good ol' Adblock.
 
WTF! My Norton gave me a warning to! I'm serious, it's poped up twice today wile looking at GTP, so i'll take some screens next time it comes up.
 
Unfortunately, some advertising networks have been taking advantage of the Windows Metafile Format vulnerability.
 
OK, this just came up on me again, heres some info.

Title: Opening exp.wmf
You have chosen to open
exp.wmf
which is a: Windows Media(Tm) Audio/Video File
from: http://64.34.181.51

-What should Firefox do with this file?------------------------------------
O Open with |RealPlayer (default) |v|
O Save to Disk
| | Do this automatically for files like this from now on.
_______________________________________________________________
_________ __________
| Ok | | Cancel |
---------- ------------
And Norton poped up also saying
i have a virus named... Bloudhound.Exploit.56

http://www.symantec.com/security_response/writeup.jsp?docid=2005-122814-2600-99
I looked it up. ^ Link ^
 
Master_Yoda
OK, this just came up on me again, heres some info.

Title: Opening exp.wmf
You have chosen to open
exp.wmf
which is a: Windows Media(Tm) Audio/Video File
from: http://64.34.181.51

-What should Firefox do with this file?------------------------------------
O Open with |RealPlayer (default) |v|
O Save to Disk
| | Do this automatically for files like this from now on.
_______________________________________________________________
_________ __________
| Ok | | Cancel |
---------- ------------
Click to expand...

This exact information is displayed in one of the pics of the first post in this thread. We already know where the infected file came from, it was from one of the adverts displayed while browsing GTP, not from GTP itself.
 
amp88
This exact information is displayed in one of the pics of the first post in this thread. We already know where the infected file came from, it was from one of the adverts displayed while browsing GTP, not from GTP itself.
Click to expand...

You probally didn't see my edit. I showed somthing elese. BUT the source I.P. is different.
 
As dougiemeats said, it does appear as if the advertising networks have been compromised. I have reported this incident to the agency so hopefully this will be resolved soon. Until then, please keep an eye on your antivirus software!
 
Z.
Thanks, ROAD_DOGG, for posting that Microsoft link . . . I'd be in the same boat if it weren't for good ol' Adblock.
Click to expand...

Duċk;2378690
...Or instead of immorally using Adblock, which robs Jordan of money, go Premium!
Click to expand...
Yep! Go Premium, as then you won't get the ads, and that means no malicious no-good jerks will give you a virus through an innocent looking advert

ROAD_DOGG33J
Norton picked up the same thing for me.

I get the exp.wmf download and some plug-in trying to install, too.

edit: Here are the patches for the vulnerability:
http://www.microsoft.com/technet/security/Bulletin/MS06-001.mspx

Looks like it could be/could've been one of the banner ads.
Click to expand...
Is that patch for all browsers? Or is it a Windows patch? Or just for IE?
 
gOoSeTeR
Yep! Go Premium, as then you won't get the ads, and that means no malicious no-good jerks will give you a virus through an innocent looking advert


Is that patch for all browsers? Or is it a Windows patch? Or just for IE?
Click to expand...

It's a Windows patch.
 

Latest Posts

Back