This site have virus -or do I?

[FJRulzON]

Not trying to yell fire here -maybe it's my problem but...

I came to check the forum as a always do, except it seemed like my connection speed was way down (to like dial up levels) then my Norton AV popped up that it detected a download trojan 0day[1].htm which it auto-deleted from my temp internet files.

more info at

https://securityresponse.symantec.com/avcen...oad.trojan.html

I then checked a thread and when I went back to main page bam! Happened again.

All was well surfing the web before I got here.

I am not accustom to getting viruses and are not sure how one could get one from visiting a web site but thought I might point this out so our Admins (who know more than me) may check it out.

Maybe the attackers that buggered up the site not long ago are back???

 

[GreyGoose]

I got the same thing on my box.

Not sure whats causing it.

Anyone else?

GreyGoose

 

[twowheelnut]

Yup, ditto here!

 

[BlueWing]

Me too! But not other sites, just this one. <_<

 

[TWILKIN650]

Same here, but not the same alert. I took the opportunity to delete a bunch 'o trash from caches and temp files, and haven't had an alert since.

Admins?

 

[FJRulzON]

OK, someone (admin?) moved this post in here -as I perhaps erroneously posted in the General area.

So, does an admin know, how about a comment or three???

Just curious, because personnaly -I have never been in this 'off-topic' area before and I am a little frightened. :haha: (reminded of Homer Simpson in 3D land)

Seriously, will anyone notice this post in here?

 

[airboss]

Me too, site's running slow, and mcafee popped up.

 

[Ignacio]

Looking into. It's not affecting me personally. It would help with the specific filename and path of the affecting file.

Please keep the chatter of "me too" down and no "Glad I'm on a Mac" posts. Please only post additional, new, specific information.

You should also make sure you have latest virus definition downloaded on whatever brand of virus scan software you have installed.

 

[Ignacio]

Not finding any odd files on the server.

The main page is taking a while to load on my machine in both IE and Firefox, but nothing popping up for me. Running full scan of my Symantec AV with 4/23 virus update to see if something is dormant on my computer.

If somebody who is affected can provide specific IE and/or Firefox version they are running along with virus definition date and their specific AV product.....

 

[luvtoride]

I got it, too. File name is: EXPL_TXTRANGE.A

The infected file (in my case): c:\documents and settings\hlyoung\Local Settings\Temporary Internet Files\Content.IE5\U4EP7PS4\0day(1).htm

 

[twowheelnut]

When on IE and logged into the Forum, I get an attempted bounce here: https://196.regvista.com/index.php%3Fref., but that gets kicked here: https://www.google.com/hws/dell-inc/afe?hl=...dex.php?ref=wde

And... Norton (udated this am) refers to it as a 'Download.Trojan'

 

[charismaticmegafauna]

Happened to me..... AVG told me this morning:

"Trojan horse Dropper.Agent.AXA.IE5\SL8AMEW2\P[1].GIF"

None of this, of course, means anything to me --

but may be of some use to admins? :huh:

 

[FJRPierre]

McAfee advised of of infected download @ 9:13 am as I was connecting to FJRforum

deteted virus was identified as

....Temporary Internet Files\Content.IE5\O1YDSRYH\0day[1].htm JS/Exploit-BO.gen

and was deleted....

(or me too )

 

[Ignacio]

deteted virus was identified as ....Temporary Internet Files\Content.IE5\O1YDSRYH\0day[1].htm JS/Exploit-BO.gen

IE5 is interesting. Still waiting for anybody that's had it to share their specific IE version number.

Click on Help, About Internet Explorer. If less than 6.0.2900 then wondering if you've updated patches on your system. How about running and accepting patches on Windows Update?

I'm finding nothing on the board and not experiencing any problems. At this point I'm more suspicious about patch levels on various machines.

 

[evil_henchman]

I'll don't know s**t about this subject but I did notice my computer acting weird as soon as I logged on this morning. I've since paid attention and I notice that this site's pages take a long time to load and on the tool bar on the bottom of the screen there it tells you what's loading, it will say for just a few seconds before the end: "finding site: apjuydguldid92pp5upp5c77p.affrontgl.com

Don't know if that means anything and it could have been doing it all along but I never noticed before. Kinda made me think spyware....it's there every time you change a page.

 

[Ignacio]

OK, I am finding something. Not sure yet what it is or how to resolve it, but I'm finding code within the script that isn't right. Part of me thinks this is a leftover from something that hit the net around April 1.

.....investigating.

 

[radman]

The timing is about right for down2 to have finished a 30 day hacker course at Screw U.

 

[SkooterG]

The timing is about right for down2 to have finished a 30 day hacker course at Screw U.

:rolf:

 

[Ignacio]

Started thread and guidelines for resolving this issue here. Closing this thread so I don't go nuts wanting to choke the wisenheimers.