Site infected with Trojan

[D_KNIGHT_PEN]

Yeah got to hate when your computer gets infected with viruses. Still have nightmares about when my computer caught that MS security shield virus or whatever it was called. It is the reason i actually have two virus checkers on my computer Malwarebytes and Microsoft Security Essentials.

[windpl]

 

This site is full of tentacle rape...but I've yet to see a virus from any scanner regarding this site.

 

 

 

ROTFL Dreamer102 ;D

[Dmouse52]

the one i caught was "windows spyware sweeper" i think it was called and i got it from going to a mediafire link from lovers lab. It aske me if i wanted to save file and i said no (it downloaded anyway), then ran even though i denied permission! then gave spyware reports and asked if i should remove and notified me i'd have to buy it. tried killing it through task manager only to find it had taken over that. tried getting a solution to it but after 2-3 minutes it was trying to block both IE and firefox telling me they were malware. Finally after downloading(and buying) spyware hunter i got rid of it

[thesapien]

the one i caught was "windows spyware sweeper" i think it was called and i got it from going to a mediafire link from lovers lab. It aske me if i wanted to save file and i said no (it downloaded anyway)' date=' then ran even though i denied permission! then gave spyware reports and asked if i should remove and notified me i'd have to buy it. tried killing it through task manager only to find it had taken over that. tried getting a solution to it but after 2-3 minutes it was trying to block both IE and firefox telling me they were malware. Finally after downloading(and buying) spyware hunter i got rid of it

[/quote']

 

You mean from a post and not an ad, right? Did you report the post and the member who supplied the link? LL quickly took care of the problem, I'm guessing?

[Dmouse52]

You're right I should have reported it and didn't, damn! It was a post for lover's resource v2 but the second time i tried that link i had no problem

[adrenaline]

This is strange. I use Avast+ Comodo and I never get any warning on my laptop.

Yet I am configuring my mom's mini laptop right now and I just got a trojan warning when I get in LL with IE. It's "js iframe trojan"

 

The XP is just reinstalled and the Avast is updated, and I have scanned it, the computer is clean.

 

 

 

 

[Ashal]

This is strange. I use Avast+ Comodo and I never get any warning on my laptop.

Yet I am configuring my mom's mini laptop right now and I just got a trojan warning when I get in LL with IE. It's "js iframe trojan"

 

The XP is just reinstalled and the Avast is updated' date=' and I have scanned it, the computer is clean.

 

 

[img']http://i.imgbox.com/aagT5dCI.png[/img]

 

 

 

It's bad enough your using IE, but IE6? You'll get a sorts of security warnings on websites using that. IE6 is a hackers dream victim.

 

Most modern browsers wouldlikely be blocking js trojans.

 

Could just simply be a tracking cookie from a ad publisher, and avast is being overly sensitive.

[adrenaline]

This is strange. I use Avast+ Comodo and I never get any warning on my laptop.

Yet I am configuring my mom's mini laptop right now and I just got a trojan warning when I get in LL with IE. It's "js iframe trojan"

 

The XP is just reinstalled and the Avast is updated' date=' and I have scanned it, the computer is clean.

 

 

[img']http://i.imgbox.com/aagT5dCI.png[/img]

 

 

 

It's bad enough your using IE, but IE6? You'll get a sorts of security warnings on websites using that. IE6 is a hackers dream victim.

 

Most modern browsers wouldlikely be blocking js trojans.

 

Could just simply be a tracking cookie from a ad publisher, and avast is being overly sensitive.

 

Thank you Ashal. I know using IE is a bad idea so I almost only use Firefox, but I don't know IE can be so bad.

[thesapien]

This again? Well, that's it, I did some more research. This is what Microsoft has to say about it:

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AJS%2FIframe.AK

There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptoms.

 

Trojan:JS/Iframe.AK is a malicious JavaScript file that is embedded into malicious or compromised webpages, usually via SQL injection or through Blackhat search engine optimization (SEO) poisoning.

 

If a user visits a website that contains Trojan:JS/Iframe.AK, it redirects them to another website that may download other malware into the computer.

 

In the wild, a webpage that contains Trojan:JS/Iframe.AK may redirect to any of the following URLs:

 

abc-spain.net/.php?page=5263598721135de9

abc-spain.net/.php?page=875aad48ec2f2f4d

berlin-stats.at.lv

cris4459.myftp.biz//go.php?sid=1

gaveyou.ch.tf/.cgi?2

hapturing.net/.php?page=2d057d472cd217e2

haslo.ddns.mobi/.php?sid=1

iagclutp.dns05.com//go.php?sid=1

imcjgftz.ontheweb.nu/?=2

imprintrgme.monbe.be//index.php?1a41c24a2dae175de82946d73480574a

layoutgmsakc.tk//index.php?078e76f25226521ee3edf6a73962ffd2

perikanzas.com/.php?page=f231b7d2647c237a

priceqceea.oueb.eu//index.php?6d6599f7258e24b6d44dbb78dd16c6a6

riea8967.hopto.org/go=2

stovek.com/nx/.html

surveyeazdv.AKlita.fr//index.php?6127872daf51a5fbdb99f270ab8f687c

zdzcizny.sexxxy.biz/go=2

zzzkwphb.4pu.com/stds/go.php?sid=1

[windpl]

If you are using ie6 then possibly you have clean xp without service pack.

Fact, if you have such - just plug-in pc to network will get it infected. For example with Sasser.

[thesapien]

If you are using ie6 then possibly you have clean xp without service pack.

Fact' date=' if you have such - just plug-in pc to network will get it infected. For example with Sasser.

[/quote']

 

But as I just showed from MS in my post before yours, it's not an infection.

 

 

This again? Well, that's it, I did some more research. This is what Microsoft has to say about it:

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AJS%2FIframe.AK

There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptoms.

 

Trojan:JS/Iframe.AK is a malicious JavaScript file that is embedded into malicious or compromised webpages, usually via SQL injection or through Blackhat search engine optimization (SEO) poisoning.

 

If a user visits a website that contains Trojan:JS/Iframe.AK, it redirects them to another website that may download other malware into the computer.

 

 

 

If the user is getting this message, it means they are not infected. The message means that somewhere on the webpage has the trojan. The user will only get infected if they don't see the warning and get redirected to another page and then they are at risk if they install something from the redirected page.

 

Maybe other browsers with latest versions of OS won't execute the code so the warning never appears and the trojan isn't even detected. Or maybe it's just one advertiser that has the trojan so only a random user gets the message. Or, both. Adrenaline blurred out the ad in the screenshot but maybe that's it.

 

Ashal has already scanned for anything on his end. So it's not on LL's server and it's not on the user's computer.

[Guest Donkey]

That is why i use addblocker and no-script. On nexus there was something similar, but back then i wasn't using these 2, later i was forced to fully re-format my pc and lost allot of stuff because of it.

 

That certainly teached me never to trust any adds again. No matter what i site i visit.

[deathparade]

That is why i use addblocker and no-script. On nexus there was something similar' date=' but back then i wasn't using these 2, later i was forced to fully re-format my pc and lost allot of stuff because of it.

 

That certainly teached me never to trust any adds again. No matter what i site i visit.

[/quote']

 

Installing no-script now also HTTPS everywhere is something good!

[windpl]

If you are using ie6 then possibly you have clean xp without service pack.

Fact' date=' if you have such - just plug-in pc to network will get it infected. For example with Sasser.

[/quote']

 

But as I just showed from MS in my post before yours, it's not an infection.

 

 

This again? Well, that's it, I did some more research. This is what Microsoft has to say about it:

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AJS%2FIframe.AK

There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptoms.

 

Trojan:JS/Iframe.AK is a malicious JavaScript file that is embedded into malicious or compromised webpages, usually via SQL injection or through Blackhat search engine optimization (SEO) poisoning.

 

If a user visits a website that contains Trojan:JS/Iframe.AK, it redirects them to another website that may download other malware into the computer.

 

 

 

If the user is getting this message, it means they are not infected. The message means that somewhere on the webpage has the trojan. The user will only get infected if they don't see the warning and get redirected to another page and then they are at risk if they install something from the redirected page.

 

Maybe other browsers with latest versions of OS won't execute the code so the warning never appears and the trojan isn't even detected. Or maybe it's just one advertiser that has the trojan so only a random user gets the message. Or, both. Adrenaline blurred out the ad in the screenshot but maybe that's it.

 

Ashal has already scanned for anything on his end. So it's not on LL's server and it's not on the user's computer.

 

Well I didn't commented on that, I went slight off topic to warn about pure xp builds.