Virus and keyloggers on my350z
#161
Hi everyone!
I want to update you on the current status of our investigation relative to malware/virus concerns. I also want to assure you that your 350Z admins were on this with our techs from the beginning. Our techs have done a deep search of the site and have not found any evidence that our servers are hosting and serving any virus or malware. We don't believe it's a virus from one of our advertising partners because we are not seeing this issue on any of the other sites. The other possibility is that an infected image has been uploaded, however, we not found any evidence of that at this time.
We need your help by posting a screenshot of any antivirus pop up or other viewing problems. Please include as much information as you can concerning your activities (view page, pic etc) leading up to the virus appearing. Thanks!
Bob..
I want to update you on the current status of our investigation relative to malware/virus concerns. I also want to assure you that your 350Z admins were on this with our techs from the beginning. Our techs have done a deep search of the site and have not found any evidence that our servers are hosting and serving any virus or malware. We don't believe it's a virus from one of our advertising partners because we are not seeing this issue on any of the other sites. The other possibility is that an infected image has been uploaded, however, we not found any evidence of that at this time.
We need your help by posting a screenshot of any antivirus pop up or other viewing problems. Please include as much information as you can concerning your activities (view page, pic etc) leading up to the virus appearing. Thanks!
Bob..
#162
Registered User
iTrader: (12)
Join Date: Jun 2003
Location: Little Rock
Posts: 2,332
Likes: 0
Received 0 Likes
on
0 Posts
I don't think the 'user injected content' angle is going to pan out.
#164
Retired Admin
iTrader: (95)
You make it sound as if IB created the virus and distributed it or as if they knowingly allowed for this to happen or as if they're just not doing anything. None of us are having these issues anymore, correct? So at the very least, it's temporarily gone which would explain why they can't locate the source.
The IB technicians have been on it and will continue to stay on top of it in case there's another outbreak.
Anyway, for those who may have missed it the first time:
We need your help by posting a screenshot of any antivirus pop up or other viewing problems. Please include as much information as you can concerning your activities (view page, pic etc) leading up to the virus appearing. Thanks!
#165
Registered User
Join Date: Oct 2006
Location: South FL
Posts: 199
Likes: 0
Received 0 Likes
on
0 Posts
Hi everyone!
I want to update you on the current status of our investigation relative to malware/virus concerns. I also want to assure you that your 350Z admins were on this with our techs from the beginning. Our techs have done a deep search of the site and have not found any evidence that our servers are hosting and serving any virus or malware. We don't believe it's a virus from one of our advertising partners because we are not seeing this issue on any of the other sites. The other possibility is that an infected image has been uploaded, however, we not found any evidence of that at this time.
We need your help by posting a screenshot of any antivirus pop up or other viewing problems. Please include as much information as you can concerning your activities (view page, pic etc) leading up to the virus appearing. Thanks!
Bob..
I want to update you on the current status of our investigation relative to malware/virus concerns. I also want to assure you that your 350Z admins were on this with our techs from the beginning. Our techs have done a deep search of the site and have not found any evidence that our servers are hosting and serving any virus or malware. We don't believe it's a virus from one of our advertising partners because we are not seeing this issue on any of the other sites. The other possibility is that an infected image has been uploaded, however, we not found any evidence of that at this time.
We need your help by posting a screenshot of any antivirus pop up or other viewing problems. Please include as much information as you can concerning your activities (view page, pic etc) leading up to the virus appearing. Thanks!
Bob..
#169
Administrator
iTrader: (25)
I recieved the pop-up earlier this week. I just "X" it out and left it alone. I figured it was BS, because it didn't ressemble my company's traditional anti-virus pop-ups. Never saw it again or had any problems with my work PC...
#170
Registered User
iTrader: (12)
Join Date: Jun 2003
Location: Little Rock
Posts: 2,332
Likes: 0
Received 0 Likes
on
0 Posts
I'll be busy this weekend helping clean up (fresh install) some member's PCs so, this does actually affect me, even tho my machine has not been exploited because I run noscript and ABP.
#173
The one that popped up on me 2 or 3 times was the windows defender virus. I was looking in the classified section (Turbo, nitrous or engine or tuning under 350Z section)and the browser was redirected to the site that popped up the scanning of the computer saying windows defender. I hit cntrl alt delete and ended the process of the IE browser. That was my experience. Just scanned the computer and did the windows essentials and everything seems fine.
I guess the Anti virus people need money again. lol
I guess the Anti virus people need money again. lol
Last edited by se-r altima dri; 03-14-2010 at 05:51 AM.
#176
I went ahead and did this using XP SP3 but couldn't duplicate the problem, not to say it doesn't exist 'cause clearly it does. I had no AV or ad/script blocker running on this tester. It was just open for anything to try anything. I also installed all necessary components to play videos from Youtube and Streetfire.
#179
There is no chance of getting a screen shot before it was too late.
It happened when I switched to a new page, for example:
Viewing page 3 in my350z.com/forum/tuning/utec information/page=3 then I clicked to switch to page 2 and as soon as page 2 loaded, it would redirect the browser immediatly to a new website, phished website, showing windows defender software and animated scanning, (looks real time) of the fake software almost like an animated gif or flash movie.
You would have to screen shot every page for it to ever have a chance to work and the redirect was so fast that you would have switched pages before you had a chance to get the image. Just so your software guys know what was happening. If it was an ad then it was redirecting the client computer on load of the new page. Probably done using a javascript or some other script running on page load command.
Hope that helps.