Can anyone check this URL please?
in [Viruses]
|
From: Max Wachtel on 5 May 2010 08:25 On Tue, 04 May 2010 23:47:46 -0400, FromTheRafters <erratic(a)nomail.afraid.org> wrote: > "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message > news:hrq4bk01842(a)news4.newsguy.com... >> From: "~BD~" <BoaterDave(a)hotmail..co.uk> >> >> >> | >> hxxp://www.eutimes.net/2010/05/us-orders-blackout-over-north-korean-torpedoing-of-gulf- >> | of-mexico-oil-rig/ >> >> >> Initial analysis shows no malicious activity. > > After a delay, I got a webpage pretending to be a messagebox. Clicking > would lead to hxxp:/ > /91.213.157.62/index.php?q=3654db04721f3e5a44993142c696db659110220 had I > clicked it. It is another fake AV scan (looks like a new one to me, but > you're the one that would know that). > > I looked at eutimes page and NoScript blocked 10 or so scripts from running. -- This post was created using Opera(a)USB: http://www.opera-usb.com Virus Removal Instructions http://sites.google.com/site/keepingwindowsclean/home Max's Favorite Freeware http://sites.google.com/site/keepingwindowsclean/freeware
From: David H. Lipman on 5 May 2010 22:32 From: "~BD~" <BoaterDave(a)hotmail..co.uk> | BD made a post: >>> Here's the story! | hxxp://www.eutimes.net/2010/05/us-orders-blackout-over-north-korean-torpedoing-of-gulf- | of-mexico-oil-rig/ This time it served me up a PDF Exploit of CVE-2009-1492 & CVE-2007-5659. http://www.virustotal.com/analisis/8bb558789981d3929ea1d20c0176ec3fca5b35c0b41db4adb95fe224278df972-1273112346 It must be a rotating ad malvertizement. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: ~BD~ on 7 May 2010 07:03 David H. Lipman wrote: > From: "~BD~"<BoaterDave(a)hotmail..co.uk> > > | BD made a post: > >>>> Here's the story! > > > | hxxp://www.eutimes.net/2010/05/us-orders-blackout-over-north-korean-torpedoing-of-gulf- > | of-mexico-oil-rig/ > > > This time it served me up a PDF Exploit of CVE-2009-1492& CVE-2007-5659. > > http://www.virustotal.com/analisis/8bb558789981d3929ea1d20c0176ec3fca5b35c0b41db4adb95fe224278df972-1273112346 > > It must be a rotating ad malvertizement. > > Thank you,DHL. Dave Eagle (the first to see same) has been notified. I have *no* desire to 'infect' the computers of other people. Period. I had no idea that there was malware attached to the URL which I obtained from a Google search. It certainly caused no ill effect here on my OS X 10.6.3 system AFAICT, yet it could, I now understand, have caused problems for other members of the Scorched-Earth group. What kind of software could I employ which would catch this type of malware and eliminate same before I might inadvertently pass it on to other people? I did once enquire to see if Malwarebytes intended to spread their wings into the Apple arena but received an answer in the negative. A subsequent scan of my machine with ClamXav found no malware, btw. -- Dave - I appreciate comments from all who responded. Thanks.
From: Max Wachtel on 7 May 2010 08:07 On Fri, 07 May 2010 07:03:43 -0400, ~BD~ <BoaterDave(a)hotmail..co.uk> wrote: > David H. Lipman wrote: >> From: "~BD~"<BoaterDave(a)hotmail..co.uk> >> >> | BD made a post: >> >>>>> Here's the story! >> >> >> | >> hxxp://www.eutimes.net/2010/05/us-orders-blackout-over-north-korean-torpedoing-of-gulf- >> | of-mexico-oil-rig/ >> >> >> This time it served me up a PDF Exploit of CVE-2009-1492& >> CVE-2007-5659. >> >> http://www.virustotal.com/analisis/8bb558789981d3929ea1d20c0176ec3fca5b35c0b41db4adb95fe224278df972-1273112346 >> >> It must be a rotating ad malvertizement. >> >> > > Thank you,DHL. Dave Eagle (the first to see same) has been notified. > > I have *no* desire to 'infect' the computers of other people. Period. > > I had no idea that there was malware attached to the URL which I > obtained from a Google search. It certainly caused no ill effect here on > my OS X 10.6.3 system AFAICT, yet it could, I now understand, have > caused problems for other members of the Scorched-Earth group. > > What kind of software could I employ which would catch this type of > malware and eliminate same before I might inadvertently pass it on to > other people? I did once enquire to see if Malwarebytes intended to > spread their wings into the Apple arena but received an answer in the > negative. > > A subsequent scan of my machine with ClamXav found no malware, btw. > There is not much you can do about "malvertizements"(that's funny). They are all over cyberspace. My wife had one on her myspace comment page the other day. Folks need to secure their system, keep the anti-whatever up-to-date, not click on every button they find and stop using Microsoft's Internet Exploiter. -- This post was created using Opera: http://www.opera.com Virus Removal Instructions http://sites.google.com/site/keepingwindowsclean/home Max's Favorite Freeware http://sites.google.com/site/keepingwindowsclean/freeware
From: Leonard Agoado on 7 May 2010 12:48 "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote > It must be a rotating ad malvertizement. "Malvertizement?" That's a keeper. Regards, Len Agoado agoado(a)msn.com
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 4 Prev: I've had it finally ... "From" contains "~BD~" action "Delete Message" Next: Spermware Removal |