Trojan at this site... help

system · 2006-12-24T21:05:51.000Z

…

system · 2006-12-24T21:10:42.000Z

K2kessler post:1:

Its creating a trojan in my temp file

-WARNING- DO NOT CLICK THIS LINK, OR EVEN GOTO IT!
http://88.80.5.21/dl/sc.php?cid=13434038&aid=10047\[UPX]
This is the trojan link, anyway should i report them or something?

I have similar problem now

“http:/63.251.135.15/campaign” this site is also creating trojan and i can’t stop it sends one after another every time of windows starting

Lisandro · 2006-12-24T21:13:32.000Z

Please, you two.
REMOVE LIVE LINKS TO INFECTED SITES…
This is not allowed here.

system · 2006-12-24T21:14:33.000Z

K2kessler and Volacano1985,

You need to break your links so thy’re not clickable.

Edit your posts to put a space between the http: and the rest of the url.

EDIT: Sorry Tech 0 you beat me to it.

system · 2006-12-24T21:16:50.000Z

A.q its not problem we want help!!!

polonus · 2006-12-24T21:19:51.000Z

Hi K2kessler,

You should not leave live links to malware, people may be tempted to click through and get infected by this:
File size: 16384 bytes

sc.php?cid=13434038&aid=10047 packed by UPX
In file >sc.php?cid=13434038&aid=10047 found virus Trojan.Fakealert

Trojan.FakeAlert will hijack the desktop background with an image alerting the user that their computer system has been infected with spyware. It also changes some settings of windows which include:- disabling permissions for the user to change the background image and setting the active desktop to 'show web content'. It is usually installed in conjunction with a rogue anti-spyware application.

Type: Trojan
Also known as: Hoax.Win32.Renos variant [Kaspersky] Troj_Renos.BY [Trend] Fak

http://www.sophos.com/virusinfo/analyses/trojfakevira.html

polonus

system · 2006-12-24T21:37:02.000Z

Can firewall stop these attacks ?

system · 2006-12-24T21:39:46.000Z

…

DavidR · 2006-12-24T22:17:28.000Z

The attacks may well be as a result of a trojan downloader on your system.

If following the information on trojfakevira especially that on the advanced tab doesn’t have the desired effect. If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode.

Ewido, a.k.a. avg anti-spyware If using winXP. or a-Squared free if using win98/ME.

As for reporting the site/s sorry to say it but I think it is an exercise in futility.

You might also consider proactive protection, in order to place files in the system folders and create registry entries you need permission. Prevention is much better and theoretically easier than cure.

Whilst browsing or collecting email, etc. if you get infected then the malware by default inherits the same permissions that you have for your user account. So if the user account has administrator rights, the malware has administrator rights and can reap havoc. With limited rights the malware can’t put files in the system folders, create registry entries, etc. This greatly reduces the potential harm that can be done by an undetected or first day virus, etc.

Check out the link to DropMyRights (in my signature below) - Browsing the Web and Reading E-mail Safely as an Administrator. This obviously applies to those NT based OSes that have administrator settings, winNT, win2k, winXP.

system · 2006-12-25T20:56:41.000Z

You could report it to the major search engines but as I have experienced reporting to engines that the effort may be futile. But if the major search engines delete them from their index their sites will get much less traffic thus spreading less problems.

Announcements