Deleted1324428User Posted September 24, 2010 Share Posted September 24, 2010 I'm running MSE here and although it didn't pop up with any warning, I noticed that Firefox had blocked whatever wanted to load as well as the random download pop-up to download the malicious file. The site was fine earlier in the day but as soon as the late hours rolled around, it struck. As of right now, it's still trying to do its thing. Link to comment Share on other sites More sharing options...
ThomasKaira Posted September 24, 2010 Share Posted September 24, 2010 There is still a malicious program worming its way around the website. I just received another AVG alert about 10 minutes ago, and an accompanying MalwareBytes scan discovered a Trojan.Fakealert (read: it installs Rogue Security Software) had found its way into my computer. I think I manage to catch it before it could cause any real damage, but nonetheless I have to put the site on my "Do Not Visit" list for awhile. Hope you can get the issue resolved with due speed, Dark. :smile: Link to comment Share on other sites More sharing options...
Gracinfields Posted September 24, 2010 Share Posted September 24, 2010 Yea the threat ended up penetrating my system yesterday, I pasted the info on to Vacant. The file it uploads is a rouge anti virus software, that can be called a Trojan. The Progam is Call Desktop Secuirty 2010 http://www.bleepingcomputer.com/virus-removal/remove-desktop-security-2010 it was able to enter via JAVA coding. I think it may be tied to the hack attempt on the site a while back on 7/12/2010 as I was digging I noticed Java turned on by itself when it was turned off, so I check my add on and found that an unverified version of Java was uploaded into the browser on that 7/12/2010. (Never would have though of the add ons if it wasn't for Vacant again major kudos) When I finally got the program off my system came back and checked the date of the previous hack on the site date 7/12/2010 :( guess they did sneak something in on my system that day and the AV didn't pick it up. Got ride of Java now and adding a bit more security to the system now that this hole was revealed to me. Link to comment Share on other sites More sharing options...
Nadin Posted September 24, 2010 Share Posted September 24, 2010 Beat me to it. It doesn't seem to DL with normal files, but upon first contact it will download a file named FILE.php.Lucky for me my java's outdated. :D Link to comment Share on other sites More sharing options...
Nadin Posted September 24, 2010 Share Posted September 24, 2010 The file downloads at the main site, FOTM, two random members, and whenever you login. So...you know....don't do that. Link to comment Share on other sites More sharing options...
Dark0ne Posted September 24, 2010 Share Posted September 24, 2010 I believe this issue to have now been fixed having found the culprit and patched the hole. For further discussion please go to this new file thread. Link to comment Share on other sites More sharing options...
Raye Posted September 24, 2010 Share Posted September 24, 2010 I also have been getting popups from AVG, and It seems to appear most often on the popup window when you begin a download. I will try to get a screenshot next time it happens, though it will look like all the other AVG screenshots. Any files I have downloaded have been completely free of viruses, though. my first thought was the ads as well. Also, Google has gotten in on the bandwagon, the site is now listed as a 'badware' site, you can find more information here: http://www.google.ca/url?sa=t&source=web&cd=3&ved=0CCYQFjAC&url=http%3A%2F%2Fwww.tesnexus.com%2Fdownloads%2Fcat.php%3Fid%3D26&ei=YZycTOY8hsSwA6Wg6NUB&usg=AFQjCNFDAgC4vaAHWidifgN81j_I2PgCng&sig2=Nntj1wBdg7VjHHvV-LZ1Mg (sorry for the stupidly long URL) Link to comment Share on other sites More sharing options...
Recommended Posts