Sign In
Create Account
0
I go on the Yahoo! Answers forums a LOT and somebody keeps posting a link to an infected "video" to help people with their problem. I'm not sure if Malwarebytes detects the site or the infected file, so here ya go.
The site he links people to is: hxxp://browsershots.org/png/original/f9/f9f39bf9fb73a566dd8fbaa6f07e386e.png (http changed to hxxp)
I went to BrowserShots to get a picture of the site so here's the pic (safe): http://img237.imageshack.us/img237/295/f9f...6dd8fbaado8.png
The site is dangerous and the file that is downloaded should be flagged as infected.
#1
Posted 22 November 2008 - 12:57 AM
-
- Members
-
- 19 posts
New Member
"And so at last the beast fell and the unbelievers rejoiced. But all was not lost, for from the ash rose a great bird. The bird gazed down upon the unbelievers and cast fire and thunder upon them. For the beast had been reborn with its strength renewed, and the followers of Mammon cowered in horror" -Book of Mozilla 7:15
They don't call it MBAM for nuthin!
They don't call it MBAM for nuthin!
Back to top
#2
Posted 23 November 2008 - 12:08 AM
-
- Honorary Members
-
- 3,022 posts
कैंसर योद्धा
- Gender:Not Telling
- Location:Jah Jersey Shore
Malware Sucks, on Nov 21 2008, 07:57 PM, said:
I go on the Yahoo! Answers forums a LOT and somebody keeps posting a link to an infected "video" to help people with their problem. I'm not sure if Malwarebytes detects the site or the infected file, so here ya go.
The site he links people to is: hxxp://browsershots.org/png/original/f9/f9f39bf9fb73a566dd8fbaa6f07e386e.png (http changed to hxxp)
I went to BrowserShots to get a picture of the site so here's the pic (safe): http://img237.imageshack.us/img237/295/f9f...6dd8fbaado8.png
The site is dangerous and the file that is downloaded should be flagged as infected.
The site he links people to is: hxxp://browsershots.org/png/original/f9/f9f39bf9fb73a566dd8fbaa6f07e386e.png (http changed to hxxp)
I went to BrowserShots to get a picture of the site so here's the pic (safe): http://img237.imageshack.us/img237/295/f9f...6dd8fbaado8.png
The site is dangerous and the file that is downloaded should be flagged as infected.
Next time you see this link posted, report it to the mods.
This link provides the k-codec281.exe which WinPatrol picks it up as a new startup xxx82227.exe and this file is detected/removed by MBAM only, the site is a different matter
Developer mode log:
Malwarebytes' Anti-Malware 1.30
Database version: 1416
Windows 5.1.2600 Service Pack 3
11/22/2008 6:21:20 PM
mbam-log-2008-11-22 (18-21-20).txt
Scan type: Quick Scan
Objects scanned: 46324
Time elapsed: 2 minute(s), 40 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\MSFox (Trojan.Agent) -> Quarantined and deleted successfully. [3857535134305383807566791534727079851301414438586445483634456446343641424738615
2483953563451386146809174777766614652398089]
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
"Don't worry about a thing,
'Cause every little thing gonna be all right!"
'Cause every little thing gonna be all right!"
#3
Posted 23 November 2008 - 12:27 AM
-
- Honorary Members
-
- 3,867 posts
Delete this account!!
- Interests:would love to see some honesty around this site.
MBAM deals with Zlob very well, but does not block sites at this time, notifying Yahoo might help, the poster should have their account deleted for posting links to malware.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
