1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

possible exploit?

Discussion in 'Comments & Feedback' started by Solaris17, Mar 15, 2010.

  1. Solaris17

    Solaris17 Creator Solaris Utility DVD

    Joined:
    Aug 16, 2005
    Messages:
    17,160 (5.20/day)
    Thanks Received:
    3,548
    Location:
    Florida
    Ran into this about 2min ago loading up TPU. the report file is in the code tag. However it gives me nothing more than the type of exploit and address. Iv also got a SS. If it helps any java activated the second TPU started to load. Which is not standard behavior that I have seen.

    Code:
    *
    * avast! Real-time Shield Scan Report
    * This file is generated automatically
    *
    * Started on: Monday, March 15, 2010 4:23:49 AM
    *
    
    3/15/2010 5:40:01 AM	http://nikiten.com/lib/etcSome.pdf|>{gzip} [L] JS:Pdfka-gen [Expl] (0)
    [​IMG]


    of course the system will be scanned and ill let you know if their was a virus already on my system. I rather doubt it but you never know right?
  2. W1zzard

    W1zzard Administrator Staff Member

    Joined:
    May 14, 2004
    Messages:
    14,788 (3.93/day)
    Thanks Received:
    11,490
    attach the html page that triggered the alert
  3. Solaris17

    Solaris17 Creator Solaris Utility DVD

    Joined:
    Aug 16, 2005
    Messages:
    17,160 (5.20/day)
    Thanks Received:
    3,548
    Location:
    Florida
    it was simply the home page. nothing was quarantined the connection was just refused. I'm not sure I have anything to give you. that is to say their is nothing in my chest or logs other than what iv provided.
  4. TVman

    TVman New Member

    Joined:
    Dec 29, 2009
    Messages:
    313 (0.18/day)
    Thanks Received:
    41
    my avast doesnt say anything! must be in your computer
  5. Solaris17

    Solaris17 Creator Solaris Utility DVD

    Joined:
    Aug 16, 2005
    Messages:
    17,160 (5.20/day)
    Thanks Received:
    3,548
    Location:
    Florida
    its a possibility im about 65% done my scan If anything turns up ill be sure to let people know.

    EDIT: also I have since closed and reopened TPU a few times and it hasnt happened again. My logs show that I havent rejected that connection again except for that once.
  6. W1zzard

    W1zzard Administrator Staff Member

    Joined:
    May 14, 2004
    Messages:
    14,788 (3.93/day)
    Thanks Received:
    11,490
    click view source, save to file, attach here
  7. Solaris17

    Solaris17 Creator Solaris Utility DVD

    Joined:
    Aug 16, 2005
    Messages:
    17,160 (5.20/day)
    Thanks Received:
    3,548
    Location:
    Florida
    k

    edit: scan just finished. nothing was found. not sure if it would mean much but my heuristics sensitivity is high.

    Attached Files:

    • tpu.zip
      File size:
      20.2 KB
      Views:
      178
  8. W1zzard

    W1zzard Administrator Staff Member

    Joined:
    May 14, 2004
    Messages:
    14,788 (3.93/day)
    Thanks Received:
    11,490
    is the attached page showing the infected warning ?
  9. Solaris17

    Solaris17 Creator Solaris Utility DVD

    Joined:
    Aug 16, 2005
    Messages:
    17,160 (5.20/day)
    Thanks Received:
    3,548
    Location:
    Florida
    no
  10. W1zzard

    W1zzard Administrator Staff Member

    Joined:
    May 14, 2004
    Messages:
    14,788 (3.93/day)
    Thanks Received:
    11,490
    and this will be useful how ?
  11. Solaris17

    Solaris17 Creator Solaris Utility DVD

    Joined:
    Aug 16, 2005
    Messages:
    17,160 (5.20/day)
    Thanks Received:
    3,548
    Location:
    Florida
    ? nvm i think i misunderstood. The attached page was the page that i received the warning from. I'm assuming you are checking it for alterations. I thought you were asking if i was receiving the warning now. That would be a no.
  12. W1zzard

    W1zzard Administrator Staff Member

    Joined:
    May 14, 2004
    Messages:
    14,788 (3.93/day)
    Thanks Received:
    11,490
    when you get the warning, save the page, so i can look at the source and see which advertisers were showing which banners

    since banners change for each reload it makes no sense to just go to the same url as before
  13. Solaris17

    Solaris17 Creator Solaris Utility DVD

    Joined:
    Aug 16, 2005
    Messages:
    17,160 (5.20/day)
    Thanks Received:
    3,548
    Location:
    Florida
    ok will do.
  14. Marineborn

    Marineborn New Member

    Joined:
    Jan 17, 2009
    Messages:
    2,144 (1.04/day)
    Thanks Received:
    312
    solaris get ABP, i forgot the internet even had banners or advertisments until i used someone elses computer. lol

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page