1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

possible exploit?

Discussion in 'Comments & Feedback' started by Solaris17, Mar 15, 2010.

  1. Solaris17

    Solaris17 Creator Solaris Utility DVD

    Joined:
    Aug 16, 2005
    Messages:
    18,601 (4.50/day)
    Thanks Received:
    5,083
    Location:
    Florida
    Ran into this about 2min ago loading up TPU. the report file is in the code tag. However it gives me nothing more than the type of exploit and address. Iv also got a SS. If it helps any java activated the second TPU started to load. Which is not standard behavior that I have seen.

    Code:
    *
    * avast! Real-time Shield Scan Report
    * This file is generated automatically
    *
    * Started on: Monday, March 15, 2010 4:23:49 AM
    *
    
    3/15/2010 5:40:01 AM	http://nikiten.com/lib/etcSome.pdf|>{gzip} [L] JS:Pdfka-gen [Expl] (0)
    [​IMG]


    of course the system will be scanned and ill let you know if their was a virus already on my system. I rather doubt it but you never know right?
     
    10 Year Member at TPU More than 25k PPD
  2. W1zzard

    W1zzard Administrator Staff Member

    Joined:
    May 14, 2004
    Messages:
    16,564 (3.61/day)
    Thanks Received:
    15,710
    attach the html page that triggered the alert
     
    10 Year Member at TPU
  3. Solaris17

    Solaris17 Creator Solaris Utility DVD

    Joined:
    Aug 16, 2005
    Messages:
    18,601 (4.50/day)
    Thanks Received:
    5,083
    Location:
    Florida
    it was simply the home page. nothing was quarantined the connection was just refused. I'm not sure I have anything to give you. that is to say their is nothing in my chest or logs other than what iv provided.
     
    10 Year Member at TPU More than 25k PPD
  4. TVman

    TVman New Member

    Joined:
    Dec 29, 2009
    Messages:
    313 (0.12/day)
    Thanks Received:
    41
    my avast doesnt say anything! must be in your computer
     
  5. Solaris17

    Solaris17 Creator Solaris Utility DVD

    Joined:
    Aug 16, 2005
    Messages:
    18,601 (4.50/day)
    Thanks Received:
    5,083
    Location:
    Florida
    its a possibility im about 65% done my scan If anything turns up ill be sure to let people know.

    EDIT: also I have since closed and reopened TPU a few times and it hasnt happened again. My logs show that I havent rejected that connection again except for that once.
     
    10 Year Member at TPU More than 25k PPD
  6. W1zzard

    W1zzard Administrator Staff Member

    Joined:
    May 14, 2004
    Messages:
    16,564 (3.61/day)
    Thanks Received:
    15,710
    click view source, save to file, attach here
     
    10 Year Member at TPU
  7. Solaris17

    Solaris17 Creator Solaris Utility DVD

    Joined:
    Aug 16, 2005
    Messages:
    18,601 (4.50/day)
    Thanks Received:
    5,083
    Location:
    Florida
    k

    edit: scan just finished. nothing was found. not sure if it would mean much but my heuristics sensitivity is high.
     

    Attached Files:

    • tpu.zip
      File size:
      20.2 KB
      Views:
      194
    10 Year Member at TPU More than 25k PPD
  8. W1zzard

    W1zzard Administrator Staff Member

    Joined:
    May 14, 2004
    Messages:
    16,564 (3.61/day)
    Thanks Received:
    15,710
    is the attached page showing the infected warning ?
     
    10 Year Member at TPU
  9. Solaris17

    Solaris17 Creator Solaris Utility DVD

    Joined:
    Aug 16, 2005
    Messages:
    18,601 (4.50/day)
    Thanks Received:
    5,083
    Location:
    Florida
    no
     
    10 Year Member at TPU More than 25k PPD
  10. W1zzard

    W1zzard Administrator Staff Member

    Joined:
    May 14, 2004
    Messages:
    16,564 (3.61/day)
    Thanks Received:
    15,710
    and this will be useful how ?
     
    10 Year Member at TPU
  11. Solaris17

    Solaris17 Creator Solaris Utility DVD

    Joined:
    Aug 16, 2005
    Messages:
    18,601 (4.50/day)
    Thanks Received:
    5,083
    Location:
    Florida
    ? nvm i think i misunderstood. The attached page was the page that i received the warning from. I'm assuming you are checking it for alterations. I thought you were asking if i was receiving the warning now. That would be a no.
     
    10 Year Member at TPU More than 25k PPD
  12. W1zzard

    W1zzard Administrator Staff Member

    Joined:
    May 14, 2004
    Messages:
    16,564 (3.61/day)
    Thanks Received:
    15,710
    when you get the warning, save the page, so i can look at the source and see which advertisers were showing which banners

    since banners change for each reload it makes no sense to just go to the same url as before
     
    10 Year Member at TPU
  13. Solaris17

    Solaris17 Creator Solaris Utility DVD

    Joined:
    Aug 16, 2005
    Messages:
    18,601 (4.50/day)
    Thanks Received:
    5,083
    Location:
    Florida
    ok will do.
     
    10 Year Member at TPU More than 25k PPD
  14. Marineborn

    Joined:
    Jan 17, 2009
    Messages:
    2,144 (0.74/day)
    Thanks Received:
    312
    solaris get ABP, i forgot the internet even had banners or advertisments until i used someone elses computer. lol
     

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)