While at home I came to the this site to check the forums and my Nortons intercepted this Trojan ByteVerify trojan horse. Did not give it much of a thought then I came to visit again from work and the Nortons at work intercepted the Trojan ByteVerify again. So two different machines at two different locations running Nortons have interecepted this Trojan ByteVerify trojan horse. Both showed up in the cache area after I came here. This looks a little more questionable. Like a possible problem. Anyone else notice this ?
Nortons info on this
http://www.symantec.com/security_response/writeup.jsp?docid=2003-090514-4048-99
My McAfee detected one the other day too.
Maybe this is where it came from?
I couldn't say exactly where it was detected though.
I've been coming to this site for several weeks now and haven't had a problem but when I signed in this time My nortons also picked up the same trojan right off the bat
this is probably coming from third party ads on this website.
Good. glad it was not just me... well sort of.... I am sure others here do not need a trojan... Hope everyone has their antivirus up to date.. I also figured it was some 3rd party ads... Just not sure which one since I did not pay that much attention to what was being displayed... Maybe next time I will take note of what ads are being displayed to try to help narrow it down.
After I posted this I noticed that the side ads where offering Anti trojan and Anti virus links.. Interesting.. Have a anti-virus ad link that provides a virus.. Ironic...
I am haveing the same issues! ???
Hi,
Yes I can also confirm Trojan virus and I managed to locate its link where it is:
http://www.rock-spirit.de/templ......(Link removed for safety !admin) and
http://www.rock-spirit.de/templ.... (Link removed for safety !admin)
Stefan, please try to contact them.
Gyula
Okay, can
anyone located the exact page where it is inserted ?
I have already emailed this webmaster from Rock-Spirits.de
but have no answer yet...
Somebody must have hacked my site and inserted it somewhere...
Please stay tuned..
I will try to fix it.
Many thanks.
Shit,
another webmaster wrote me:
Code:
(Code removed for safety !admin)
Wenn Du entweder die Zeichen decodierst, oder das ganze einfach mal nach Google eingibst
(Link removed for safety !admin)
Kommst Du auf die Seite und der Quelltext ist:
http://www.rock-spirits.de/tem....(Link removed for safety !admin)
Code:
(coderemoved for safety !admin)
Hast Du das vielleicht selber eingebunden?
Ciao,
Mike
===
Howcan I get this Iframe out of the database,
as all the pages are generated out of the database and it is
not in any Tinyportal block or something like this...
Can anyone help please ?
Many thanks...
Okay, it was an Iframe at the end of the index.php
file inserted by someone...
NowI have deleted this.
Please can everyone check his PC if this was infected with this Trojan horse?
Tommorow I will phone the webmaster of the rock-spirit.de
site and ask him,what was happening.
I also installed now the new forum update with all the new fixes...
Please let me know, if you will find still some issues.
Many thanks.
Regards, Stefan.
P.S : Now posting in a minute the new working magnet motor from Mike
with a video ! It is amazing, Stay tuned..
Regards, Stefan.
hartiberlin weren't you going to change hosting companies or something? or did you already do that? anyways if you are still looking here is a good guide www.TheHostingChart.com
also check out these Content Management Systems for your website :)
http://linuxlinks.com/Web/Portal/Content_Management_System
www.SubDreamer.com is also very good.
peace
.
@argona369 and everyone else.
maybe you can try these free software...
anti-virus:
http://free.grisoft.com
and
firewall:
http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp
or start using linux:
www.xubuntu.org
.
Quote from: argona369 on February 15, 2007, 01:36:29 AM
[Sign of "VBS:Malware [Gen]" has been found]
hartiberlin, don't you have a Adequate firewall?
shit, do i have to rebuild now?
pissed off.
ok, so now have a virus? what do i do now?
It was not coming from my computer.
Somebody unknown to me seems to have hacked my
forum and inserted into the index.php file an Iframe script,
so all forum pages were loading this trojan script.
Please ALL check your PCs now with a free antivirus
software as:
http://de.trendmicro-europe.com/consumer/housecall/housecall_launch.php
Or www.bitdefender.com
or simular free online scanners.
Sorry for the trouble, but this was a real attack.
Regards, Stefan.
Quote from: argona369 on February 15, 2007, 03:12:21 AM
Quote from: FreeEnergy on February 15, 2007, 01:45:48 AM
@argona369 and everyone else.
maybe you can try these free software...
anti-virus:
http://free.grisoft.com
and
firewall:
http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp
or start using linux:
www.xubuntu.org
Hi Freeenergy,
I have zone alarm. I also have a antivirus, and two backup anti-virus programs.
(there?s no way i'm going to mention which one's here).
switches customized (to higher levels).
as well as other spam scanners as well.
My system says its ok.
But can I be sure?
>or start using linux
no thanks. I gave up on command line stuff in the 80?s
it is not all command line nowadays. linux has evolved a lot since the 80's. take a look at these screen shots ( http://www.xubuntu.org/screenshots ). also you can run xubuntu linux from your CD rom drive without ever touching your hard drive. in fact you dont even need a hard drive. :)
peace
Check into "HiJack this" but be very careful with the program. It's a great piece of software
Dave
Hi All,
the ones, who have caught this virus can use the free
www.trendmicro.de online scanner above to
get rid of all trojans and virusses.
It is a great online scanner and finds also many grey- and spywares
and also cleans them out.
Click "enhanced" ( erweiterte Angaben) Tab to also tag the Greyware and Spyware
scanning !
Regards, Stefan.
:D
*cheers*
Hi all,
I don't know if this trojan effected me? I use linux.
For those of you who are not nerds like me, I recommend two linux distros.
http://www.mepis.org/
http://www.pclinuxos.com/news.php
Either of these will get out of Microsoft Windows and into something better and easier.
Both will run live off the CD so you can try before installing.
Both are in some testing for final releases at the end of the month, but you don't have to wait as both of these current betas are more stable than what others may call final releases. No command line needed to run either of these fine linux distros.
If you have highspeed connection, you can download and burn an iso image Cd for free.
Good luck,
Tishatang