New Variant Of Intrusive Online Scanner

Author	All Replies
Gas Guzzler join:2005-09-17 Los Angeles, CA edit: March 22nd, @06:05PM	New Variant Of Intrusive Online Scanner It calls itself xponlinescanner.com and I was hit twice today while visiting the NY Post newspaper wesbsite. Its some kind of malware that tricks you to install some fake antispyware program. It appears on legitimate websites. We saw these kind of browser highjackers last year too. One of the old security threads that discussed the problem is this one: »YouTube - Major League Baseball Strikes out To test how this behaves on your system go here: xponlinescanner.com/2008/1/freescan.php?aid=77011816 (edited)
	to forum · permalink · · 2008-03-22 18:00:58 ·
Anav Sarcastic Llama? Naw, Just Acerbic Premium join:2001-07-16 Dartmouth, NS edit: May 3rd, @12:50PM	What are you recommending we test???? Or does that link show how to remove??
	to forum · permalink · · 2008-05-03 12:49:58 ·
tomazyk join:2006-12-04	No DO NOT test that link. It is link to XPAntivirus - rogue antivirus. They offer you a free scan of your system - which of course tells you that your computer is not safe and then they offer you installation of their antivirus. DO NOT INSTALL IT.
	to forum · permalink · · 2008-05-03 18:40:32 ·
Millenniumle join:2007-11-11 Fredonia, NY	reply to Gas Guzzler ... The link opens two successive script windows telling us their product is needed and safe. Then a page opens indicating a scan was performed, finding three nasties. Then a succession of more script windows open prompting to download and run their product. The download is a 65K file full of what is no doubt a bundle of joy. The exploit here is the user.
	to forum · permalink · · 2008-05-04 00:09:06 ·
ahulett Equal Rights - It's Time Premium join:2003-02-02 Bellevue, WA	reply to Gas Guzzler Re: New Variant Of Intrusive Online Scanner More information on this rogue security product: Microsoft Malware Protection Center Program:Win32/XPAntiVirus »www.microsoft.com/security/porta···ntiVirus -- Aaron Hulett \| Senior Spyware Researcher \| Microsoft Malware Protection Center This posting is provided "AS IS" without warranty, and confers no rights.
	to forum · permalink · · 2008-05-04 00:22:06 ·
Anav Sarcastic Llama? Naw, Just Acerbic Premium join:2001-07-16 Dartmouth, NS	reply to tomazyk Not to worry Toma, My intention was too highlight poorly worded advice or suggestion in a security thread. Asking people to test this is bordering on ............ I was hoping a MOD would notice but I guess this week I am clearly meant to be disappointed (my Habs lost last night and are out of the playoffs :-( ) THanks for the link ahulett. -- Ain't nuthin but the blues! "Albert Collins". Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner" LlamaWorks Equipment
	to forum · permalink · · 2008-05-04 11:38:05 ·
tomazyk join:2006-12-04	Yes I thought that was your intention with both questions. With my post I only wanted to warn less experienced users from doing foolish thing.
	to forum · permalink · · 2008-05-04 13:43:50 ·
Reimer join:2006-08-14 Toronto, ON edit: May 4th, @08:30PM	reply to Gas Guzzler Hmm, Firefox blocks it from even loading at all.
	to forum · permalink · · 2008-05-04 20:30:24 ·
jesse2200 join:2006-07-22 Pickering, ON clubs:	Erm...do i have the virus? I tested out your link and NOD32 did not stop it. I exited it right away and it changed the look of my browser. AM I SAFE?!
	to forum · permalink · · 2008-05-04 21:30:03 ·
tomazyk join:2006-12-04	If you didn't run the installer then you should be safe. Check in Add/Remove programs if you have XPAntivirus listed. If so follow the link in ahulett's post for instructions on removing nastie.
	to forum · permalink · · 2008-05-05 00:41:28 ·


Tuesday, 02-Dec 14:54:35	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 9 years online! © 1999-2008 dslreports.com. republican-creole page compression OFF