http://www.dslreports.com/forum/r20208791 en Wed, 09 Dec 2009 19:02:08 EDT Wed, 09 Dec 2009 19:02:08 EDT http://www.dslreports.com/forum/remark,20432616 tomazyk : If you didn't run the installer then you should be safe. Check in Add/Remove programs if you have XPAntivirus listed. If so follow the link in ahulett's post for instructions on removing nastie.]]> http://www.dslreports.com/forum/remark,20432616 Mon, 05 May 2008 00:41:28 EDT http://www.dslreports.com/forum/remark,20431828 Jesse2 : Erm...do i have the virus? I tested out your link and NOD32 did not stop it. I exited it right away and it changed the look of my browser.

AM I SAFE?!]]> http://www.dslreports.com/forum/remark,20431828 Sun, 04 May 2008 21:30:03 EDT http://www.dslreports.com/forum/remark,20431620 Reimer : Hmm, Firefox blocks it from even loading at all.]]> http://www.dslreports.com/forum/remark,20431620 Sun, 04 May 2008 20:30:24 EDT http://www.dslreports.com/forum/remark,20430158 tomazyk : Yes I thought that was your intention with both questions. With my post I only wanted to warn less experienced users from doing foolish thing. :)]]> http://www.dslreports.com/forum/remark,20430158 Sun, 04 May 2008 13:43:50 EDT http://www.dslreports.com/forum/remark,20429753 Anav : Not to worry Toma, My intention was too highlight poorly worded advice or suggestion in a security thread. Asking people to test this is bordering on ............

I was hoping a MOD would notice but I guess this week I am clearly meant to be disappointed (my Habs lost last night and are out of the playoffs :-( )

THanks for the link ahulett.
--
Ain't nuthin but the blues! "Albert Collins".
Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"

LlamaWorks Equipment]]> http://www.dslreports.com/forum/remark,20429753 Sun, 04 May 2008 11:38:05 EDT http://www.dslreports.com/forum/remark,20428614 ahulett : More information on this rogue security product:

Microsoft Malware Protection Center
Program:Win32/XPAntiVirus
»www.microsoft.com/security/porta···ntiVirus


--
Aaron Hulett | Senior Spyware Researcher | Microsoft Malware Protection Center
This posting is provided "AS IS" without warranty, and confers no rights.]]> http://www.dslreports.com/forum/remark,20428614 Sun, 04 May 2008 00:22:06 EDT http://www.dslreports.com/forum/remark,20428577 Millenniumle : The link opens two successive script windows telling us their product is needed and safe. Then a page opens indicating a scan was performed, finding three nasties. Then a succession of more script windows open prompting to download and run their product. The download is a 65K file full of what is no doubt a bundle of joy.

The exploit here is the user.]]> http://www.dslreports.com/forum/remark,20428577 Sun, 04 May 2008 00:09:06 EDT http://www.dslreports.com/forum/remark,20427261 tomazyk : No DO NOT test that link. It is link to XPAntivirus - rogue antivirus. They offer you a free scan of your system - which of course tells you that your computer is not safe and then they offer you installation of their antivirus. DO NOT INSTALL IT.]]> http://www.dslreports.com/forum/remark,20427261 Sat, 03 May 2008 18:40:32 EDT http://www.dslreports.com/forum/remark,20425832 Anav : What are you recommending we test????
Or does that link show how to remove??]]> http://www.dslreports.com/forum/remark,20425832 Sat, 03 May 2008 12:49:58 EDT http://www.dslreports.com/forum/remark,20208791 Gas Guzzler : It calls itself xponlinescanner.com and I was hit twice today while visiting the NY Post newspaper wesbsite.

Its some kind of malware that tricks you to install some fake antispyware program. It appears on legitimate websites.

We saw these kind of browser highjackers last year too.

One of the old security threads that discussed the problem is this one:
»YouTube - Major League Baseball Strikes out

To test how this behaves on your system go here:
xponlinescanner.com/2008/1/freescan.php?aid=77011816
(edited)]]> http://www.dslreports.com/forum/remark,20208791 Sat, 22 Mar 2008 18:00:58 EDT