Question Something's triggering a virus threat

cboath

Master Member
I've gone to the three sections now - replica props, OT, and Movie and each time the page loads i'm getting a virus warning on 910.8207.exe being a possible trojan. Not happening on any other site, just here.

My guess is it's a false positive, but thought you should know either way.

FWIW, i'm running an updated AVG 2012
 

Wes R

Legendary Member
my norton isn't going off which i guess is a good sign. I wonder if it's one of the ads on the site.
 

cboath

Master Member
I just came in for the first time this morning and got 4, seriously, as the first screen even loaded.

one was a {something}.com/img.php, something else ARF.exe
 

LeoFirebrand

Active Member
I got the windows vista virus alert 2012 virus last night trying to view an image. Virus blocker cleaned it but it still broke .exe associations so I had to modify registry too. Was quite the pain. If it helps it was in the junkyard. Think I was looking at mecha01's portal turret pics. Not sure if the virus can attach that way.
 

cboath

Master Member
I got the windows vista virus alert 2012 virus last night trying to view an image. Virus blocker cleaned it but it still broke .exe associations so I had to modify registry too. Was quite the pain. If it helps it was in the junkyard. Think I was looking at mecha01's portal turret pics. Not sure if the virus can attach that way.
Exact same thing happened to me just after posting my last post in this thread.

Running spybot said that it foud Fraud.InternetSecurity2011. Files listed were ARF.exe and two very long asdfad435tdsafasd90asd type files. In program data and appdata\local and appdata\local\microsoft\windows\templates. (Those asdasdf things aren't the actual files names, just showing that they were 20+ characters long and random alphanumeric names with no extensions).

Extremely uncool.

I know it's not the staff fault, but someone needs a butt kicking for letting this stuff through. My guess is an adserver.
 

cboath

Master Member
As soon as I posted the above, I went to the OT and got yet another one.

Changed browsers and now running with adblock and have gone to 5 different RPF sections and checked out threads. Haven't seen an ad and haven't gotten any virus warnings.
 

jango5204

Active Member
I got hit with the windows antivirus scans yesterday on the Toughbook in my cruiser. Had to turn it to I.T.
 

Art Andrews

Community Owner
Community Staff
I got the windows vista virus alert 2012 virus last night trying to view an image. Virus blocker cleaned it but it still broke .exe associations so I had to modify registry too. Was quite the pain. If it helps it was in the junkyard. Think I was looking at mecha01's portal turret pics. Not sure if the virus can attach that way.
Do you know the junkyard page you were looking at when you saw this?
 

cboath

Master Member
Just happened to me, yet again, simply by going to the OT. I forgot and used the wrong browser and got hit immediately. Killed it, switched and seems OK with adblock on.
 

cboath

Master Member
Here's the log I have from AVG. Odd thing is it flagged 3-5 things when I first encountered it, but only logged 1 it seems. Hope they help. Times are central time, too.

The three AVG has listed in it's history - since yesterday are:

Virus found Win32/Cryptor
"c:\Users\<username.\AppData\Local\Temp\335.8026.exe"
12/12/2011, 5:13:18 PM
file C:\Program Files (x86)\Java\jre6\bin\java.exe


Trojan horse Generic_r.JU
c:\Windows\System32\consrv.dll
12/11/2011, 11:14:04 AM
file C:\Windows\System32\csrss.exe

Trojan horse Generic_r.JU
c:\Windows\System32\consrv.dll
12/11/2011, 11:05:47 AM
file C:\Windows\System32\csrss.exe
 

pennausamike

Sr Member
I got a virus while on the RPF a couple of days ago.
Had my Kaspersky off at the time.
Turned it back on to an infection:
HEUR:Trojan.Win32.Generic
which I cannot quarantine because it imbedded in the operating system:
c:\WINDOWS\system32\drivers\i8042prt.sys

It happened again today, but I was on our newer computer and the Kaspersky caught it.
I'm not sure where I was when I got the hit,
because I closed the window when it happened.

This trojan opens another window; the other one was a pretend virus protection program.
Sorry if that isn't a helpful description,
my computer powers are rather minimal.

Mike
 
Top