Jump to content

BRFCS

BY THE FANS, FOR THE FANS
SINCE 1996
Proudly partnered with TheTerraceStore.com

[Archived] Virus?


Recommended Posts

FYI

There was a security flaw (since corrected) where a user could put a dodgy image in the avatar. If this members account was then viewed by an admin, then that person could take control of that admins account. I guess even refusing the user posting rights must have done this.

Fortunately I managed to catch it fairly quickly and shut down the site. I would advise anybody who accessed the site using Internet Explorer between 3pm and 4pm to run a virus checker and spyware checker. Also the user in question attempted to mass mail every member of the site, if anybody recieved this email and ran the attachment, they should also perform the same actions.

The infection is cws.loadadv - I will attempt to find more detailed removal instructions and advise later.

Remember - BRFCS will never send unsolicated emails, and you should always process with caution on any emails before clicking any links.

Link to comment
Share on other sites

Apparently when you open the attatchment the virus buys out your computer, replaces all the internal workings with the most expensive in the business, and forces it to play Shevchenko in all your football management games...

Good work on catching it Ste B!

Link to comment
Share on other sites

B)-->

QUOTE(Ste B @ Jan 30 2007, 19:30 ) 485466[/snapback]

FYI

There was a security flaw (since corrected) where a user could put a dodgy image in the avatar. If this members account was then viewed by an admin, then that person could take control of that admins account. I guess even refusing the user posting rights must have done this.

Fortunately I managed to catch it fairly quickly and shut down the site. I would advise anybody who accessed the site using Internet Explorer between 3pm and 4pm to run a virus checker and spyware checker. Also the user in question attempted to mass mail every member of the site, if anybody recieved this email and ran the attachment, they should also perform the same actions.

The infection is cws.loadadv - I will attempt to find more detailed removal instructions and advise later.

Remember - BRFCS will never send unsolicated emails, and you should always process with caution on any emails before clicking any links.

Who was the user?

Was it one of those Bolton fans?

Link to comment
Share on other sites

Was it one of those Bolton fans?

Well, you never know what you can catch there, but its more likely to be one of Romans rent boys as it was definitely coming from the Ukraine.

I'm not blaming anybody though, or i will get in trouble.

Link to comment
Share on other sites

Apparently when you open the attatchment the virus buys out your computer, replaces all the internal workings with the most expensive in the business, and forces it to play Shevchenko in all your football management games...

Good work on catching it Ste B!

:D Excellent.

Problem with the Messageboard, Ste?

Link to comment
Share on other sites

but surely theres puters in the brylcreem land?

There is, but the only way his ball and chain would let him go is if he promised to spend every minute that he's not flying tanks talking to her.

Women are evil Abs.

Link to comment
Share on other sites

######, just got the email, virus checker going beserk, does it cause major damage? the checker has found 3 seperate virus's so far

Trojan horse PSW.generic2.ZSL kipeqf.exe

Trojan horse clicker.EEP qvtgacbe.exe

Troan horse downloader.generic3.MIT wleruevr.exe

anybody recognise them?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Announcements

  • You can now add BlueSky, Mastodon and X accounts to your BRFCS Profile.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.