Feedback: Avast Anti-virus reporting a trojan horse...

Discussion in 'Site Feedback and Support' started by drednot57, Jun 7, 2011.

  1. drednot57

    drednot57 Well-Known Member

    Apr 26, 2010
    1,935
    41
    48
    Working at Hach Co.
    Nevada, IA
    #1 drednot57, Jun 7, 2011
    Last edited: Jun 7, 2011
    from an affiliated site (?): http://cerabos.co.be/index.php?tp=0c9b13a3940500bc -- looks to be located in Belgium?

    Malware: JS:Downloader-AQW.

    You guys may have one or more advertisers proliferating malware on your site; please check them out.

    Thanks. :smile:

    Edit: Just did a nslookup, and it reported ip addresses 63.251.179.32, and 64.27.117.56. Hope this helps.
     
  2. Wesley

    Wesley Well-Known Member

    Apr 12, 2006
    70,964
    542
    113
    Envr Engr/Program Manager
    Omaha
    #2 Wesley, Jun 7, 2011
    Last edited: Sep 7, 2013
    I second that emotion. Please check out those cads from Belgium.
     
  3. hawkeyeh8r

    hawkeyeh8r Well-Known Member

    Jun 10, 2010
    2,159
    46
    48
    Ames
    hmm avg and avast are now picking it up. im surprised my avg AV hasnt picked anything up yet
     
  4. ISUKing

    ISUKing Member

    Apr 28, 2010
    459
    14
    18
    Technical Support
    Ankeny, IA
    We use Sophos at work and I am getting the same warning
     
  5. ChrisMWilliams

    ChrisMWilliams Publisher
    Staff Member

    Apr 11, 2006
    18,688
    601
    113
    Sports Journalist
    Des Moines
    Hey guys - Does your virus protections say anything about where this virus is being found? Any details on that would help.
     
  6. drednot57

    drednot57 Well-Known Member

    Apr 26, 2010
    1,935
    41
    48
    Working at Hach Co.
    Nevada, IA
    My first post has the URL, and I did a nslookup for the IP addresses, please check there.
     
  7. sunnysideup

    sunnysideup Well-Known Member

    Aug 6, 2009
    1,594
    40
    48
    Accountant
    The Metro
    I wonder if this is why McAfee is blocking CF at work.
     
  8. ianoconnor

    ianoconnor Well-Known Member

    Nov 12, 2007
    8,397
    244
    63
    Acquisition Analyst
    Urbandale
    I got a virus here yesterday on my work computer and it just popped up again now. Its the 'windows xp restore' virus.
     
  9. isuno1fan

    isuno1fan Well-Known Member

    Mar 30, 2006
    18,702
    512
    113
    Clive, Iowa
    Just got another warning from Norton when I came to the site.
     
  10. ItsCyence

    ItsCyence Well-Known Member

    Apr 28, 2010
    3,574
    121
    63
    Brookings, SD
    Hmm I haven't received a warning ever on this site. Does that mean my Norton is good?
     
  11. IcSyU

    IcSyU Well-Known Member

    Nov 27, 2007
    24,880
    1,032
    113
    Rochester, MN
    Also could depend on browser.
     
  12. Torn

    Torn Member

    Jun 6, 2010
    243
    18
    18
    I can't get on the site at work anymore.
     
  13. isuno1fan

    isuno1fan Well-Known Member

    Mar 30, 2006
    18,702
    512
    113
    Clive, Iowa
    I mentioned in another thread it is exactly the same thing that happened last Summer. Should be easy to fix. Has happened twice to me today.

    CW says they are on it, I guess I'll take his word for it.
     
  14. BenEClone

    BenEClone Active Member

    Mar 22, 2006
    2,177
    18
    38
    Lincoln, Ne
    This is what popped up for me on the main page, I have no idea what it means:

    [​IMG]Danger: Surf-Shield has detected active threats on this page and has blocked access for your protection.


    The page you are trying to access has been identified as a known exploit, phishing, or social engineering web site and therefore has been blocked for your safety. Without protection, such as that in the AVG Security Toolbar and AVG, your computer is at risk of being compromised, corrupted or having your identity stolen. Please follow one of the suggestions below to continue.

    URL: dollhop.co.be/index.php?tp=f2aac5514568eb04
    Name: Blackhole Exploit Kit (type 2021)
     
  15. ruxCYtable

    ruxCYtable Well-Known Member

    Aug 29, 2007
    5,086
    219
    63
    It's nasty. Completely wiped out two hard drives that I know of.
     
  16. SeattleClone

    SeattleClone Well-Known Member

    Aug 15, 2006
    6,190
    441
    83
    CF has been getting flagged by Norton several times over the last couple days.

    193.105.154.238 dergale.co.be

    I think I'm about done here... I definitely do not want something getting past Norton on my new computer, and I'll be switching to avast when my Norton trial is over. This keeps happening way too often here. I frequent several other message board websites with no problems.
     
  17. RustShack

    RustShack Well-Known Member

    Jan 28, 2010
    7,050
    111
    63
    Doing work son
    Adventureland
    I don't get it anymore.. whatever ad it is my adblock on firefox must block it because it stopped after I updated that.
     
  18. 2020cy

    2020cy Well-Known Member

    Aug 7, 2006
    4,458
    107
    63
    I got nailed on my laptop, not fixed yet. Still issues as of Friday night.
     
  19. Judoka

    Judoka Well-Known Member

    Jun 16, 2010
    15,549
    245
    63
    Timbuktu
    Me either, it started being blocked sometime last week for "Malicious content"
     
  20. shawn_200m

    shawn_200m Active Member

    Apr 11, 2006
    690
    41
    28
    Scientist
    Tipton, IA
    I got nailed tonight with this virus and it wiped out my hard drive...all of my files are gone. I'm officially done here, completely ridiculous....posting this from my phone.
     

Share This Page