Why do I keep gettin a winshark trojan from this site?

Discussion in 'General Discussion' started by uscitizen, Aug 6, 2010.

  1. uscitizen
    Offline

    uscitizen Senior Member

    Joined:
    May 6, 2007
    Messages:
    45,941
    Thanks Received:
    4,791
    Trophy Points:
    48
    Location:
    My Shack
    Ratings:
    +4,807
    Hmmm
     
  2. Samson
    Offline

    Samson Póg Mo Thóin Supporting Member

    Joined:
    Dec 3, 2009
    Messages:
    27,357
    Thanks Received:
    3,742
    Trophy Points:
    245
    Location:
    A Higher Plain
    Ratings:
    +4,210

    We hate your avatars?
     
  3. Ringel05
    Offline

    Ringel05 Diamond Member

    Joined:
    Aug 5, 2009
    Messages:
    40,233
    Thanks Received:
    8,005
    Trophy Points:
    2,030
    Location:
    El Paso, TX
    Ratings:
    +17,349
    If you're using a Symantic product it can give you a false positive for that trojan.
     
  4. uscitizen
    Offline

    uscitizen Senior Member

    Joined:
    May 6, 2007
    Messages:
    45,941
    Thanks Received:
    4,791
    Trophy Points:
    48
    Location:
    My Shack
    Ratings:
    +4,807
    Not a false positive, It installs itself. I adjusted McAffee and now it is intercepting it and deleting it for me.
    3 times in the last 20 min. Traced back to this site.
     
  5. Ringel05
    Offline

    Ringel05 Diamond Member

    Joined:
    Aug 5, 2009
    Messages:
    40,233
    Thanks Received:
    8,005
    Trophy Points:
    2,030
    Location:
    El Paso, TX
    Ratings:
    +17,349
    Interesting. I don't have that problem, even on my Windows machines but I don't use McAfee, I use Avast and Malwarebytes or Spywareblaster.
     
  6. uscitizen
    Offline

    uscitizen Senior Member

    Joined:
    May 6, 2007
    Messages:
    45,941
    Thanks Received:
    4,791
    Trophy Points:
    48
    Location:
    My Shack
    Ratings:
    +4,807
    Yes interesting, I experimented this morning. Ran malwarebytes and McAfee and all clean. Messed around on maybe 1/2 dozen sites, reran Mal and McAfee and all clean. Within minutes of goiing to this site McAfee started intercepting and deleting the Wireshark trojan.
     
  7. Ringel05
    Offline

    Ringel05 Diamond Member

    Joined:
    Aug 5, 2009
    Messages:
    40,233
    Thanks Received:
    8,005
    Trophy Points:
    2,030
    Location:
    El Paso, TX
    Ratings:
    +17,349
    Is it just McAffee picking it up or is Malbytes getting it also? If it's just McAffee picking it up then you have one of two potential issues.
    One is the afore mentioned false reading the other, more probable issue, is McAffee didn't completely remove it leaving a seed behind that attempts to reload it when it's found on the interwebs.
    That also means the trojan is here on the USMB or was at one time and left a hidden command to redirect and start download, reinstallation.
     
  8. uscitizen
    Offline

    uscitizen Senior Member

    Joined:
    May 6, 2007
    Messages:
    45,941
    Thanks Received:
    4,791
    Trophy Points:
    48
    Location:
    My Shack
    Ratings:
    +4,807
    got me, going to another site for a while and see if it stops.
    later.
     
  9. Ringel05
    Offline

    Ringel05 Diamond Member

    Joined:
    Aug 5, 2009
    Messages:
    40,233
    Thanks Received:
    8,005
    Trophy Points:
    2,030
    Location:
    El Paso, TX
    Ratings:
    +17,349
    If you're running Firefox add on Ghostery and Betterprivacy. If you're running IE then..........................
     
  10. uscitizen
    Offline

    uscitizen Senior Member

    Joined:
    May 6, 2007
    Messages:
    45,941
    Thanks Received:
    4,791
    Trophy Points:
    48
    Location:
    My Shack
    Ratings:
    +4,807
    Yeah IE, I got started using a couple of years ago for an employer requirement.

    Going to firefox or something I suppose. Was using netscape up till I swapped to Internet Exploiter.
     

Share This Page