Virus

UKworkshop.co.uk

Help Support UKworkshop.co.uk:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.

Keith Smith

Established Member
Joined
1 Mar 2004
Messages
511
Reaction score
1
Location
Out in the sticks in rural Shropshire
I realise this is not really the forum for this but it is the one most members read.

I have just had a computer virus/trojan as has Dewy and Chippysmith, the common link is Sawdustalley's web site. I have emailed James to let him know but unless you have very good anti virus software I would avoid his site until he gets it sorted.

Keith
 
Thanks for that Keith. Better to post here as I know a lot of members visit the SDA site.

Noel
 
But had you been downloading ? Or did it just come in as a result of browsing and any idea which page. I'm interested from a professional viewpoint as it's not often I get a chance to check one out that's 'live' as it were!
 
Just tried accessing SDA's forum's with an up to date virus scanner. 3 virus's were detected!:
PWS-Banker.dll
PWS-Banker.dll!sys
Exploit-MhtRedir.gen
Cheers
Gidon
 
I seem to remember that there was a security vulnerability in the pHp bulletin board software that got flagged up a while ago. Maybe James missed the alert? Could be wrong, of course.
 
Roger Sinden":agouejl5 said:
Maybe James missed the alert?

Or he may not have removed some of the set-up files (dlls etc.) that are flagged for removal as being a security risk after setting the site up. Can't remember the names off-hand, like you I could be wrong, of course.
 
Keith Smith":k8lyqvy5 said:
My virus software didn't tell me the name just deleted the file (hammer) knocked it on the head as it were :lol:

...in which case, it's probably recorded in your software's Activity Log or equivalent?
 
Gidon

What virus scanner did you use?

I'm really perplexed by this thread as I did not think that you can get a trojan onto your PC from a website unless you specifically download and open a file.

PWS-Banker.dll is downloaded as an .exe file

http://www.viruslist.com/en/viruses/encyclopedia?virusid=49415

So it looks as if the PC James' website is hosted on has this Trojan but it doesn't explain what happened when Keith viewed it

EDIT: Doh...brain not switched on when I wrote this. Of course, you can get a virus or trojan just by viewing a webpage. All it needs is some Java or Active X stuff embedded in the webpage and if you are running 'weak' security on your browser then you get infected.
 
I don't understand much about these virus's but a couple of months ago both my spyware protection and antivirus found a keylogger and then a few weeks later i noticed that my credit card company had charged me for something that i did not know about. It turns out that someone in the US had purchased a computer software item from Sweden for £61. The credit card company gave me the money back, but what shocked me was that they did not seem to be worried about it. I thought that they would change my card number so this person could not use it again, but they didn't.

The thing that i cannot understand is how do they get away with it? This item has to be delivered to an address, so surely these people are not stupid enough to think that the police will not come a knocking?

Keith, i hope that the virus has not caused you to much trouble.

Regards

Woody
 
Woody

If it was me then I would ask for a new credit card number pronto.

To answer your other question...how do they get away with it....not all companies insist on shipping to the billing address.
 
Woody,

Keyloggers seem to be loaded onto one's disk with lots of stuff these days - certainly any pirated software or stuff that is downloaded from usenet etc. I have three antispyware programs running at all times and these days, I seem to be kept reasonably free of the stuff.

As far as your wrong credit card charge goes - most internet software is downloaded rather than delivered in a packaged form so the thief doesn't need to worry about not having your address.

But - I have had some bloke making several determined attempts to assume my identity. He has managed so far to get three credit cards on my bank accounts - DESPITE me closing the relevant accounts and re-opening new one - I frankly suspect the postman. I have been to make police reports to no avail, the bank are marginally interested and I have come to the conclusion that short of keeping you money under the mattress there is little you can do other than be vigilant.
 
Back
Top