I had just uploaded a file at FileFront & this launched a window to an ad called aShopping.com, this tried to launch "~.exe" that COMODO picked up, now although I blocked it after a scan the virus (HIDDENEXT/Crypted) was found in the C:\Documents and Settings\myprofile\Local Settings\Temporary Internet Files, I have deleted it & all is ok but thought I'd give the warning, a bit poor of FileFront IMO!:-?:oops:

Edit: Looks like I may be infected, ever so often when I open a new page with firefox a window opens to here: http://403.hqhost.net/index.html
thank goodness it's an error message, or is it? any advise welcome.:cry:
I think it has infected firefox, this is what opens:
http://i66.photobucket.com/albums/h244/Reecehk/virus.jpg

I went to Filefront without issue. I think you got worm in your system.:o

lol good luck dude. I hope you kill it before it spreads. :yep:

Well it was straight after uploading a file there! only spot before was Photobucket, hope it wasn't there!! I am about to re-ghost my machine, I'd love to get a hold of the creeps who make these, damn maggots!!:nope:

You need to be 100 percent sure it is filefront before accusing them of infecting your system.

#1 If they were responsible it would be all over the net news right now. Many people use filefront.

#2 Filefront is a quality site. Not the biggest and not some small operation.

Sounds suspiciously like the Virtumonde trojan (http://en.wikipedia.org/wiki/Virtumonde).

My wife got it last week, presumably through facebook or one of her frequented forums. Spybot picked it up but I had to rid it manually. Took a few hours.

Oddly it got past both her hardware and software firewalls and her online virus scanner.

Sounds suspiciously like the Virtumonde trojan (http://en.wikipedia.org/wiki/Virtumonde).

My wife got it last week, presumably through facebook or one of her frequented forums. Spybot picked it up but I had to rid it manually. Took a few hours.

Oddly it got past both her hardware and software firewalls and her online virus scanner.Same here I and my wife both had that one 2 weeks ago. Shes on Facebook too.

I removed it and through our system. I was using Norton antivirus 2009 but I canceled the service. It didn't even stop it. I found it using Microsoft malware tool remover.

That one is a real pain. It got through my routers firewall and my software's

Finally have my system cleaned for the last week now.

You need to be 100 percent sure it is filefront before accusing them of infecting your system.

#1 If they were responsible it would be all over the net news right now. Many people use filefront.

#2 Filefront is a quality site. Not the biggest and not some small operation. It's not really an accusation, it's a warning, would some poor sucker like to upload a file here for a test!:lol:
What I did was to start firefox this morning after completing a mod, I went to Photobucket to upload some pics, that went ok, I then went to FileFront & uploaded a file, I went through the browse & selected the file as soon as I clicked on "Upload" the progress bar came up & a new window opened to "aShopping.com", then COMODO came up with a warning, I didn't respond straight away when the damn virus warning popped up as in the image above, this is why the warning!!:oops:
Neither Ad-Aware or Avira could fix it!!:-?
An urgent thread warning was a must!!:stare:
Thank goodness I had re-ghosted only a week ago.:yep:

Originally Posted by JScones
Sounds suspiciously like the Virtumonde trojan (http://en.wikipedia.org/wiki/Virtumonde).

My wife got it last week, presumably through facebook or one of her frequented forums. Spybot picked it up but I had to rid it manually. Took a few hours.

Oddly it got past both her hardware and software firewalls and her online virus scanner.
I suppose it could have been Photobucket with a delayed reaction, doubt it though!!

Spybot only removed the adware that vundo added to the system 2 weeks ago.

Lol my wife says my new Dell XPS 730 is the cause. It started not long after we got the system. I said it was the antivirus not doing its job.

I finally did some research and found some removal tools.

Then I deleted any files that contained the virus.

Her system too.

Funny thing is my old rig wasn't effected.

Just mine and my wifes Sony viao. Very strange...:hmm:

I would bet money it didn't come from Filefront. One of my computers was also recently infected, and it also bypassed my firewalls and antivirus protection.

You defiantly have the Virtumonde trojan (http://en.wikipedia.org/wiki/Virtumonde) as was mentioned, and its a royal pain to get rid of if you don't know what your doing (and most virus and spyware scanners cannot directly fix it due to how the virus works). Its also very common for these things to delay activation by days, weeks or even longer to prevent the trojan from being traced back to the host site.

Now for getting rid of it...

Go to this site and download Spybot S&D
http://www.safer-networking.org/en/home/index.html
Have it update and run a scan
It should find Virtumonde, now look for the 2 .dll files that Spybot found (don't reboot). Go to the directory their in (/windows/system32) find them both (make sure you have unhidden the files) and rename them both to something else and remove the .dll extension. Now reboot, delete the renamed files by hand and have Spybot clean up the rest.

If you can't rename the files then use something like Dr. Delete (http://www.docsdownloads.com/dr-delete-1.htm) to have the files deleted on system startup

Yes there sneaky damned things, If I could change the title to "Possible" I would, but at the time I was just frantic to get the warning up for others here on Subsim, then save certain files like "Outlook Express" and re-ghost, for some reason I'm not game enough to try it again!!:-?:yep:
Edit: Just posted same time as Me NeonSamurai, are you able to change the title?

Sounds suspiciously like the Virtumonde trojan (http://en.wikipedia.org/wiki/Virtumonde).


I was thinking the exact same thing. My wife's laptop got hit with that one last week as well. MAN it was a *expletive* to get rid of. It hit my computer and my laptop about four months ago. Thankfully I know what I'm doing with it and was able to rid all these computers of it.

I would love to meet the *expletive, expletive, explitive* who wrote that damn trojan. It's one of the most prevalent ones out there now. EVERYONE is getting it. My own parents got it on their computer and they don't go anywhere but CNN.com and they don't use email. If I ever find the *expletive, expletive, expletive* who wrote it, I'm going to shove my foot so far up his *expletive* that he won't every be able to *expletive* in comfort ever again ! :stare:

(By the way.. virus and spyware scanners won't get rid of it. It will even shut down most of them.)

I've been uploading a few artfiles over the last 2 weeks, and have not had any problems with Filefront.

thank goodness it's an error message, or is it? any advise welcome

Let me put it this way... if it was an email I wouldent open it due to the bad grammer and mispellings. It looks suspect.

"PC freezes and creahes" ?! :doh:

Reece, I have come in late on this and someone else may have already covered - but the message you were getting is NOT genuine, it is a false claim caused by a driveby download, nothing to do with Filefront.

You have picked it up from somewhere without realising it ( which is by design), and it will pop up these lurid messages about infections you haven't got, trying to get you to by the product, which is a scam and a waste of money.

This link

http://news.bbc.co.uk/1/hi/technology/7779223.stm

tells you about scareware, and though the one you have may not be named here, it is of that class.Sorry if this is already dealt with - in a rush and no time to read all messages :)

Here is a very good anti-malware site that has removal instructs for this.
http://www.bleepingcomputer.com/malware-removal/remove-antivirus-360. Hope it helps

I don't know if anyone else has experienced this but there seem to be an awful lot of pop-ups on Filefront lately (last 3-4 days). My pop-up blocker has been kept pretty busy whenever I've been there recently. Think that I'll steer clear of the site for a while...

Yes there sneaky damned things, If I could change the title to "Possible" I would, but at the time I was just frantic to get the warning up for others here on Subsim, then save certain files like "Outlook Express" and re-ghost, for some reason I'm not game enough to try it again!!:-?:yep:
Edit: Just posted same time as Me NeonSamurai, are you able to change the title?

Thanks for the heads up mate http://www.psionguild.org/forums/images/smilies/wolfsmilies/thumbsup.gif

I got an AVG warning. Maybe I should rescan my system.

Yes it's a nasty one, after I re-ghosted no problems, I'm starting to think that it didn't come from FileFront, just decided to popup then!:-? The big question is where did I get it!!:oops::doh:
These are the sequences on the day it showed up:
Google (default home)
PhotoBucket
FileFront (when it popped up)
Subsim
The day before my wife used it ..... Oh crap!!:damn:

it comes via driveby download - see this link for a brief explanation.

http://www.theregister.co.uk/2008/01/23/booby_trapped_web_botnet_menace/

if you have XPL Linkscanner Pro or similar installed, that warns you about bad sites, and stops you accessing them .It may not be forever foolproof as these things are always developing, but it is very useful. Never let me down yet. There is a range of very persuasive scareware products like Antivirus 360 that have been catching many people in their trap recently. Three of the biggest companies behind the scam have just been shut down - but others will take their place, so it is wise to have something that warns you as it could so easily happen again. I fix computers all the time and have recently seen an increase of this sort of infection in my local area.

Thanks for the heads up She-Wolf, I know I have at various times downloaded drivers and such on the fly!:-?
At least one in ten web pages are booby-trapped with malware, according to a separate study by Google published last May.
Those statistics make it almost impossible not to get it!:doh: I will look closer at this "XPL Linkscanner Pro".:yep:

Not good, I hope it isnt filefront.

my antivirus has something up with it!!! I try to get the control panel up for it and all I fet is a white screen with a black border with the little Mcafee logo.:o

A scary place is the Internet...

I can only say, "Use Firefox and your brains". The NoScript plugin works wonders at stopping driveby downloads.

Firefox + NoScript + ZoneAlarm = :up:

But then again, if you have someone like my little brother who disables such features because it interferes with Flash games. :doh:

Ive always hated those stupid flash programs.

Ive always hated those stupid flash programs.Not Putin Paul!!:lol:
I have COMODO and never actuall had the Defence+ activated, tis now, but every process is questioned, I fired up Photoshop & COMODO's alert question box popped up around 20 times, and does this for every damn app!!:doh: what a pain!!:yep::88)

Still cant figure out whats rong with my antivirus.:hmm:

Still cant figure out whats rong with my antivirus.:hmm:

Go here and try their "Virtual Technicion". It will scan your McAffee software and fix it if it finds a problem.

http://service.mcafee.com/TechSupportHome.aspx?lc=1033&sg=TS

This is an really annoying Trojan
had it on the PC at work, since there was no AV at all on it I used
AVG, Spybot, Autorun Manager and Combifix.

Note: this Trojan is known as Vundo -
http://en.wikipedia.org/wiki/Vundo

HunterICX

Still cant figure out whats rong with my antivirus.:hmm:

It could have a virus :smug:

Don't know if this helps anyone but here is a tip that I learned a while ago. I use AOL (which is based on IE) 9.0 on my old XP Home machine.

1) Go to Control Panel
2) Click on Network & Internet Connections then Internet Options
3) In the Internet Properties dialogue box click the Privacy tab
4) Click the Advanced Button
5) In Advanced Privacy Settings check the Override Automatic Cookie Handling box
6) Select Prompt for First Party Cookies & Block Third Party Cookies
7) Leave the Always Allow Session cookies box unchecked
8) Restart your pc

I know that this won't stop nasties like trojans but it does give your a bit more control over what cookies get installed on your machine.

Im thinking of going back to the old way of anti virus. Get a machine gun and put up a bunch of sandbags on the incomeing internet connection.:lol:

hmmm the scanner says that there is nothing rong with Mcafee. Im wondering if when I switched my motherboard over to intell(and processor) that could have done something.:hmm:

hmmm the scanner says that there is nothing rong with Mcafee. Im wondering if when I switched my motherboard over to intell(and processor) that could have done something.:hmm:

Log into your account on their web page and see if your subscription is expired. Beyond that, their tech support staff is pretty good. You can use their chat room tech support in a separate window.

Well I went back to FileFront & Photobucket to upload files & all seems ok, the popup to aShopping.com opened up as before in FileFront but I hit close straight away, I wasn't taking any chances!:yep:

Well I went back to FileFront & Photobucket to upload files & all seems ok, the popup to aShopping.com opened up as before in FileFront but I hit close straight away, I wasn't taking any chances!:yep:

I hate those lousy things.:yep: