FIREFLYFANS.NET CENTRAL

Downloader.Exploit.64

POSTED BY: QWERTY
UPDATED: Tuesday, June 26, 2007 05:31
SHORT URL:
VIEWED: 5344
PAGE 1 of 1

Tuesday, June 19, 2007 4:45 AM

QWERTY


Hi, Don't know if anyone else has reported this issue, but this morning when I logged onto the site, and as I've been perusing around, my anti-virus software has been going a bit nuts, saying my machine is getting hit with "Downloader.Exploit.64".

It's nothing malicious, my AV software is easily quarantining it and deleting the files, but it is rather annoying.

Do you know where this might be coming from? Any new ads or anything that could be spawning this?

This is the information provided to me by me AV software: http://securityresponse.symantec.com/security_response/writeup.jsp?doc
id=2006-041114-2838-99


Thanks!


NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Tuesday, June 19, 2007 4:48 AM

KANEMAN


Spam...here?

NOTIFY: N   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Tuesday, June 19, 2007 6:03 AM

ICHIBAN


I think it's something to do with three items posted to the Blue Sun Room - they show up on the main page.
There's what I guess is supposed to be an image used in the title of all three, browser starts to download it.
The site the image is downloading from has all sorts of Chinese on it and has a reference to IE 0day - which seems to be some sort of browser exploit.

I tried looking stuff up on google about it, but all the results are too technical for me.

My anti virus isn't going crazy - but that's either cause I'm using Firefox or because my anti virus is rubbish - hope it's not the latter.

EDIT- just looked at the source, it's a java script thingy not an image - sorry

NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Tuesday, June 19, 2007 7:02 AM

PHOENIXROSE

You think you know--what's to come, what you are. You haven't even begun.


Yeah, my virus protection had some major freakouts when I first tried to get on today, so I used a different bookmark to bypass the homepage and it seemed fine. Was more than a little irritating.


Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so.
A troll's hair is still pointy, even when it's wearing a hat.

NOTIFY: N   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Wednesday, June 20, 2007 1:17 PM

LEIASKY


It's still happening to me when I click on the Blue Sun Room, and then click on 'show me more fanfics'. My virus software is still going nuts. This is the site, in addition to the download explorer thing I'm also getting, is: idfirstc.com/wawrar/07004.htm

I just won't load this site at home (my work virus software is much better) until I know this issue has been fixed.

"A government is a body of people usually notably ungoverned."

NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Monday, June 25, 2007 2:38 AM

JODIE


Hi -
Thought I was imagining things, thinking it was this site...but just when i thought the problem was resolved, up it pops again!

I got nothing - until I went back to the Blue Sun page before the current one (fics from 20 June and previous).

Please - anyone have any ideas?? I don't want to have to quit this site - it has me a bit weirded out.

The following is from the Symantec site:


Downloader.Exploit.64 is a heuristic detection for the Microsoft MDAC RDS.Dataspace ActiveX Control Remote Code Execution Vulnerability (Bugtraq ID 17462).

An attacker who exploits this vulnerability could execute arbitrary code with the privileges of the logged-on user. The attack has be launched by visiting a website that hosts the malicious code. The exploit requires no user interaction to trigger.

Applies to: Windows NT/2000/XP (including SP2)/2003

Files that are detected as Downloader.Exploit.64 may be malicious.


Anyone understand all this?

NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Monday, June 25, 2007 11:04 PM

MISSTRESSAHARA


Yup, happened to me today. I'm worried because we haven't updated our virus definitions because we haven't the coin.

Guesse I'll just avoid the BSR.

~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~
~*Peter* Peter*; power *re-peater*~
`@/
/Y
/_)

*Petrelli for President. Together we can soar.*
**********~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
**********~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
**********~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
**********~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
**********~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

HEROE'S IS MY CRACK!
~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~


NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Tuesday, June 26, 2007 5:31 AM

PHOENIXROSE

You think you know--what's to come, what you are. You haven't even begun.


I downloaded the Explorer Security Update and haven't had a problem since. It's free if you have Windows, so those who can't update their virus definitions might want to go that route. Either that or just don't go to the Blue Sun page that has that posting on it.


Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so.
A troll's hair is still pointy, even when it's wearing a hat.

NOTIFY: N   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

YOUR OPTIONS

NEW POSTS TODAY

USERPOST DATE

OTHER TOPICS

DISCUSSIONS
Pallette of fonts?
Thu, April 21, 2022 22:56 - 2 posts
Made in Taiwan
Thu, April 21, 2022 22:54 - 16 posts
Getting thrown off whenever I try to post
Sat, December 18, 2021 14:58 - 10 posts
Shiny Universe Updates on Twitter
Thu, September 2, 2021 13:07 - 8 posts
PIRATENEWS Why?
Sun, January 14, 2018 01:57 - 63 posts
Site back up
Tue, September 5, 2017 23:04 - 1 posts
Site just got back up.
Thu, June 15, 2017 18:39 - 3 posts
malware threat here?
Mon, March 21, 2016 13:09 - 11 posts
Is anyone else having trouble updating their sigantures?
Mon, November 16, 2015 01:12 - 16 posts
Time for new software.
Fri, June 26, 2015 10:04 - 5 posts
Missing link
Thu, February 6, 2014 12:53 - 2 posts
fickle log in
Wed, August 29, 2012 15:14 - 4 posts

FFF.NET SOCIAL