dont go to the SIMI site- loads of trojans

[NOAH]

This is fact, I tried to have a look at SIMI site today on 2 different OPC's and lets say I am gald I have good antivirus software. There is no visible tel no on site so no way of warning them.

So beware stay away.

noa--

 

[ClubMan]

I just tried it in Firefox v2.0.0.14 (not on 3 yet) a sandbox (Sandboxie) with up to date firewall (Sunbelt/Kerio Personal Firewall), anti-virus (Avira AntiVir Personal) and spyware (Spyware Terminator) security tools running and saw nothing untoward. What are you running and what happened? There are some links to a Chinese site for some JavaScript embedded in the pages. Perhaps these scare some security tools? Judging by the raw page source HTML I think Sunbelt injects JavaScript into the download pages to suppress popups.

 

[Strawberries]

Anytime I go to Fiat.ie I get warnings from my antivirus also.

 

[ClubMan]

While I would never encourage complacence in the context of IT security remember that security tools can and do report false positives.

 

[NOAH]

thanks for replies. I am not going there ie that site for a while. I was using ie7 on both pc's but avg on one and mcafee on the other. I did a rescan with AVG and it found exploit trojan, mcafee dleleted everything on the spot. I also got the message " buffer overflow" with macafee. I was looking for information about new car prices and followed a link from the indo.

Its probably oversensitive anti virus but gave me a shock.


noah

 

[ClubMan]

How do you know that this site was the cause of the problems mentioned? I think it's very unfair (and maybe bordering on defamatory) to accuse a particular site of propagating viruses/trojans as you have done. I can see no evidence of this myself.

 

[mathepac]

Just tried the site myself (Firefox 3, XAV, Firewall under Mac OSX 10.4.11 and 10.5.3 and encountered no problems.

I won't be revisiting the site either, but for different reasons...I don't want to be seen to be defamatory but I find it singularly ugly, poorly designed and constructed and less than engaging for a user.

 

[rgfuller]

This is what our proxy antivirus reported:

WARNING: ProxyAV has detected a virus in this
file!



File has been dropped.

ProxyAV Administrator:

2008-06-30 09:25:21+00:00UTC
Hardware serial number:
ProxyAV (Version 3.1.1.1(29295)) - http://www.BlueCoat.com/
Antivirus Vendor: Sophos, Plc.
Scan Engine Version: 2.74.1
Pattern File Version: 4.30E.424945.3650755886 (Timestamp: 2008/06/30 07:58:00)

Machine name: ProxyAV
Machine IP address:
Server: 84.51.234.87
Client:
Protocol: ICAP

Virus: "Mal/Badsrc-B" found!
URL: http://www.simi.ie/


And looking up that virus it says "Mal/Badsrc-B is a malicious web page that has been compromised to load a script from a malicious website."

 

[NOAH]

thank you rgfuller,

@clubman, I was trying to be helpful, I cant get any contact details on their site. I am not going to use firefox, I have enough webrowsers. I visit hundreds of sites very week and this was the only one that gave all the warnings.

you can delete this post if you wish.

noah

 

[ClubMan]

I've emailed info@simi.ie (and email address I found through a Google search) to alert them to this thread so.

 

[werner]

I've emailed info@simi.ie (and email address I found through a Google search) to alert them to this thread so.

I emailed them as well, my AVG Anti - virus went off the Red with warnings

 

[Marie]

What should you do with a (trapped, vaulted) Trojan virus?

My AVG (free version) picked up a couple of Trojan Horse Generic viruses (10.BHES and 11.PWW to be precise) and dumped them in the virus-vault.

What is the best thing to do? The options include 'delete'. They were found on back-up files. I've never encountered this before so am a bit apprehensive about how to dispose of them (a bit like finding an unexploded bomb, really!)

 

[ClubMan]

Re: What should you do with a (trapped, vaulted) Trojan virus?

Read the AVG help?