The first two pics look like they're from a different car
The first two pics look like they're from a different car
And I just got a virus alert for opening the second pic. Kinda odd..
i got one for opening the first one
I also got some Trojan stuff... Avira Antivir FTW.
Yeah it's interesting how those pictures seem to include a trojan.
And the line about stage 2 turbo is interesting when I can clearly see in the second picture that there is no turbo at all.
Third picture clearly features a more modern cars interior I'm pretty sure.
And the line about stage 2 turbo is interesting when I can clearly see in the second picture that there is no turbo at all.
Third picture clearly features a more modern cars interior I'm pretty sure.
It seems strange that these images would contain any malicious content since they were uploaded as attachments several weeks ago and no probs have been reported until now. Can anyone confirm that an actual trojan exists or is it just a false positive?
Confirmed.
I opened then downloaded two two of the images and scanned them and got no report of a trojan. Could it be a particular anti-viral program that is reporting it as an infected file?
(ussbeethoven)
DELETED
by ussbeethoven
my Avira Antivir found the trojan too, TR/Spy.Banker.vk.1. The warning came up when i opened both pics 
Sure, but if that particular anti virus program is reporting a false positive then everyone who uses it will also think there is a trojan, when there may not be at all.
Please can some other members try scanning the images with a different program?
I did some hunting and found three other instances on the Net where people had reported the same warning after clicking on an image and they were all using Avira software. Seems like a false positive, but until other members can verify I can't be sure.
I installed Avira Antivir last week, before I had NOD32. I remember opening these images, and I didn't get any warning from NOD.
yep no warning with nod
Thanks guys. No warning with AVG either, plus I searched my registry for the entry that this trojan is supposed to create and I didn't find it. Running a Spybot check now, then I'll reboot and check the registry again.
*the other reports on the Net that I found dated back to June and September. You'd think that Avira would have fixed this issue with their software by now. That's why I'm still being cautious.
BTW the trojan in question is a keylogger/password stealer, so it's worth taking the time to investigate this properly.
*the other reports on the Net that I found dated back to June and September. You'd think that Avira would have fixed this issue with their software by now. That's why I'm still being cautious.
BTW the trojan in question is a keylogger/password stealer, so it's worth taking the time to investigate this properly.
McAffee said its a virus too
90% through my Spybot scan and we had a power outage, grrrrrrrrrrrrrrrrrrr.
Scanned the registry and no malicious entries there. Scanned my system32 folder and no probs there either.
**2am here, must go to bed.
Anyone with concerns should be cautious and run a proper scan, but it looks like a false alarm so far.
Scanned the registry and no malicious entries there. Scanned my system32 folder and no probs there either.
**2am here, must go to bed.
Anyone with concerns should be cautious and run a proper scan, but it looks like a false alarm so far.
+1
using shitty macaffee.
warning came only at first pic here, the other two where "clean"
The image in question is fscked and while not a trojan itself, contains things that an image shouldn't contain!
Not what I'd expect to see at the end of a JPG file
Not much of a surprise to see a LACNIC domain in use for malware however.
Regards,
Ian
<!-- INICIO - PUBLICIDAD POP-UP UNDER -->
<IFRAME SRC="http://www.[redacted]/ar/popunder/p_submit.asp?site=[redacted].ar" width=1 height=1></IFRAME>
<SCRIPT LANGUAGE="JavaScript">
//<!--
for (var i=1; i<15; i++){
setTimeout('self.focus();',i*30);
}
//-->
</SCRIPT>
<!-- FIN - PUBLICIDAD POP-UP UNDER -->Not what I'd expect to see at the end of a JPG file
Not much of a surprise to see a LACNIC domain in use for malware however.
Regards,
Ian
my cars
BMW 323i 1981 with 5-speed alpine box stainless steel exhaust and seats RECARO-BMW E21
http://i43.tinypic.com/24px8c3.jpg
Fiat Palio 1.7 Turbo Diesel 2007
http://i40.tinypic.com/sbndw2.jpg
http://i43.tinypic.com/24px8c3.jpg
Fiat Palio 1.7 Turbo Diesel 2007
http://i40.tinypic.com/sbndw2.jpg
really nice bmw you have there
Agreed. Classic car in perfect condition.
Thanks Ian, I have removed the offending image as a precaution.
No probs. I'd guess at it needing quite a specific exploit to work, but not right nonetheless
Here's a NULLed version if Inouva wants to reattach it to her OP
Regards,
Ian
My MKIV 93 n/a j-spec supra
Agreed again, love those E21s especially when they look like yours!
This thread is closed
Post your Car!
(15536 posts, closed, started )
FGED GREDG RDFGDR GSFDG