Anyone else heard of this "object" or been attacked while on a forums website? This hit a game website I help admin December 22nd. I have tried looking up any information about who or where it came from but to no avail. One of the moderators found out this was a malicious program that uses a redirect exploit through IFRAME. Tries to open a couple of .htm files from "padonak.info" (IP 18.104.22.168) it uses IFRAME again to download the "proc.jarjava, archive and run MainApp.class. This in turns loads other classes which contain JavaByteVerify exploit. It will also allow a Bloodworm exploit.6 installed through "padonak.info/fa/hta.php/object.cfm object". Anytime anyone goes there, this gets installed and appears on the taskbar. If clicked on, it disables the ActivX so the pages will not appear properly. Those with good anti virus programs can get rid of it easily enough. However, it seems to be able to get around routers and even firewalls like Black Ice. With me, this "object" allowed a suspicious "ANYUMR.DLL" to be installed in my Windows System folder. I ran an online Malware scan and it was a Trojan.Proxy.69 (Dr. Web) or a Trojan.Win32.Pakes ( Kaspersky Anti-Virus) depending on which program named it. The packer is UPX. Some kind of backdoor Trojan. And because it is a trojan, why virus scanners may not pick it up. I am sure it is "very helpful" installing/allowing other junk in as well if you are not behind a good firewall/anti virus program to catch and quarantine it. I was able to get rid of it after scanning with HijackThis, renaming it while in SafeMode, deleting all files in my TEMP folder (it installs alot of malware junk there) and so on. Easy enough but annoying as my AVG Free 7 did not see it and some game community members even had problems with theirs. If you are not using Internet Explorer browser, the object will not install on the taskbar. Now it has changed where it will appear if so many "GETs" are done on the website forums before appearing. Usually after 6 or 10. As admin of that site, this is extremely annoying while running the forums. I have contacted the company that controls the website as soon as it happened December 22. But being Christmass Holidays, I expect nothing will be done until this coming week after everyone gets back.