Trojans While Surfing

Discussion in 'NOD32 version 2 Forum' started by Ryan Hayward, Aug 20, 2005.

Thread Status:
Not open for further replies.
  1. Ryan Hayward

    Ryan Hayward Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    57
    Sometimes I get trojans from song lyrics sites such as musicsonglyrics.com
    Here is an event logged from the above site. Should I be worried about these trojan threats, even with Nod32 protection ?
    If so, could I turn something off with IE to prevent possible trojans from infesting my 'puter ?
    I have to ask as I use internet banking and don't want those trojans that can log key presses :)

    Time Module Object Name Threat Action User Information
    20/08/2005 17:20:28 PM IMON archive <Removed> probably a variant of HTML/Exploit.CodeBaseExec trojan Connection terminated YOUR-8ABC512DA0\Compaq_Owner
     
    Last edited by a moderator: Aug 20, 2005
  2. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    I am not concerned while using Nod32, though I do also have Process Guard 3 preventing Trojan installation.

    Cheers :D
     
  3. Ryan Hayward

    Ryan Hayward Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    57
    Here's the most recent log of yet another attack, this makes 4 in the last 2 hours and all from song lyric sites. Should I delete the files from quarantine to be extra safe or should they be harmless there ?
    I wonder why quite a few song lyric sites are up to this sort of behaviour, I thought most trojans would come from porn or warez sites, not seemngly legitimate sites....

    Time Module Object Name Threat Action User Information
    20/08/2005 18:01:39 PM AMON file C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\215245I7\ysb_prompt[1].htm probably a variant of HTML/Exploit.CodeBaseExec trojan quarantined - deleted YOUR-8ABC512DA0\Compaq_Owner Event occurred on a newly created file. The file was moved to quarantine. You may close this window.
     
  4. Ryan Hayward

    Ryan Hayward Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    57
    Thankyou, will check it out !
     
  5. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    They are totally harmless in Quarantine.

    Cheers :D
     
  6. Dakhor

    Dakhor Registered Member

    Joined:
    Jan 4, 2005
    Posts:
    75

    Its been like that for a long time... What their gain is I do not know. I suppose lyrics sites are more of an easy way to spread their stuff to the masses. More people prob visit them then some other non legit sites.

    And arent the lyrics themselves copyrighted so how legit are lyrics sites anyway?

    /DaK/
     
  7. Holden4th

    Holden4th Registered Member

    Joined:
    Mar 27, 2005
    Posts:
    69
    Why Process Guard?
     
  8. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Text extraxted from ProcessGuard help:

    JUST IMAGINE A SECURITY SOLUTION AS POWERFUL AS THIS ...
    ... that could stop the most dangerous trojans in the world from running
    ... that allowed you to control which programs can and can't run
    ... that secured processes from other process-based attacks
    ... that could prevent kernel rootkit drivers from infecting you
    ... that allowed you to observe the behaviour of programs
    ... that allowed you to block hooks and injections
    ... that secured physical memory from attack

    Welcome to DiamondCS ProcessGuard 3
    Award-winning security software for Microsoft Windows 2000/XP


     
Thread Status:
Not open for further replies.