G35Driver - Infiniti G35 & G37 Forum Discussion

G35Driver Feedback & Suggestions NO Car Questions! For posting Feedback, Suggestions or Questions regarding G35Driver website ONLY.

Trojan

Thread Tools
 
Search this Thread
 
Rate Thread
 
Old Jul 22, 2010 | 02:25 PM
Share
  #16  
BuckeyeG's Avatar
Registered User
iTrader: (6)
Joined: Jan 2006
Posts: 2,123
Likes: 3
Im getting it on myg37 as wel.
 
Reply
0
Old Jul 22, 2010 | 04:16 PM
Share
  #17  
av8or's Avatar
Registered User
Joined: Jan 2008
Posts: 381
Likes: 6
From: escondido, ca
Originally Posted by BuckeyeG
This is what its telling me

The requested URL could not be retrieved

While trying to retrieve the URL:

https://g35driver.com/forums/

The following threat was encountered:

The requested object is INFECTED with the following viruses: HEUR:Trojan.Script.Iframer
same here since yesterday... can't open page on my laptop... viewing this from work..
 
Reply
0
Old Jul 22, 2010 | 04:57 PM
Share
  #18  
GR6RR's Avatar
Registered User
iTrader: (9)
Joined: Mar 2007
Posts: 4,041
Likes: 152
From: Sonny35 / SOCAL :)
On the Boat as well. Symentec found isolated and deleted..
 
Reply
0
Old Jul 22, 2010 | 10:37 PM
Share
  #19  
RiversideS13's Avatar
Registered User
iTrader: (2)
Joined: Jun 2010
Posts: 229
Likes: 1
From: Riverside, Loma Linda, Hacienda hts
yes it is a corporate issued computer too and corperate edition of kaspersky. it is quite annoying that it pop out at every page relate to this forum.
 
Reply
0
Old Jul 23, 2010 | 08:33 AM
Share
  #20  
Robb M.'s Avatar
IB Staff
15 Year Member
Joined: Feb 2010
Posts: 660
Likes: 41
From: Barrie, ON
We strongly believe that Kapersky & Avast! are throwing a false positive due to some of our iFramed content. There is absolutely no virii on our servers, or linked anywhere in our content. We've done an exhaustive scan since yesterday, with no results.

cheers,
robb
 
Reply
0
Old Jul 26, 2010 | 08:27 AM
Share
  #21  
av8or's Avatar
Registered User
Joined: Jan 2008
Posts: 381
Likes: 6
From: escondido, ca
^^^ short of me turning off kapersky, is there anything else you have done to remedy this? can't even open the page just error report.. viewing this at work...
 
Reply
0
Old Jul 26, 2010 | 08:52 AM
Share
  #22  
Robb M.'s Avatar
IB Staff
15 Year Member
Joined: Feb 2010
Posts: 660
Likes: 41
From: Barrie, ON
Some users on my350z suggested filing a false positive report to Kapersky.

We are 99% certain this is the case. Tech will do some more digging today once they are in the office however.
 
Reply
0
Old Jul 26, 2010 | 04:57 PM
Share
  #23  
blAk mAx's Avatar
Registered User
iTrader: (4)
Joined: Oct 2007
Posts: 5,267
Likes: 355
From: o-town & west palm beach FL
Has anyone sent a report?
 
Reply
0
Old Jul 26, 2010 | 06:31 PM
Share
  #24  
TIAN's Avatar
Hold The Line
iTrader: (20)
Joined: Oct 2006
Posts: 17,779
Likes: 622
From: SFL
Premier Member

Checked through Virus Barrier X6 V-10-2 with no flags on my mac.
 
Reply
0
Old Jul 28, 2010 | 12:17 AM
Share
  #25  
blAk mAx's Avatar
Registered User
iTrader: (4)
Joined: Oct 2007
Posts: 5,267
Likes: 355
From: o-town & west palm beach FL
What is the fix? I can only view on my iPhone
 
Reply
0
Old Jul 28, 2010 | 04:51 AM
Share
  #26  
K.ste2's Avatar
Registered User
iTrader: (1)
Joined: Jul 2009
Posts: 58
Likes: 1
From: Seattle, WA
Never liked Kapersky. ESET Nod32 FTW! Never cared for anything else since then.
 
Reply
0
Old Jul 28, 2010 | 11:53 AM
Share
  #27  
spoolinupblue's Avatar
Registered User
iTrader: (3)
Joined: Nov 2009
Posts: 291
Likes: 2
From: Houston, TX
Just did it to me this morning.

Coporate XP pc with TREND.

I went to g35driver and clicked the pic. A box popped up asking me if I wanted to run a file (sorry forgot to screenshot it) and I said cancel. Then my TREND detedted it 3 times. Looks to be something with java.
 
Reply
0
Old Jul 28, 2010 | 12:12 PM
Share
  #28  
Robb M.'s Avatar
IB Staff
15 Year Member
Joined: Feb 2010
Posts: 660
Likes: 41
From: Barrie, ON
This is what I've got from tech:
Robb, we have scoured the entire database; I've searched as well, we are not finding an issue here. Let's keep a look out still however.
 
Reply
0
Old Jul 28, 2010 | 12:24 PM
Share
  #29  
spoolinupblue's Avatar
Registered User
iTrader: (3)
Joined: Nov 2009
Posts: 291
Likes: 2
From: Houston, TX
if it happens again, I will grab a screenshot for ya
 
Reply
0
Old Jul 29, 2010 | 05:43 PM
Share
  #30  
Bigtime's Avatar
Registered User
iTrader: (1)
Joined: May 2009
Posts: 702
Likes: 2
From: Where the girls are prettier (562), CA
This is what Norton is telling this is: MSIE ADODB.Stream Object File Installation Weakness

Severity: High
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
Description
This signature detects attempts to exploit a remote code execution vulnerability using the RDS.DataSpace Objects.
Additional Information
Microsoft Data Access Components (MDAC) provide components for database access, including functionality for querying local and remote databases of various formats.

The MDAC RDS.Dataspace ActiveX control is prone to a remote code execution vulnerability. This issue exists because the control fails to behave securely when it is hosted on a web page. Sufficient restrictions are not placed on the control to prevent it from performing privileged actions when hosted remotely.

An attacker could exploit this issue to install programs, view, modify, or delete data, or create new user accounts on the computer.
Affected

* Hitachi DA Broker for ODBC 01-00, 01-02
* Hitachi DBPARTNER ODBC 01-00, 01-03, 01-06, 01-11
* Hitachi DBPARTNER2 Client 01-05, 01-12
* Hitachi HITSENSER5 01-00, 01-10, 02-80
* Microsoft MDAC 2.5 SP3, 2.7, 2.7 SP1, 2.8

Response
Workaround:
Microsoft has described various workarounds to help prevent exploitation. Please see the referenced security bulletin for more information.

Solution:
Windows 95/98/ME users should obtain fixes from the Windows Update website.

Fixes are available:

Microsoft MDAC 2.8.0 SP1:
Microsoft Patch Security Update for Windows XP (KB911562)
Microsoft Patch Security Update for Microsoft Data Access Components 2.8 Service Pack 1 (KB911562)


Microsoft MDAC 2.8.0 SP2:
Microsoft Patch Security Update for Windows XP x64 Edition (KB911562)
Microsoft Patch Security Update for Windows Server 2003 (KB911562)
Microsoft Patch Security Update for Windows Server 2003 for Itanium-based Systems (KB911562)
Microsoft Patch Security Update for Windows Server x64 Edition (KB911562)


Microsoft MDAC 2.5 SP3:
Microsoft Patch Security Update for Microsoft Data Access Components 2.5 Service Pack 3 (KB911562) - English


Microsoft MDAC 2.7 SP1:
Microsoft Patch Security Update for Windows XP (KB911562)
Microsoft Patch Security Update for Microsoft Data Access Components 2.7 Service Pack 1 (KB911562)


Microsoft MDAC 2.8 :
Microsoft Patch Security Update for Windows Server 2003 (KB911562)
Microsoft Patch Security Update for Windows Server 2003 for Itanium-based Systems (KB911562)
Microsoft Patch Security Update for Microsoft Data Access Components 2.8 (KB911562)

Possible False Positives
There are no known false positives associated with this signature.
Additional References

* CVE-2006-0003
* CVE-2006-3510
* Vulnerability in the MDAC Function Could Allow Remote Code Execution
* Microsoft Security Bulletin MS06-014
* SecurityFocus BID: 10514
* SecurityFocus BID: 17462
* SecurityFocus BID: 18900
I don't know what this means, but I hope it helps.
 
Reply
0


You have already rated this thread Rating: Thread Rating: 0 votes, average.
Show Printable Version
Email this Page

Advanced Search

All times are GMT -4. The time now is 03:56 AM.