Forum

> > Off Topic > Browsing then something pops out.
Forums overviewOff Topic overviewLog in to reply

English Browsing then something pops out.

30 replies
Page
To the start Previous 1 2 Next To the start

old Browsing then something pops out.

ULtiMa
User Off Offline

Quote
Hi Guys... I was browsing in the thread "Show the screenshot of your desktops" on page 6. this appears..

IMG:https://img716.imageshack.us/img716/2826/virusv.png



WTF is this???

EDIT - I visited it again then it pops out again...

old Re: Browsing then something pops out.

Time
User Off Offline

Quote
IE must be the worst browser attempt out there, it's like you'd chose paint over photoshop or something.
I recommend opera for it's simple and fast.
--
back on topic~ it might be just Chrome doing that, try with something else, IE or idk

old Re: Browsing then something pops out.

Fossil
User Off Offline

Quote
LOL IDC what browser I use. I just want to surf the internet xD.


Ok on topic: is your time and date settings upadted? Check to see if its been reset to the default date (which should be in the year 2000 or sumthin)

old Re: Browsing then something pops out.

KimKat
GAME BANNED Off Offline

Quote
user ULtiMa has written
Hi Guys... I was browsing in the thread "Show the screenshot of your desktops" on page 6. this appears..

IMG:https://img716.imageshack.us/img716/2826/virusv.png



WTF is this???

EDIT - I visited it again then it pops out again...
You should report their site as a phishing site, because it probably is stealing sensitive information such as your logins for unrealsoftware. Please change your password directly if this happens to you. Also you should clear your DNS cache, read this on how to do it. Flushing the DNS cache basically removes the phishing website from your DNS (Domain Name Service) cache, so that maybe next time when you go to unrealsoftware.de it will deliver the genuine website of Unreal Software. I hope that I've helped you.

old Re: Browsing then something pops out.

Banaan
User Off Offline

Quote
Has any of you noticed that this only occured on that specific page of that specific thread?

There's simply an image, which was uploaded to s017.radikal.ru, shown on that page (here to be exact). Chrome sees a GET request to s017.radikal.ru (to get that image), looks it up in its malware hosts database and sees that domain listed there. That does not mean that that specific image is malware, it means that somewhere on that domain, google found malware.

As far as I know, .PNG images cannot contain malware, but radikal.ru can collect information about you. Many hosts do that though.

If you really don't trust it, you can simply block s017.radikal.ru. But it should be safe to just proceed anyway. Nothing about stealing sensitive information and fishing btw, that's nonsense.

old Re: Browsing then something pops out.

bezmolvie
User Off Offline

Quote
user Banaan has written
Has any of you noticed that this only occured on that specific page of that specific thread?

There's simply an image, which was uploaded to s017.radikal.ru, shown on that page (here to be exact). Chrome sees a GET request to s017.radikal.ru (to get that image), looks it up in its malware hosts database and sees that domain listed there. That does not mean that that specific image is malware, it means that somewhere on that domain, google found malware.

As far as I know, .PNG images cannot contain malware, but radikal.ru can collect information about you. Many hosts do that though.

If you really don't trust it, you can simply block s017.radikal.ru. But it should be safe to just proceed anyway. Nothing about stealing sensitive information and fishing btw, that's nonsense.


Thanks for explaining that so I didn't have to. Yeah, this is completely correct.

old Re: Browsing then something pops out.

KimKat
GAME BANNED Off Offline

Quote
Assumably the image file might contain a ADS (Alternate Data Stream) which simply contain the malware or other type of spyware.

In example.
Let's say "greylogo.png" from "imageshack.us" contains a ADS like this greylogo.png:keylogger.exe clearly you don't know if the image contains malware unless you use a ADS-reader type of programme. That way you can determine if a file is infected by malware or spyware then you could delete the ADS, by doing that the keylogger will be deleted from the actual file itself which was greylogo.png.

However in this case it's not really possible as the image is hosted on a domain, people don't have rights to modify the image, so people that browses that page will get infected by malware or spyware which kind of is bad. Block the IP 81.176.238.40 or the hostname s017.radikal.ru and you'll have no problem.

old Re: Browsing then something pops out.

EngiN33R
Moderator Off Offline

Quote
That's quite weird - why would one of the numerous image hosting servers on radikal.ru be blocked? I mean, it's merely the image subserver #017, there are many others - why that specific one? Seems like a quite weird situation to me.
To the start Previous 1 2 Next To the start
Log in to replyOff Topic overviewForums overview