login123 Posted January 26, 2010 Share Posted January 26, 2010 Clicked on a link in Yahoo news section about the Dalai Lama. About as innocent as a link can get. Avast triggered, the file was not executed, no harm done. Here is the avast log. ESET online is running now. 1/26/2010 6:40:13 AM SYSTEM 1640 Sign of "JS:Pdfka-TW [Expl]" has been found in "http://ditrnbibarsp.com/kav/kav1.exe/oHdfbc1b88V0100f070006Rd9f71314102T94e2cf1f201l0409K57868056317" file. Avast and Powershadow had my back. Use a virtualizer app! The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-) Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers. Link to comment Share on other sites More sharing options...
redhawk Posted January 26, 2010 Share Posted January 26, 2010 According to my ISP "ditrnbibarsp.com" doesn't exist so whatever this code was for it wouldn't had worked anyway. Richard S. Link to comment Share on other sites More sharing options...
marmite Posted January 26, 2010 Share Posted January 26, 2010 According to my ISP "ditrnbibarsp.com" doesn't exist so whatever this code was for it wouldn't had worked anyway. Really? I can ping it at 216.146.35.99, for which whois lists contact info as Manchester UK. Edited: but a few minutes later I can't ping it at all! Link to comment Share on other sites More sharing options...
marmite Posted January 26, 2010 Share Posted January 26, 2010 Ah, just done a reverse look-up on that IP and it comes up: 216.146.35.99 is nx-redir.dyndnsinternetguide.com. I use dyndns' dns servers ... ignore my previous post methinks! I can't find any look-up info for that domain. Link to comment Share on other sites More sharing options...
redhawk Posted January 26, 2010 Share Posted January 26, 2010 It's probably been blacklisted by my ISP then: > ditrnbibarsp.com Server: cache1.service.virginmedia.net Address: 194.168.4.100 *** cache1.service.virginmedia.net can't find ditrnbibarsp.com: Non-existent domain > Richard S. Link to comment Share on other sites More sharing options...
login123 Posted January 27, 2010 Author Share Posted January 27, 2010 The original link in the yahoo news panel was gone when I got hooked back up to net about three minutes later. Looked for it on yahoo for a while, was just gone. Google has information about the url and the exe file. Whatever it was it woke up avast pretty quick. Might that be Manchester, New Hampshire, USA? The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-) Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers. Link to comment Share on other sites More sharing options...
kroozer Posted January 27, 2010 Share Posted January 27, 2010 I was getting that annoying popup selling phony malware detection when reading Yahoo comics, so started reading (the same) comics in comics.com Malwarebytes, Avast, Defender, Spybot all report my pc is clean. Link to comment Share on other sites More sharing options...
Moderators Andavari Posted January 27, 2010 Moderators Share Posted January 27, 2010 It's probably been blacklisted by my ISP then: Most likely and for very good reason. Here's the Norton Safe Web statistics of that bad site: http://safeweb.norton.com/report/show?url=ditrnbibarsp.com Edit: It's a good ideal to block that domain in the Windows HOSTS file. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now