klesh Posted August 22, 2004 Share Posted August 22, 2004 Symantec AntiVirus popped an alert when i opened neowin.net :o like this: -------------------------------------------------------- Scan type: Auto-Protect Scan Event: Threat Found! Threat: Bloodhound.Exploit.6 File: G:\WinXP Program Files\Opera7\profile\cache4\opr00HE5.htm Location: Quarantine Action taken: Quarantine succeeded : Access denied Date found: 2004.8.22 18:26:07 --------------------------------------------------------- i thought it was a mistake so i deleted this file and cleaned up my opera & IE cache , then i reboot. but when open neowin.net, things happen again !!! could someone tell why ? Neowin is hacked ? Link to comment Share on other sites More sharing options...
insanekiwi Posted August 22, 2004 Share Posted August 22, 2004 you're using opera and norton av. you should be slapped on the forehead imo :yes: Link to comment Share on other sites More sharing options...
klesh Posted August 22, 2004 Author Share Posted August 22, 2004 er.. so what should i use ? :p Link to comment Share on other sites More sharing options...
insanekiwi Posted August 22, 2004 Share Posted August 22, 2004 any other AV. norton screwed u pso many pcs. alot ofd my friends pcs died only because they used norton products. Link to comment Share on other sites More sharing options...
John Veteran Posted August 22, 2004 Veteran Share Posted August 22, 2004 (edited) Moved to SFI It's not Neowin; for one, we don't use .htm pages, because everything is scripted with PHP... <- This is wrong :whistle: Edited August 22, 2004 by gameguy Link to comment Share on other sites More sharing options...
golazo Posted August 22, 2004 Share Posted August 22, 2004 i hate norton av its a ram hog Link to comment Share on other sites More sharing options...
John Veteran Posted August 22, 2004 Veteran Share Posted August 22, 2004 i hate norton av its a ram hog Congratulations, now stay on topic. What's the point of giving your opinion on something if it doesn't help solve the problem? Link to comment Share on other sites More sharing options...
klesh Posted August 22, 2004 Author Share Posted August 22, 2004 Moved to SFIIt's not Neowin; for one, we don't use .htm pages, because everything is scripted with PHP... i dont know, i searched in opera's cache, i didnt found any *.php files, but only *.js, *.htm, *.ico... Link to comment Share on other sites More sharing options...
klesh Posted August 22, 2004 Author Share Posted August 22, 2004 Moved to SFIIt's not Neowin; for one, we don't use .htm pages, because everything is scripted with PHP... what is SF1 ? :blink: an antivirus software ? Link to comment Share on other sites More sharing options...
Argi Posted August 22, 2004 Share Posted August 22, 2004 See what happens when you try to view it in IE and see if you can find out what page is triggering it. Link to comment Share on other sites More sharing options...
John Veteran Posted August 22, 2004 Veteran Share Posted August 22, 2004 what is SF1 ? :blink: an antivirus software ? Site and Forum Issues, the forum I moved this thread to (Y) Link to comment Share on other sites More sharing options...
Paradoxcydal Posted August 22, 2004 Share Posted August 22, 2004 Norton server antivirus here and Firefox, no problems Link to comment Share on other sites More sharing options...
klesh Posted August 22, 2004 Author Share Posted August 22, 2004 thats strange, only when i open neowin's homepage then norton give me an alert, but other sites are ok. Link to comment Share on other sites More sharing options...
Jambooo Posted August 22, 2004 Share Posted August 22, 2004 All files outputted through HTML (whether they use server side scripting or not) are cached as .htm/.html files (dependant on browser). So the threat most probably did come from neowin. Probably an ad, or maybe a thread which contained refrences to a virus? Link to comment Share on other sites More sharing options...
john smith 1924 Veteran Posted August 22, 2004 Veteran Share Posted August 22, 2004 Yeah, gameguy is in-correct in saying we dont send out html :) On a side note; Norton is very resource intensive. McAfee is quite good; the Zone Labs (thing zone alarm) solution is good. There is a free option which works very well - http://www.grisoft.com/us/us_index.php More info on the virus (trojan, actually) you saw : http://securityresponse.symantec.com/avcen....exploit.6.html Bloodhound.Exploit.6 is a heuristic detection for exploits of a Microsoft Internet Explorer vulnerability. This vulnerability was discovered in February 2004.The vulnerability results from the incorrect handling of HTML files embedded in CHM files. (CHM is the Microsoft-compiled HTML help format.) Probably not going to hurt you if you use opera then is it :) Link to comment Share on other sites More sharing options...
A.K.R. Posted August 22, 2004 Share Posted August 22, 2004 any other AV. norton screwed u pso many pcs. alot ofd my friends pcs died only because they used norton products. So what anti-virus software should I use? And is there a free one? Link to comment Share on other sites More sharing options...
GNRambo Posted August 22, 2004 Share Posted August 22, 2004 what is SF1 ? :blink: an antivirus software ? that made me chuckle :) Link to comment Share on other sites More sharing options...
Toxikk Veteran Posted August 22, 2004 Veteran Share Posted August 22, 2004 guys its all html. once the php does its thing it sends the output code.... HTML to the member. and it most likely sits in the user cache as either a .htm file or something with no extension. Link to comment Share on other sites More sharing options...
Banzai Posted August 22, 2004 Share Posted August 22, 2004 dam it i dont feel like scanning for virus today, anyway i use mozilla that should be safe. Link to comment Share on other sites More sharing options...
Anthony T. Posted August 22, 2004 Share Posted August 22, 2004 Prob. a problem with your computer. Link to comment Share on other sites More sharing options...
thop Posted August 22, 2004 Share Posted August 22, 2004 there is a free one: bitdefender.com free updates and all. wouldn't use anything else. even skinnable. Link to comment Share on other sites More sharing options...
Nick Sheldon Posted August 24, 2004 Share Posted August 24, 2004 there is a free one: bitdefender.comfree updates and all. wouldn't use anything else. even skinnable. Hmm..what's the use of having a 'skinnable' AV? Am I missing something? AV just sits quietly hidden away, doing it's job, ...doesn't it? And as far as free ones go, I have only used Grisoft AVG, and it seems to do it's job very well. I aint knocking bitdefender btw, it is probably very good, ............. but skinnable? Link to comment Share on other sites More sharing options...
Recommended Posts