Windower DL Page Flagged With Viruses |
||
Windower DL page flagged with viruses
i just tried DLing windower from offical site and Kaspersky flagged it with 3 trojan exploits.thats just the page after you click installer before actual dl button.a friend just got it too but not sure which av he uses.
wow, I got it right when I went to the windower site.
so its not just me and him it seems
nope not me went to the windower site with no message.
Carbuncle.Titian
Offline
same, i didnt get message.
Might be embedded in an ad?
i got hit 3 times with java exploit but av stopped as soon as they tried dling.
I've been there recently with no message, why would I just get it now?
yea keeps flagging same java exploit so idk
Mind copy/pasting the specifics of this notification? You should be able to find it under Kaspersky's logs. I can check our databases and see if this is just a false positive, a small instance, or something a little more widespread. Normally ad based malware targets the entire community of that subject (i.e. FFXI or MMO's in this case) and it should be showing up more than just here if it's an ad based attack.
Java exploits are so vague too, it's hard to tell which one it is without more info. I'm not seeing anything now but likely if it was an ad based attack, the owner of those ads has already been told and taken it off line. Checked their site with 3 different browsers running in 3 different VM's just now. gshavcpmpcjamtapg.class Detected: Exploit.Java.CVE-2012-1723.jo 11/8/2012 7:00:47 PM
was what kaspersky flagged for me 6 times same one Google webmaster tools is claiming no malware detected.
Not sure what is flagging it, but it seems clean to me. I don't doubt it is clean, it just seems weird that I'm just now getting the message when I was on it earlier w/o a problem.
I've added the website to my whitelist, I just think it's strange is all. 2012-1723 was the massive "Blackhole" exploit last summer that caused people to think their Java was compromised, or needed an update. It basically gives you a popup very similar to Java's runtime update notification, and installs their tools when you think you are updating Java.
Another name for that virus is Java/Dldr.Lamar.BD Update your Java to the latest version as it's been patched a few months ago. Chances are you are already patched against it and your AV is just giving you a notification they tried to push the attack on you. Only update your Java software from the official source, and not from mirrors or sites like CNET. Fake versions get put there all the time. http://java.com/en/download/index.jsp Yea, I have to have it up to date anyways.
here's the info for it from our guys here at work from last August:
https://isc.sans.edu/diary.html?storyid=13984 It's been patched. Those who are updated are fine :) ... I just got made fun of for playing FFXI by guys who play WOW too -.- well kaspersky did this gshavcpmpcjamtapg.class Detected: Exploit.Java.CVE-2012-1723.jo 11/8/2012 7:00:45 PM
then gshavcpmpcjamtapg.class Denied: Exploit.Java.CVE-2012-1723.jo 11/8/2012 7:00:45 PM so i know im good cause they blocked it before it could make to pc but was mainly warning people incase was widespread. edited cause copied second attempt but first denied Norton sucks anyway.
and didn't get anything with MSE but I do have noscript and adblock running (but have windower.net allowed on noscript).
so is it safe to dl windower or wait til this stops?
Actually it looks like the Windower website if offline right now. It just popped up to be blocked by Google's Ad Services because it may contain malicious ads from postsalelarge.ru
Guessing one of the windower guys saw this, or their own warnings and is taking action against it now. guess i wont be dling it anytime soon lol
I really doubt the Windower installer is affected but in any you case you can check the md5 checksum of the file to verify. I downloaded and installed it a couple days ago. Mine is 5845c8223fd2f8da8ef7afc374e0723d for Windower-3.431.exe.
Looks like the admins shut down read access to the forums until they figure out the issue. |
||
All FFXI content and images © 2002-2024 SQUARE ENIX CO., LTD. FINAL
FANTASY is a registered trademark of Square Enix Co., Ltd.
|