1. #1

    Wowhead has viruses (Be Careful)

    Ok guys just giving you a heads up that wowhead is infected by a java based virus with multiple problems it can cause to your machine. Heres some pics i took of how fast it attacked my machine within 5-10 seconds before i reset my computer.

    Links to images.

    http://users.tpg.com.au/gruer123//wowhead%20virus.jpg
    http://users.tpg.com.au/gruer123//wowhead%20virus2.jpg

  2. #2
    How do you know it came from wowhead?

  3. #3
    mainly because the second the java based program hit it sent my windows into a haywire with warning about registry changes and such.

  4. #4
    Hmmm idk it seems like a pretty small chance it came from wowhead. Trojans like that generally get downloaded when you go to google seaching for torrents and things and really there's no way to show exactly which site it came from or how long it's been on the computer before starting its attack.

    If you boot in safe mode and use the registry editor to remove the keys that start it when you boot your computer you should be free to remove the fake svchost and other programs chillin in your temp folder and then do a full MalwareBytes scan and be good to go

    Also its not java based :P

  5. #5
    http://www.siteadvisor.com/sites/wowhead.com

    I'm not concerned, and run Noscript anyways.

    Heroic Recruitment -- Hersh's multi-PoV kill vids. -- Raids & Dungeons & Hunter kitty
    no one huntars like gaston

  6. #6
    I don't doubt it could have come when you had wowhead up, though its not wowhead itself.
    Websites use 3rd party advertising agencies, those agencies don't always inspect the ads they put into their system... Gold seller puts a flash or java ad that uses buffer overrun or even just some scripting that starts it all. I use FlashBlock and NoScript in Chrome and in Firefox and I've never had an issue with these types of attacks. Though I've sure fixed quite a number of my clients machines with this issue, changing the default DNS to 127.0.0.1 or otherwise.

    Also this type of attack isn't limited to the scope of gold selling account stealers, though the people are just as shady. Any websites that use 3rd party advertisers (like... all of them) can have this issue. Most companies don't acquire advertising themselves, hiring 3rd parties eliminates a department of people to pay.
    Last edited by FattyXP; 2010-11-08 at 12:52 AM.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •