Virus problem on MyMpxPlayer site ?!? :?:
 

There seems to be a virus disguised as a .pdf opening when I access the Mympxplayer site. :shock:

My AVG antivirus at home is not showing any problems but when I tried to access this site from work Symantic flagged it up and quarantined as a bloodhound type with a .pdf extension. :shock:

Has anyone else noticed this? Has anyone else found that adobe reader opens up briefly each time you access this site? :?:

I will post a copy of the virus log when I can get hold of it

I don't have Adobe Reader, never will. Foxit Reader FTW.

Also, Norton is a rather poor antivirus, not to mention it's a major resource hog. I haven't experienced any problems while visiting this site, just that it's slow as always.

There must be something wrong, when I opened this website I was also offered to download/open a PDF file.

mm, not me, i am using firefox, are you lot IE??

Theres something fishy, I'm on Opera, and no Th3_uN1Qu3, I'd too wouldn't touch Norton's, I'll give Foxit a try, you're right, acrobat is a memory pig :wink:

I just happened to notice as my employer uses Norton's.

Removed Adobe, i'm on Foxit now (It's great BTW)

Now when I'm enter this site I get an offer to download/open file "pdf.pdf"
using Foxit from site "klickup.com"
.
You know, as the ancient computer saying goes "when the admin's away the spambots and virusus play". :shock:

I use FF also

Re: Virus problem on MyMpxPlayer site ?!? :?:
 

No problem here.

Using IE6.

Opera here too, no random PDFs popping up... I'll investigate that site see what it's about.

Edit:

Looks like an advertising website... Maybe that's where all the spambots are coming from? :?

The website itself looks like this:
http://img403.imageshack.us/img403/6500/klickuphd6.png

Whatever i type in that search box will just return "no results found". Also, trying to access "http://klickup.com/pdf.pdf" results in a 404 not found. Could you tell me exactly the path that the bogus PDF file is coming from? I'd like to take a look.

Re: Virus problem on MyMpxPlayer site ?!? :?:
 

I got it wrong, the site is called klikvp.com :oops: , it's still happening though, usually just once when I first enter the site :-

http://i203.photobucket.com/albums/a...pboard01-2.jpg

Alright, hang on while i trace it.

Edit:

I accessed the site and it is a "pay per click search engine". That is, yes, MORE ADS. But klikvp.com/pdf.pdf doesn't exist either, nor does klikvp.com/pdf_1_~1.pdf. Again, please post the full path where that PDF is coming from.

Edit: More info:
http://mtekk.weblogs.us/archives/ene...pcom-exploite/
http://www.coolsmartphone.com/news4321.html

Sounds like a spammer with bad intentions, using SQL injection. We must do something about it. Right now i'm doing more scans of the server, looking for ways to "spam the spammer".