virus on the board?

[k9sar]

Recieved alert of VBS/Psyme trojan on the boards.

 

specifically, in the following location:

 

http://npora.ipbhost.com//index.php?showto...6771&st=120

[88pathoffroad]

Is there a specific source for that? A pic, or a link or a script? I don't get any alerts for that page and I can't see anything wrong with it...

[dagwoodzz]

The last week I've been getting a server not found error. I have to refresh and the page loads fine. It happens at work and home? Related?

[NaturaTek]

That vbs/psyme is a script designed as a html format which ONLY exploits a vulnerability in Internet Explorer (I use firefox).

The script itself doesnt do any harm, it compiles itself in the vulnerability of IE then saves itself as

outlook.exe drweb.exe and if launched it will download trojans etc, the purpose to spread itself.

 

Some antivirus engines may detect a variation and may display a false alert. Example if someone writes "ho1y shi@t my pathy iz more l33t than urs", and perhaps 2 words/codes are in fact somewhere used in the actual trojan, it will display alert.

 

If I were you, I would go to www.windowsupdate.com and let it scan to update with all patches/security fixes available from microsoft.

Reboot.

Run a good antispyware such as spywaredoctor or spysweeper or AdAware. If you don't have it, google trend online scan, let it do a complete remote scan to remove any spyware, malware, grayware, trojan, adware, dialers, scripts, virus, etc.

 

Perhaps you are infected and the alert is more prevalent on your pc.

 

What antivirus you are using? I came to that link with mcafee, nod32, kaspersky and didn't notice anything odd.