TGP1994 Posted October 21, 2010 Posted October 21, 2010 (edited) I don't really know what the heck happened. ImgBurn told me there was an update when I launched it, so I followed to link, (of course, it was legitimate) and I chose to download from the first mirror. So I installed it, then started to burn my image. After that, I knew I was hit with something - fake antivirus "scans" started popping up everywhere. Something attempted to open firefox to a malicious website, and fortuantely, Windows Firewall managed to block a rogue version of explorer.exe. So I wonder; what the hell happened? Did an infected version of Imgburn get distributed to that website? (BetaNews) Here are some screenshots to show what was going on: Edited October 21, 2010 by TGP1994
LIGHTNING UK! Posted October 21, 2010 Posted October 21, 2010 It's definitely not a false alarm... but it wasn't from ImgBurn (the MD5 is listed on ImgBurn.com, compare it against your file). Do you perhaps have an old (compromised) version of Java / Flash / Adobe Reader / Shockwave etc installed? Do you have all the Windows service packs on and all the Windows updates? Just visiting a website on a non-updated machine can get it infected.
laserfan Posted October 21, 2010 Posted October 21, 2010 Just visiting a website on a non-updated machine can get it infected. Indeed, I was using Firefox myself just yesterday and suddenly a boatload of scary-looking windows displaying "trojans" and "viruses" that I was supposedly infected with, and a very official-looking (with Windows logos) dialog to remove those problems. I closed Firefox and checked my PC (first w/Defender, then I installed MSSE and checked again) and the incident was a false alarm, though if I had clicked on one of the "clean" buttons I'm sure all hell would have broken loose. Was using Firefox 3.6.10 and now updated to 3.6.11--not sure if FF security hole was to blame or not.
spinningwheel Posted October 21, 2010 Posted October 21, 2010 You're the victim of a website that infects your computer with a Trojan as soon as you install their 'Security Tool". Read the following: Fake alert
TGP1994 Posted October 21, 2010 Author Posted October 21, 2010 I know I didn't install any "security software". (I know the difference between good and bad in that area ) I was thinking that the malware had been misteakenly built into that distribution of Imgburn, thus passing the MD5 shown to us. Although, that reminds me, Firefox received an update just that afternoon, so perhaps a security hole has been discovered and exploited already. Yikes, just the thought of a drive by download... Well, fortuantely, the image I was burning was that of a Puppy linux distro, so I think I'll boot that up and run a scan. Thanks for your reassurance evryone; I must have gone to an infected website coincidentally while I was installing Imgburn. May Imgburn live on
spinningwheel Posted October 21, 2010 Posted October 21, 2010 OK , I was just going by the last popup that said 'Security Tool successfully installed' ...cheers
TGP1994 Posted October 22, 2010 Author Posted October 22, 2010 the last popup that said 'Security Tool successfully installed' ...cheers Those sneaky bastards I guess instead of giving people the option to screw themselves over, now they just do it themselves
Recommended Posts