|
|
|
Thread Tools | Display Modes |
#1
|
||||
|
||||
picture_com_oople downloaded from site? Shows trajans and virus varients...
Oople automatically set a download away called picture_com_oople. In a zip folder.
Ive scanned it with virus total and it came back with 12 warnings out of 46 files. 3 trojans and 9 virus varients it reckons. Maybe its mistaking them but its scary none the less. Any ideas what and why this is being pumped out? Thanks. |
#2
|
||||
|
||||
If i get anything like that i`ll just delete it then
|
#3
|
||||
|
||||
As far as I'm aware oOple should not be sending anything automatically for download.
Delete anything like this is my advise.
__________________
|
#4
|
||||
|
||||
Where / when did this happen ?
Had you been directed to oOple from another site, ie. facebook? And which web browser? The oOple site shouldn't be harbouring any viruses as far as we are aware, but can look into it further to see where it may have come from, Thank you Vicky
__________________
|
#5
|
||||
|
||||
I've been asked a couple of times to download files when clicking on a link from google to get to oople, last time was about 5 minutes ago...
__________________
You Have 20 seconds to comply! |
#6
|
||||
|
||||
I usually go on oople from my iPhone and stay logged in, but on the odd occasion I visit on the laptop I've had a weird issue a couple of times (this has also happened on my mums pc when I've been there)
Typed in oople from Internet explorer, and clicked on the first link to open it (the one where the huge oople symbol comes up) but avast anti virus comes up with "you are visiting a malicious URL" message. It did once try to start downloading something but I closed it mega quick and can't remember what it was. The strange thing is by clicking the back button and then clicking the same link again to open oople it works fine?? When I get home I'll try and replicate the problem and take some screen shots
__________________
John Jones --SMD--INSIDE LINE MODELS--PR RACING UK-- My feedback http://www.oople.com/forums/showthread.php?t=79696 |
#7
|
||||
|
||||
This has been happening for a few weeks, It normally doesn't bother me as oOple is bookmarked so I go directly to the page I want. It seems to be only when you click on the links supplied from a google search. Also does it on firefox.
__________________
Team Gregg: Getting in the way since 2008 |
#8
|
|||
|
|||
i had something similar a few weeks back, a zip folder called your.oople.com started to automatically download, it was deleted straight away by my virus program.
__________________
Trader feedback - http://www.oople.com/forums/showthread.php?t=85140 |
#9
|
|||
|
|||
Aavast could be sending a false positive - we had this on an old forum we ran last year. We had to get the site rescanned by aavast so they 'white listed' it and said it was safe.
However if people are genuinely getting this download when selecting a link then it could well be the page has been hacked an malicious code inserted..... |
#10
|
||||
|
||||
Sorry to bump an old thread, but the links from Col on all the others threads on this subject end up here.
I've started to have files try to download if I follow a link from Google or more worryingly the posted links on the oOple Facebook page as well. Don't know if it says it all about my browsing habits but the last one was called adult_file.zip Needless to say I didn't download it and ran away quckly and went back to typing into the address bar. It isn't my virus checker picking it up it's Firefox saying the site wants to download this file, do you want to proceed. Only happens on oOple and has happened on Chrome, Firefox and IE too. My machine has been fully scanned by Malwarebytes as well as Avast free and is free from viruses etc etc etc.
__________________
Dragon Paints |
#11
|
|||
|
|||
yes oople might have a vBulletin injection.
When a user visits the forum via Google search engine result pages (SERP), they are greeted with a payload script. The script is sneaky, so it only happens the first time you try from e.g. a new browser or new compuer, and it might store a cookie that makes the browser never do it again later. Read more here: http://blog.sucuri.net/2012/07/sneak...njections.html |
|
|