Announcement

Collapse
No announcement yet.

CarDomain and PhotoBucket Spyware (UPDATED)

Collapse
This is a sticky topic.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • CarDomain and PhotoBucket Spyware (UPDATED)

    Not sure where exactly to post this.. a mod can move it if they can find a better place for it, I thought it best be put here since people in this section use CarDomain to post pictures and such of their ride...

    CarDomain's current Ad company is currently costing advertisments for a know Spyware/Virus program, WinAntivirus and its variants on its web site.This program when installed will infect your computer with some version of WinAntivirus, or it's variants known as WinAntispyware, WinAntivirus 2007, and will also place known trojan viruses that are know to be assosiated with this spyware program called Vundu, Virtumundu, Virtumund on Trojan.Downloader on the system.

    I figure I'd put my use a a computer tech to warn everyone on the forum about it. What happens, when you're browsing their site, suddenly your Firefox or IE window will disapear and a popup, that doesn't have a real "X" window so you can close it, rather an image of an "X" image that when you click it, it will automatically go through and install this spyware on your machine. To stop it before you get infected, DO NOT CLICK ON IT AT ALL. Instead press CTRL-ALT-DEL to bring up Task Manager, and go to the process tab. If you are using Internet Explorer, look for any and all IEXPLORE.EXE or iexplore.exe in this list, and hit END PROCESS in the lower right. If you are using FireFox, look for firefox.exe and do the same. Once this finishes, CLEAR ALL TEMPORARY INTERNET FILES. To do this, go Start, Settings, then Control Pannel. Double click on Internet properties then, for IE6 and lower,click Clear Cookies, Clear History and When you click on Clear Temporary Internet files, make sure to check Clear all temporary internet files. For IE7 there's just one button, and check all the boxes. For Firefox users, do that, then, once you open FireFox again, it will ask you if you want to restore your session. CHOOSE CANCEL or NO! Doing so will bring you back where you where, which is not good in this case. Once your in to your homepage, in FireFox go to Tools>Clear Private Data. Then choose all the boxes and hit Clear Private Data now. (Older versons you have to go to Preferences and clear it in there somewhere).

    This will keep you safe... but I've emailed the site on two occasions on the past week telling of this, but they're still there.

    I work as a tech on a workbench, I'm actually at work right now, and I clean this stuff out of computers on a daily basis. Every infections a bit different.. but you are infected, PM me and I'll help you clear it and sends you some tools I have that get rid of the sucker. I only browse CarDomain now on my Laptop that's running Kubuntu... so I'm not prone to getting any of those icky spyware programs from sites like that.
    2015 Chevy SS, Perfect Blue Metallic, Sunroof, No Spare, M6
    Appearance: Full LED Conversion, 6000L D3S HID Bulbs, Holden Rear and Front Embloms
    Go Stuff: Diablew 93 Octane Tune

    Missed and not forgotten. Traded.
    2005 CGM GTO.
    386whp, 364ft-lb torque, Corsa Sport Exhaust, Tuning, K&N Intake, VX Tails, Halo Projectors
    2009 G8 GT SRM Premium Package, 6000K LED + HID Lows, Factory Bluetooth Retrofit, Atari Gauges, Factory iPod Control, 93 Octane Diablew Tune, Vararam Intake, MBR Strut Bar, Corsa Catback, DBA 4000SX Slotted + Drilled Rotors, Hawk Ceramic Pads.

  • #2
    Thanks for the notice, man.

    My Progression Page: click here

    Comment


    • #3
      thats really crappy of cardomain to do. if they keep it up i will delete my stuff there and go to fquick.

      Comment


      • #4
        Originally posted by Muff Daddy
        thats really crappy of cardomain to do. if they keep it up i will delete my stuff there and go to fquick.
        Well it's not really Cardomain, it's their paid ads that carry the spyware. Really, that means they need to drop their ad provider and find someone more reputable.

        My Progression Page: click here

        Comment


        • #5
          [quote=Rannin Ravensight]
          Originally posted by "Muff Daddy":zzyoh1b0
          thats really crappy of cardomain to do. if they keep it up i will delete my stuff there and go to fquick.
          Well it's not really Cardomain, it's their paid ads that carry the spyware. Really, that means they need to drop their ad provider and find someone more reputable.[/quote:zzyoh1b0]

          Exactly. I've seen this happen to many other websites before, but they all responded to me when I e-mailed them about the adds that they're provider were doing to their valued website-patrons, and how it was ruining their site and reputation. I always ask my customers what sites they were on when they got those programs if they remember and try and check them out. I realize now a few of the kids from the Advanced Auto next door brought their computers in with some form of WinAntivirus like this.. but they didn't remember what site they'd been on, perhaps from showing their rides off on CarDomain.

          This same type of thing happened on "MySpace" about half a year ago, when their add company let some add that gave users a trojan appeared on their site for a day or so, it was in the news and everything.
          2015 Chevy SS, Perfect Blue Metallic, Sunroof, No Spare, M6
          Appearance: Full LED Conversion, 6000L D3S HID Bulbs, Holden Rear and Front Embloms
          Go Stuff: Diablew 93 Octane Tune

          Missed and not forgotten. Traded.
          2005 CGM GTO.
          386whp, 364ft-lb torque, Corsa Sport Exhaust, Tuning, K&N Intake, VX Tails, Halo Projectors
          2009 G8 GT SRM Premium Package, 6000K LED + HID Lows, Factory Bluetooth Retrofit, Atari Gauges, Factory iPod Control, 93 Octane Diablew Tune, Vararam Intake, MBR Strut Bar, Corsa Catback, DBA 4000SX Slotted + Drilled Rotors, Hawk Ceramic Pads.

          Comment


          • #6
            Yup, I've seen this on several websites and it's shady.


            '08 G8 GT... 1 7/8" Kooks Blue Ceramic Coated Long tube Headers... 3" Xpipe...Magnaflow axle backs...Rotofab CAI...Heater hose relocate. Ported throttle body, intake manifold, Custom grind cam 227/237 .620/.604 LSA 113 +3, Circle D 3200 stall, 3.45 rear gear,Tuned by Redline
            Dyno 438 WHP 415 WTQ

            '15 Chevy SS Some Like It Hot Red Holden Grill & trunk badge... Solo performance axle backs... Rotofab Intake, Mobile attractions front splitter

            Comment


            • #7
              I finally got a reply from CarDomain

              Hey Guys,

              Thanks for telling us about this problem. We’re not the only website affected, and we’d love to bust the people doing this. Next time this happens, please right click on the ad, and select “properties.” Under “Link Properties” Please copy everything following “Address:” That string is what we need to catch these jerks.

              Thanks again for writing, we really want to stop this from happening.

              Cheers,

              John
              2015 Chevy SS, Perfect Blue Metallic, Sunroof, No Spare, M6
              Appearance: Full LED Conversion, 6000L D3S HID Bulbs, Holden Rear and Front Embloms
              Go Stuff: Diablew 93 Octane Tune

              Missed and not forgotten. Traded.
              2005 CGM GTO.
              386whp, 364ft-lb torque, Corsa Sport Exhaust, Tuning, K&N Intake, VX Tails, Halo Projectors
              2009 G8 GT SRM Premium Package, 6000K LED + HID Lows, Factory Bluetooth Retrofit, Atari Gauges, Factory iPod Control, 93 Octane Diablew Tune, Vararam Intake, MBR Strut Bar, Corsa Catback, DBA 4000SX Slotted + Drilled Rotors, Hawk Ceramic Pads.

              Comment


              • #8
                Awesome, thanks for the info.

                I think this deserves an announcement for a few days!
                Hurricanes are like women : when they come, they're wet and wild, but when they leave they take your house and car.

                Comment


                • #9
                  I lost all my pics from iraq when my comp crashed a year or so ago. It was slike spy falcon or somthing like that. OUCH.
                  Originally posted by Nikki
                  You are an e-pimp.
                  Originally posted by beitodesstrafe
                  I tried too, my penis way too big
                  07 GTP Coupe, Black, GT-R Exhaust #1, Dr speed Cold air box, GM STB, White Face Gauges, Intigrated Ipod, Altezza tails, Painted headlights with black reflectors and no amber turn signal cover and Nokya Ultrawhite bulbs all around, VMS ECM Tune Beotches, With the TCM tune soon to come.
                  My youtube. http://youtube.com/user/joebro82
                  The old hooptyhttp://www.cardomain.com/ride/2412743

                  Comment


                  • #10
                    Yea, that sounds like a variant of the Smitfraud version... it goes by SpyAxe, SpywareQuake, SpyStriker...

                    The version they had was on their site. Simular type of infection, however different way to remove it as it's a totally different beast, it's known as Vundu generically... also called WinAntivirus, WinAntiSpyware etc...
                    2015 Chevy SS, Perfect Blue Metallic, Sunroof, No Spare, M6
                    Appearance: Full LED Conversion, 6000L D3S HID Bulbs, Holden Rear and Front Embloms
                    Go Stuff: Diablew 93 Octane Tune

                    Missed and not forgotten. Traded.
                    2005 CGM GTO.
                    386whp, 364ft-lb torque, Corsa Sport Exhaust, Tuning, K&N Intake, VX Tails, Halo Projectors
                    2009 G8 GT SRM Premium Package, 6000K LED + HID Lows, Factory Bluetooth Retrofit, Atari Gauges, Factory iPod Control, 93 Octane Diablew Tune, Vararam Intake, MBR Strut Bar, Corsa Catback, DBA 4000SX Slotted + Drilled Rotors, Hawk Ceramic Pads.

                    Comment


                    • #11
                      its pretty funny when i go to cardomain at work and the network firewalls and protection shit starts freaking out! Damn government computer
                      2008 Chevrolet Cobalt SS T/C
                      Black/Black coupe

                      Comment


                      • #12
                        Re: CarDomain and PhotoBucket Spyware (UPDATED)

                        I just recieved a WinAntivirus 2009 Popup from PhotoBucket. I was browsing Cody's pictures on Photobucket, no other tabs open besides G6P in Safari, and the same type popup that on CarDomain and other evil sites popped up. It closes out all other Windows in your browser and makes a fake windows style popup saying "You're infected! Click to clean the viruses!!!!" or something.....

                        Since you can't close the window without opening it, you have to open up Task Manager to clode it. Hit Ctrl-Alt-Delete and hit "Task Manager" if you are given a menu. Go to the process tab. If you are using Internet Explorer find all things listed as "iexplore.exe" and right click and kill them, Firefox.exe, firefox, and for Safari, safari.exe. You will loose your current site you were on but it's better than spyware and viruses.

                        Photobucket just made my shitlist.
                        2015 Chevy SS, Perfect Blue Metallic, Sunroof, No Spare, M6
                        Appearance: Full LED Conversion, 6000L D3S HID Bulbs, Holden Rear and Front Embloms
                        Go Stuff: Diablew 93 Octane Tune

                        Missed and not forgotten. Traded.
                        2005 CGM GTO.
                        386whp, 364ft-lb torque, Corsa Sport Exhaust, Tuning, K&N Intake, VX Tails, Halo Projectors
                        2009 G8 GT SRM Premium Package, 6000K LED + HID Lows, Factory Bluetooth Retrofit, Atari Gauges, Factory iPod Control, 93 Octane Diablew Tune, Vararam Intake, MBR Strut Bar, Corsa Catback, DBA 4000SX Slotted + Drilled Rotors, Hawk Ceramic Pads.

                        Comment

                        Working...
                        X