Virus Alerts - Report Links Here
Please post a report in this thread of any links on QSS that you've clicked on that caused a Virus Alert/Warning, etc. in your Antivirus, Malware, or Spyware software.
A QSS member will check the link for possible infections on the host site.

Please include:
1. The Thread URL and Post #
2. The URL of the link that gave you an Alert
3. The software that gave you the Alert
4. The type of Alert, e.g. Trogan detected, Malware detected, etc.
5. The date you received the Alert.
6. If possible, please post a Screen Shot of the Alert, as this will help us eliminate false positives.

I got an Alert at Naruto All Eps With Updates, 272 episodes + Movies.

1. The Thread URL and Post #: http://ipb.quicksilverscreen.com/index.php...3721&st=195, Post #204
2. The URL of the link that gave you an Alert: http://www.megavideo.com/?v=O90F0OZ3
3. The software that gave you the Alert: Avast! 4.8 Home Edition Free
4. The type of Alert, e.g. Trogan detected, Malware detected, etc.: Malware Detected
5. The date you received the Alert: Aug 21 2009, 01:16 PM

Re-directs you to http://www.megavideo.com/?infr megavideo homepage with the message "This video has been removed due to infringement."
Do you get a warning when you go to that page directly?

If no it might be the redirecting that your avast doesn't like? There isn't much on the page itself that could be that harmful...A few adds for mega related products (i.e. megaupload manager, go premium, etc), a youtube embed...

I got the alert in Avast when I clicked on the link a few weeks ago.
I just now tried going to the link directly and got the "This video has been removed due to infringement." message.
There was no alert this time from Avast.
It seems whatever caused the alert was removed along with the video.
Thanks for testing.

no telling how long its been dead, original report was last month. but i DO find it very odd that something of the sort would come from MV, b/c i can have all of my security on and view things with no problem, no popups, nothing. and ive never had even a PEEP from any of it on MV, ever...


but, ill admit this still might be a good thing in the long run. good place to start at least. well done RE

This is great - thanks for starting the thread

Oh this will be handy , great idea , ty Redeye2

Seemed to have picked up a trojan on my wife's machine today. Not 100% sure this is the culprit, but she says she tried clicking on the link a couple of times and it wouldn't play. Instead a large red and white X icon popped up in her tray, and started running a program called antivirus 2010 which, obviously she didn't have. It was never detected by her a.v. software.

thread; http://ipb.quicksilverscreen.com/index.php?showtopic=123616
post; #2 s05e06 tom
link; http://www.supernovatube.com/play.php?view...922f8371d582729

Since it's the only link she's been to today, I'm inclined to believe it's what started it since malwarebyte, and spybot scans came up clean this morning.

VIRUS ALERT!!

when opening the divxden site, after the cue, client.exe is being installed in WINDOWS/system32, which contains the trojan virus TR/Dldr.TDss.Z.11.


thanks for that.

While thank yous are always appreciated (it's good to know one's efforts aren't going unnoticed), in this case, it's not really deserved. To act as though it was would imply that, rather than simply using DivX Den as one of the handful of streaming sites that accept files greater than 1gb (1024mb), I actually have an affiliation with them, or exert some sort of ultimate control over what a third-party site like them delivers in addition to a DivX file (no different than a gazillion other DivX files previously hosted there), or for that matter, had a way of knowing about it--not everyone here uses a Windows PC, and therefore, isn't susceptible to (or even aware of) such nonsense. None of those implications would be correct. Or further from the truth.

However, if you'd like to thank me for trying to provide content that's only found here on QSS (like this particular version), or for uploading to a secondary host (because someone, for whatever reason, couldn't access it from the first link provided), then I'll graciously reply with a genuine and heartfelt you're welcome.

My Nod AV stayed quite while visiting the site, but this hinky bullshit popped up.

Yeah, I've seen DivX Den links posted (on other sites) accompanied by instructions to simply ignore it.

http://ipb.quicksilverscreen.com/index.php?showtopic=169647

Have the ppl getting the java trojan warning updated java? (divxden)

Sun released an update the other day, if you haven't please update.
After updating would you mind checking if you still get the warning?

Not completely sure what it was, since snt only plays with addblocker turned off i'm leaning towards an add.
The vid doesn't play but there is a zango add on the page. I refreshed at least 10 times, hit play but no red X.

It is possible, if it was an add, that it is one not set for my region. There are adds that give red X pop-up's telling you you need a virus scan(ner) and when you hit ok it starts downloading. (or looks like it is, can also look like it is scanning)
Can't be sure that is what happened.

Since the scans came out clean why do you think she got infected? Is the pc acting weird?

What I meant was that the scans came out clean in the morning and the computer hadn't been used all day. The first place she went, in the evening, when she logged on was qss and went straight to this video. That's when the red x came up telling her she needed a virus scan. She says she didn't click on it, but rather hard booted her computer with the power button. At that point, it was too late because when the computer rebooted, it started loading 'updates' in the windows splash screen and immediately started running this antivirus 2010 the second it was finished booting.

It locked out all of her antivirus software except malwarebyte which I started to run, but gave up in favour of a windows reload instead, since it had messed so badly with my admin functions. Before I cancelled it, malwarebyte gave a list of about a dozen different trojans, which, unfortunately I never took the time to write down.

As an extra precaution I've installed the 'adblock plus' addon for firefox and kill ALL ads on video sites, plus blocked snt and xtshare from my hosts list since both have had a history of causing me problems. I figure with the amount of video sites out there, I don't need to worry about sites that don't know how to manage their ads properly. I recommend other people do the same.

uploads are appreciated ... my anger being rather directed at divxden. sorry.

anyhow, run, cancel, ignore, whatever,
something installed to system32 and run without my permission/knowledge is by my understanding malware and unwanted.

i will simply stay away from divxden and keep up my 0-virus rate i have been maintaining for the last 7 years.

http://www.mrbrownee70.com/?id=7B3WAH7QE

Mr. Brownee had a browser redirect on the heroes link. Sent me to some iffy area connect site. Didn't ask to install anything but it was instantaneous. I saw the black background them bam, now loading area direct. Might want to look into your advertising partners. I couldn't get a screen capture of the add I didn't even see it to be honest just an instant redirect.

I got a trojan warning twice when I tried to use this link. The first page is fine, and the second page as well, but clicking "play" on the DivX window generated a warning against something called "Trojan-Downloader". While it might just be my AV freaking out over nothing, I thought you should be aware in case it does turn out to have a virus embedded somewhere within it.

Fringe S02E02 - Divxden

Installing the Divxden Application below cause the following infection. They were removed with SUPERAntiSpyware.



1. The Thread URL and Post #: http://ipb.quicksilverscreen.com/index.php...mp;#entry810736, Post #19
2. The URL of the link that gave you an Alert: http://www.divxden.com/l2h2fptxny8a/fringe...id-fqm.avi.html
3. The software that gave you the Alert: SUPERAntiSpyware.
4. The type of Alert, e.g. Trogan detected, Malware detected, etc.: After running an Avast scan, the following 2 Trojans were found:
Trojan.Agent/Gen
C:\WINDOWS\SYSTEM32\CLIENT.EXE
C:\WINDOWS\Prefetch\CLIENT.EXE-0ABB9445.pf

5. The date you received the Alert: September 24, 2009
6. If possible, please post a Screen Shot of the Alert, as this will help us eliminate false positives: NA

I just watched that episode from that link Redeye and there was no pop up for me, it just played through normally. Perhaps it's some sort of ad on the page running a script? Not even sure they can do that without clicking on them, but adblock is the only thing i have running that would have stopped that popup that i can think of.

Edit - That'll teach me to read properly, you clicked the Install DIVX Web Player link maybe? Although it does lead directly to DiVX own webpage.

This is too wierd... I just got the pop up by clicking on the topic last poster in this thread from the main forum No AVAST Alarm... it came and went like a flash... no trace on my computer...

2shared has a trogen stay clear unless you want to format ur pc?

Proof? Screenshot? Something?

hello, i dont know much about posting on here or about viruses for that matter but i have watched hundreds of things on qss and the sites it directs you to and i have never picked up a virus until now. Basically i picked it up on what i thought was the safest and best site to use: MEGAUPLOAD. It was a tricky thing, it appeared as a adobe reader compatibility error which i have constantly got when using the internet as for some reason my vista has compatibility issues with adobe reader. anyway it comes up with this screen and usually i just hit run anyway or cancel or whatever and it goes away. so when it popped up after id just started the buffering on a movie i just hit whatever it is i always do and then i got a windows defender warning saying i was infected. after researching it i realised that it was a bogus defender warning and it was actually antivirus pro 2010 as the shortcut was on my desktop everytime i booted my laptop. i got rid of it somehow in the end. but anyway now quite often when i try a megaupload link it comes up with the same abode reader error, to which i ctrl alt del and end the task so i dont actually touch the window. anyway sorry for yabbering on i just wanted to explain it as best i can. by the way i use internet explorer, i have vista and my antivirus is avast. does anybody else get this or is aware of it?

I seriously doubt megaupload was the source. You are probably infected still with something and that's what's causing the pop ups. In the future I'd suggest using Firefox with the AdblockPlus addon and not just clicking on whatever pops up to get to a movie.

Sorry to hear about your virus incident.

I would suggest you download and run SUPERAntispyware - Free.
If you've still got the virus on the computer SUPERAntispyware may be able to get rid of it. It's a very good program.

As far as reporting about viruses, take a look at the first post in this thread. It provides a guide for the type of information that will help us determine if the link leads to an infected page/site, etc.

Went to a cinshare link to watch gamer I think it was, and was forced to allow scripts AND disable adblock. The movie was in div-x format and after watching it my div-x player is full of advertisements even playing movies I downloaded weeks ago. Some wont even play at all cant get past the adds, others play in fast forward. Its putting cookies from trafficmp.com as well as other ad sites very frustrating especially when I go to check my bank ballance and an invalid certificate for some add/spyware site pops up Spyhunter finds the cookies but not the source, delete the cookies and they are right back in a bundle of 8 as soon as I navigate anywhere. Spyware nuker finds some registry entries high risk something about some bundle app??? Delete them all but they come right back. Long story shortened, has anyone else been hijacked by the cinshare site? How did you get rid of this %^$$%$#ing addware/spyware? Any help would be greatly appreciated.

just a heads up... one f our members got the braviax.exe trojan while DL trueblood episodes from some of the mrbrownee links... he doesnt know which link, as he had several goin at once (season 1 eps 6-8 in divx)... he did say he did it thru IEtab in FF. This is one NASTY infection, it opened the flood gates for jboy.exe and about 8 others such as vundo. I am on the phone wiht him now trying to avoid a reformat... just giving a heads up to keep your eyes open and don't use IEtab. This thing shuts down Malwarebytes and SAS, deletes files, and hijacks your personal info and browsing. I'll post more info as I get it.

Update:

Ok, lots of issues with this nasty... disables booting up into safe mode, normal bootup gives tons of "you are infected" popups trying to get you to buy antivirus pro 2010, windows police, and many others. It also locks out the task manager so you can't get it open. I was able to get him to get Malwarebytes back on the machine and get a scan going, will have results from that soon I hope. Malware bytes so far has found instances of vundo, but vundo fix didn't find anything. Considering QSS is the only site he uses other than Gmail, he aint too happy right now. I assured him it wasn't QSS that infected him, and instructed him in the future to not use IEtab. Seems like anything to do with IE these days leads to trouble. This is getting as frustrating for me as it is for him, because I am trying to do an infection fix from 8 hours away. Every fix I have found on the net hasn't even put a dent in his infection thus far, so hopefully the results of the MBAM scan will see some favorable results.

V1p3r - I've had pretty good luck getting rid of Vundo and other nasties with Avast! and SUPERAntiSpyware.
In addition, I've found the advice of quietman7 HERE to be extremely helpful in fully ridding a computer of viruses.

finally got his issue resolved... was a new vundo variant that vundofix won't detect yet... it disabled all his protection progs, but I had him to a non-destructive re-image fro the restore disc, back up his music and vids, then to the destructive re-image. There was just so many on his machine that it wouldn't even boot into windows from all the popups... boot up and freeze from all the windows opening up. He's good to go now tho. Makes me glad I use linux mostly... linux is like a safe warm fuzzy blanket... so toasty and warm...

http://www.divxden.com/op7smdf3iw9c/qfn-crts.avi.html#

eset blocks something from this url.

every link i click from divxden now,eset antivirus blocks a popup,its not just one its every link.so are we going to let this go on.

sorry maybe this should be in help.

While I'm not up on antivirus software, what that looks like to me is a warning that's triggered not by an immediate attack per se, but instead your landing on a page that appears on a list of URLs/IPs (provided by the publisher?) that have been labeled for whatever reason potentially dangerous. Does the software offer a further in-depth explanation as to what in this particular case constitutes potential danger? I see what appears to be a link to the publisher's website in the lower right-hand corner of the warning window--is that linked to more information about this particular incident? Or is it simply a pointer to their homepage? And if it is a warning (ambiguity aside), does that mean your system hasn't been compromised? And that you can close the tab and continue to the movie otherwise unaffected?

Are you running AdBlock Plus? I don't see it in your screenshot.

I just loaded a DivXDen link with AdBlock Plus disabled. In the process of clicking through to the content, three pop-ups appeared (a recipe site, a TV clips site and a Chinese sex museum site). While they were all easily dismissed, they still appeared (and could very possibly have displayed a similar alert if I were running an antivirus app). With AdBlock Plus enabled, I saw no pop-ups whatsoever. While this behavior may be different on a Windows PC than on a Macintosh, is it reasonably correct to assume that, regardless of platform, if the pop-ups never appear in the first place, the antivirus software won't be triggered?

it was on the wifes machine,no abp,the link to eset is to the homepage no further explaination to the blocked sites.
did we not have the same thing with xtshare,the problem wasn't with xtshare, it was there advertisments,is this not the same thing.

Ok having issues with this site loombo.com , everytime I go to watch a movie it crashes my firefox , so not sure what is going on with this , here is the link I used : http://loombo.com/bc1g7rdrdvzg/Ballast_LiM...RAMINA.COM.html . Anyone else having problems ??? Also seems to have slowed computer down , making it glitchy . I have all my spyware and antivirus working, no alerts popped up either .

I use avast and I have been getting this message warning for the past couple of weeks..

Blocking arousing.tv:1020/tracking-swf, BLOCKED

Firefox Addblock on max and Avast on medium high.

I also had a very strange experience on QFN the other day... Actual virus attack when I accedentally clicked out of the center box for films....

Pooh... run S&D spybot

Just got this from cinshare....


Just thought I'd make everyone aware of it since they are now forcing ads.

http://ipb.quicksilverscreen.com/index.php...=15#entry852294

I am getting a warning from the divxden links.

www.arousing.tv (no idea what it is)

I use Avast.