Trojan on Flawless Computer site?

[michaels39]

Has anyone else experienced a Trojan alert by their AV program when clicking the link for Flawless Computers?Saw their ad here and thought I'd check them out,as soon as I connected with their site,I got a trojan warning from McAfee.This happened on two different attempts,so something's definitely wrong there.

Flawless Computers Reviews at ResellerRatings:
http://www.resellerratings.com/store/Flawless_Computers

[nomaxim]

I had that happen on the boards here once. McAfee was picking something up in someone's post as being virus like. LOL. Is it giving a name or just a general alert? If it's just a general alert then it is likely just being set off by some code on the website page.

Is this the site? Link disabled as this site attempts to d/l a trojan.
I'm running McAfee Enterprise ver 8.0i and I'm not getting anything. The site has not yet been rated by McAfee's Site Advisor, so I submitted it for review.

EDIT:
Done, don't know how long it takes for them to check the site out. You can check back at the link below.
http://www.siteadvisor.com/sites/fla...s.com/summary/

[michaels39]

The alert says it is the download/aus trojan,and it happen every time I go to the site.

[nomaxim]

What is the exact wording?
I searched Avert library for "download/aus trojan" and got no returns.
I searched for "/aus trojan" and got these two;
1. "Nordex", Trojan:http://vil.nai.com/vil/content/v_140856.htm
2. "W32/Bagle.aj!proxy", Virus: http://vil.nai.com/vil/content/v_127029.htm
Both are low risk.

Also, what ver of McAfee are you running?

[michaels39]

I read the name wrong(I was in a hurry to get rid of it),the full name is JS/DOWNLOADER-AUD trojan,the McAfee profile is here:
http://us.mcafee.com/virusInfo/defau...virus_k=139961

[nomaxim]

Be sure that your McAfee engine and DAT's are up to date.
Turn off "System Restore"
Run McAfee.
Turn "System Restore" back on.
You should be clean after that. This may require one or two restarts.

Looks like this one gets in through Internet Explorer (IE) with Java-script. (I use FireFox (FF) as a browser, that may be why I got nothing. I tried IE and got the same alert that you did.

That site has a private registration and is only registered for one year, and the only contact info is a toll-free number. No mailing address or payment methods.I would stay away from them. Looks like a scam site, and they are passing along a trojan.

Just a side note; MS06-014 MS has issued a patch for this trojan. If you system is fully updated then you should be fine.
REF:KB911562

[flawlesscomputer]

This is the first time I've ever even heard of this and I used to be in the web design business. My programmers are much more experienced than whoever scripted RR. My customers and I both experience new problems every couple weeks with this site.

Flawless Computers does not contain a "virus". It's McAffee's ignorance or over protection that's causing this alert, most likely due to the LivePerson javascript code on the page.

Download all updates and patches and it probably won't happen again.

[flawlesscomputer]

Looks like there's another ignorant person here. 90% of large companies make their registration private so personal contact information isn't out in the public. Also, the domain renews automatically every year. No mailing address because we don't have a storefront, we're in a warehouse. Payment methods are the obvious - same as every other site. Our customer's are not that stupid to not figure the simple things. If you want to call us a scam site again or say any other rude things I'd be glad to file defamation of character and slander charges against you.

Brian Smith - President
Flawless Computers, LLC
720.690.9388

Quote:

Originally Posted by nomaxim

Be sure that your McAfee engine and DAT's are up to date.
Turn off "System Restore"
Run McAfee.
Turn "System Restore" back on.
You should be clean after that. This may require one or two restarts.

Looks like this one gets in through Internet Explorer (IE) with Java-script. (I use FireFox (FF) as a browser, that may be why I got nothing. I tried IE and got the same alert that you did.

That site has a private registration and is only registered for one year, and the only contact info is a toll-free number. No mailing address or payment methods.I would stay away from them. Looks like a scam site, and they are passing along a trojan.

Just a side note; MS06-014 MS has issued a patch for this trojan. If you system is fully updated then you should be fine.
REF:KB911562

[RobRich]

Quote:

Originally Posted by flawlesscomputer

....say any other rude things....

Brian, you have certainly said plenty of rude things here. Take a step back, calm down, and get on with your business. We uphold a certain standard of conduct within the ResellerRatings forums. Please consult the conduct guidelines established in our Forum FAQ.

Quote:

Originally Posted by Forum FAQ

Members will notice immediately that ResellerRatings' forums are unlike many other message boards on the Internet. One of our policies has always been to treat each other with respect and dignity, and we do not allow obscene language. These policies for conduct are our top concern and are actively enforced.

Thread locked.

[Admin RR]

Perhaps an honest javascript error, however the exploit is reported at this explabs.com site.

Quote:

STOP! LinkScanner Online has found the exploit:
[WebAttacker] at:
http://flawlesscomputers.com
Click the following link to learn more about this exploit in our KnowledgeBase:
WebAttacker