Terrible Trojan viruses lurking in download files!

[eubiecat]

Hi all,

I caught a horrible Trojan virus from something on this website. Just wanted to warn other members--approach with extreme caution! This virus invaded my registry, blocked all the executable (.exe) files on my computer, and over-rode my computer's defense system. It opened a fake"Microsoft 2012 Home Security" page and tried to extort money from me.

It took five hours with a computer expert friend of mine to remove this hideous thing.

I just tried to download DAREDEVIL #2, and the Trojan tried to attack my system again. Fortunately for me, my registry protection program bounced the damned thing.

Please consider switching to another server for DCM's files...

Best,

Frank

[Yoc]

Frank,
DD02 had a MAC file called .DS_Store inside it that does nothing to your PC.
It's harmless.  You can read about it here -
http://en.wikipedia.org/wiki/.DS_Store

You might find the same file inside other files upload by new scanner Jeff Cannell.
I've contacted Jeff and he's working on finding a Mac Zip app that doesn't include these Mac files.  There was nothing else out of the norm inside the file.  Windows users often include a Thumbs.db file in their uploads that does no harm as well.

If you know of any other files on DCM you think had a virus please let me know and I'll check.

But I will say you are the first and so far only person ever to make such a claim.
-Yoc

[Captain DJ]

Thanks for pointing this out but I can ensure you after a quick look this trojans has not came from our website. I can personally ensure that all our code is 100% clean and the file in question has been checked.

I can only guess that the warning was triggered by either another website open at the same time as this site, a popup from another website or even a 3rd party advert on a website.

Have moved this to help section as this more suitable location as it not News and Announcement

[Yoc]

Thanks Capt, I had planned to move it as well and forgot.
A 'clean' version of DD2 is now up as well minus the Mac file.

I hope that Frank will continue to use DCM despite his experience.
-Yoc

[John C]

First, it (almost) can't be the files, because they're just compressed archives of pictures (ZIP and RAR).  They don't run any code, so there's nothing to worry about on that front.

In terms of the website, I just ran it against a clean, unprotected system and nothing happened, so I'm pretty confident we're safe.

Just a note, though (to offer another possibility and warn a few interested people), a LOT of people have had their browsers hijacked recently by "zero tolerance" CNET's download.com.  They've been bundling a lot of malware in their downloads, sadly, in the last few weeks, including in cases where it violates copyright.

https://krebsonsecurity.com/2011/12/download-com-bundling-toolbars-trojans/

"CNET’s own installer is detected by many antivirus products as a Trojan horse..."

http://insecure.org/news/download-com-fiasco.html#updates

"The trojan installer now tries to install something called Drop Down Deals on your computer (screen shot). This handy application spies on all of your web traffic in order to pop up ads when you visit certain sites."

Given the popularity of the site, if anybody has downloaded something from them recently, you might want to do some serious investigation.

[jeffcannell]

Sorry that my extra mac files sent such a scare... uploaded my first cbz ever using the yemuzip zipper. hope this stops any future alarms!

[Yoc]

No worries Jeff, the latest is Mac file free.