Google Gears a Virus (Trojan.Downloader-90750) ?

Written by - 1 comments

Published on - Listed in Internet

Today our Squid proxy server denied the download of GoogleGears.exe saying it found a virus (Trojan.Downloader-90750). At the begin I thought, this must be a false-alert by ClamAV but by doing a refresh of the download site, the download worked and after another refresh the same virus was found again.

Here what the squid logs are saying:

1) Download blocked - Virus found:

1269416489.415 372 internal IP TCP_MISS/200 12879 GET squid.user DIRECT/ application/x-ms-application

Wed Mar 24 08:28:43 2010 [29891] LOG Redirecting URL to: http://squid. ip/clwarn.cgi?url= %7B283EAF47-8817-4c2b-A801-AD1FADFB7BAA%7D%26iid%3D%7BF5B2DDAE- AC72-6B11-E4D9-E2ADF4A58E0B%7D%26lang%3Den%26browser%3D2%26usagestats %3D1%26appname%3DGears%26needsadmin%3DTrue/gears/ GearsSetup.exe&source=internal.IP/-&user=squid.user&virus=stream: +Trojan.Downloader-90750+FOUND

2) Download worked, not blocked, no virus:

1269420614.010 26 TCP_MISS/200 379 HEAD - DIRECT/ application/x-ms-application
1269420614.060 50 TCP_MISS/200 12879 GET - DIRECT/ application/x-ms-application
1269420614.164 182 internal.IP TCP_MISS/200 12879 GET squid.user DIRECT/ application/x-ms-application

Note the different remote servers of Google: (Virus found), (download without problem).

I tried to contact Google but as everybody knows, it is difficult to get in touch with the admins over there. We'll see if there was really a virus on one of the Google servers.

Add a comment

Show form to leave a comment

Comments (newest first)

google virus guy from India wrote on Apr 30th, 2012:

Seems like Google servers also infected with viruses, Not good.

RSS feed

Blog Tags:

  AWS   Android   Ansible   Apache   Apple   Atlassian   BSD   Backup   Bash   Bluecoat   CMS   Chef   Cloud   Coding   Consul   Containers   CouchDB   DB   DNS   Database   Databases   Docker   ELK   Elasticsearch   Filebeat   FreeBSD   Galera   Git   GlusterFS   Grafana   Graphics   HAProxy   HTML   Hacks   Hardware   Icinga   Icingaweb   Icingaweb2   Influx   Internet   Java   KVM   Kibana   Kodi   Kubernetes   LVM   LXC   Linux   Logstash   Mac   Macintosh   Mail   MariaDB   Minio   MongoDB   Monitoring   Multimedia   MySQL   NFS   Nagios   Network   Nginx   OSSEC   OTRS   Office   PGSQL   PHP   Perl   Personal   PostgreSQL   Postgres   PowerDNS   Proxmox   Proxy   Python   Rancher   Rant   Redis   Roundcube   SSL   Samba   Seafile   Security   Shell   SmartOS   Solaris   Surveillance   Systemd   TLS   Tomcat   Ubuntu   Unix   VMWare   VMware   Varnish   Virtualization   Windows   Wireless   Wordpress   Wyse   ZFS   Zoneminder   

Update cookies preferences