Jump to content

Click Here!

Virus threat


Aysha c.c.

Recommended Posts

  • Replies 96
  • Created
  • Last Reply

Top Posters In This Topic

I just checked each and every subdomain with Firefox 13.x. I use Kaspersky, and it kicked nothing at all. I also have a code embedded in all index pages, for google indexing. It's tied in to the virus warnings from google as well in the webmaster tools, and I've received nothing there either.

Link to comment
Share on other sites

Temp files are cookies, flash files which will download partially to a computer to run, ActiveX controls, and a host of other things besides. I'm not saying that your antivirus didn't find anything. What I AM saying though, is that it's possible you had a tab open to a different site which had the actual infection, or the file itself picked something to spoof from your own history.

Looking further in to the software being used, I'm seeing reviews saying that for phishing/malware it doesn't work as well as it should. This is actually COMMON in antivirus software, which is why you'll often see people installing something in addition to the AV software to run scans solely to eliminate phishing/malware.

If it was here, as I said, we would have been notified by the webmaster tools from google itself. Chrome would've kicked and not allowed acces at ALL. This link will give you the google diagnostics information.

Link to comment
Share on other sites

Okay, since I can't seem to convince you this will be my last time saying anything about this. Before I opened my Internet browser. I deleted all of my temporary files and before I came to your site I went to five different sites that I know to be secure, and I had no problems. Just to be on the safe side, I deleted my temporary files again and then opened a link directly to the adult fanfiction forums and as soon as the webpage opened my antivirus caught this (ywr4atg.exe in c:\users\Aysha c.c.\appdata\temp W32.Rogue.Gen)

No. Choose to believe that it's your site or not, it's up to you . It's not getting through my antivirus , so I'm not overly concerned about it I just thought you would like to look into it and be absolutely certain that someone hasn't put a virus on your site.

Edited by Aysha c.c.
Link to comment
Share on other sites

I too got a serious virus warning two days ago that between MSSE and MalwareBytes, I was able to clean off my computer, but it left junk behind in my registry that’s still giving me problems, and it definitely came from here, because everything was fine until about two seconds after coming here that day. It happened in connection to the appearance of this fake security warning popup (lower right hand corner):

th_983985360_NewBitmapImage_122_21lo.jpg

Which was the first time I ever saw it here, is most definitely not coming from my machine, and is still occurring as of a few minutes prior to my post here. I’d bet money that since it only happens sporadically, you’ve got a virus-riddled ad in your ad rotation.

XP Professional 5.1.2600 SP3 Build 2600 with IE 8.0.6001.18702 (128-bit)

Link to comment
Share on other sites

I have gone through each and every ad insert in the database.

I have gone through the file directories looking for anything at all suspicious or newly added

I've also limited access to the ad program itself, to where it's only accessible to users when I give access.

To satisfy everyone, I have done this again, just now.

I'm still finding absolutely nothing at all.

Yes, I am aware that OpenX had vulnerabilities in the past. I've not heard anything as of yet regarding the latest version. However, that doesn't mean the vulnerabilities aren't still there.

BECAUSE we went through this before where we had an insert of malicious code via a robot hack in this program, if anyone says anything, I check.

Link to comment
Share on other sites

...and an update.

Now, the warning is showing up. However, it's only showing up for the final fantasy subdomain.

Kaspersky safe browsing is kicking up nothing at all in that subdomain.

I even used the google link to test, and this is what it says. Pay close attention to the highlights please

post-5266-0-20448600-1362028731_thumb.png

I will keep searching and see what I can find so I can fix it. But I have to FIND it first.

In the meantime, it's late and I have work in the morning. So, I won't be looking until after work tomorrow.

Link to comment
Share on other sites

I'm in the process of fixing all of this. I've subscribed the site to a service which specifically kills these kinds of intrusions. As we've had 3 subdomains listed within the last 2 days, I expected the rest of the site to start being listed as well.

It's going to take up to 24 hours for the scan and possible repairs to be done, as well as removal from the google blacklist as an attack site.

Mind you, this is what the google diagnostics page says

Of the 1 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-01-15, and suspicious content was never found on this site within the past 90 days.

That tells me there's actually nothing there, but that the domain itself will be listed like this until the steps I have in progress are finished.

Link to comment
Share on other sites

Guest breezies

I don't know if this convo is over or not, but I keep getting "Reported Attack Page!" whenever I go to any pages, including the forum. The toolbar is all screwed up on all of the pages too.

post-0-0-32034600-1362110294_thumb.jpg

post-0-0-58078400-1362110300_thumb.jpg

Link to comment
Share on other sites

Please read this:

It's going to take up to 24 hours for the scan and possible repairs to be done, as well as removal from the google blacklist as an attack site.

You'll notice I've bolded it. It takes time for Google to remove the site from its blacklist.

Edited by RogueMudblood
Link to comment
Share on other sites

Guest Birdymain

I was looking at the report google put up 8 hours ago.
In any case I hope this gets solved. And I suggest everyone scan their computer just incase.

Safe Browsing Diagnostic page for adult-fanfiction.org

What is the current listing status for adult-fanfiction.org?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 21 time(s) over the past 90 days.

What happened when Google visited this site?

Of

the 324 pages we tested on the site over the past 90 days, 117 page(s)

resulted in malicious software being downloaded and installed without

user consent. The last time Google visited this site was on 2013-02-28,

and the last time suspicious content was found on this site was on

2013-02-28.

Malicious software is hosted on 2 domain(s), including
,
.

This site was hosted on 1 network(s) including
.

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, adult-fanfiction.org appeared to function as an intermediary for the infection of 9 site(s) including
,
,
.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:

Updated 8 hours ago

©2008 Google - Google Home

Link to comment
Share on other sites

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...