Results 1 to 13 of 13

Thread: Virus????? What happened?

  1. #1
    Visitor
    Join Date
    Apr 2012
    Posts
    2

    Virus????? What happened?

    I've used this site for Years. Just came in here on my pc and norton went nuts. Some temp68.exe along with something that shut my entire pc down. All folders and files are Mia. This is not a troll or a fake post. It was DEFINITLY from something here. Maybe script in a post idk. Has this hit anyone else? And how am I able to fix it? Safe mode on windows is down and everything

  2. #2
    Visitor
    Join Date
    Apr 2012
    Posts
    2
    It looks like I have it fixed. With a combination of unhackme and unhide. It seems to have restored everything. Symptoms were all files and folders hidden. And massive hdd warnings. All fake positives btw. It must have been a random ad on the site that triggered it. This was the only site I was on in the last 4 hours and the files were triggered the second I loaded it. Comparing the uptime of the bad files
    Via virus scanners it DEFINITLY was something here . Still love this site. And
    Like I said this isn't a fake
    Message.

  3. #3
    Visitor Egat Bearskinner's Avatar
    Join Date
    Dec 2002
    Posts
    33
    My Norton has blocked two attacks in the last couple weeks when visiting the main section of the forums. My guess is that it was in an ad as I hadn't yet clicked into any sub-forums.
    Last edited by Egat Bearskinner; 04-07-2012 at 07:38 PM.
    Egat Bearskinner
    Imperator of Mystic Coercion, Erollisi Marr
    The Orc Pawn - My EverQuest Blog

  4. #4
    Administrator Niami DenMother's Avatar
    Join Date
    Oct 2002
    Posts
    2,563
    We're seeing inconsistent virus warnings with the forums for both games ... as in sometimes Avast says there's something infected on the page, and sometimes it is fine. We're beating our heads against the wall on this one. It may be one of the ads, which will make it even harder to track down and block. (Not to mention destroy our income from the site if we have to turn off the ads ... guh). We're looking into it, and crossing fingers, toes and eyes.

  5. #5
    Hobbyist Zuklaak's Avatar
    Join Date
    Dec 2002
    Posts
    106
    Google is reporting as an attack site. I had to turn it off in my browser to post.
    Zuklaak - 62 Shadow Knight

    Measure with a micrometer, Mark with chalk, Cut with an axe

  6. #6
    Database Druidess Aanuvane's Avatar
    Join Date
    Dec 2003
    Posts
    3,369
    I got hit hard yesterday too - had to resort to turning off ads in order to come back.
    300 Baker, Brewer, Potter, Jeweler, Fletcher, Smith (woodelf, drakkin, high elf and vah shir), Tailor (woodelf, drakkin, high elf), Researcher, Tinker, Poison Maker and Alchemist (x4 for friends )

  7. #7
    Administrator Niami DenMother's Avatar
    Join Date
    Oct 2002
    Posts
    2,563
    The absolutely ironic part of google reporting it as an attack site is it looks like google adsense ads might be the culprit.

  8. #8
    Database Druidess Aanuvane's Avatar
    Join Date
    Dec 2003
    Posts
    3,369
    I have had to add this to a list of restricted sites in my permissions to keep from getting hit every single time I come here now
    300 Baker, Brewer, Potter, Jeweler, Fletcher, Smith (woodelf, drakkin, high elf and vah shir), Tailor (woodelf, drakkin, high elf), Researcher, Tinker, Poison Maker and Alchemist (x4 for friends )

  9. #9
    Visitor
    Join Date
    Mar 2006
    Posts
    19
    Quote Originally Posted by Aanuvane View Post
    I have had to add this to a list of restricted sites in my permissions to keep from getting hit every single time I come here now
    Which site did you add to restricted sites? I also had to ignore a warning to get to the boards.

    Safe Browsing
    Diagnostic page for mboards.eqtraders.com

    What is the current listing status for mboards.eqtraders.com?

    Site is listed as suspicious - visiting this web site may harm your computer.

    Part of this site was listed for suspicious activity 3 time(s) over the past 90 days.

    What happened when Google visited this site?

    Of the 303 pages we tested on the site over the past 90 days, 13 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-04-23, and the last time suspicious content was found on this site was on 2012-04-21.

    Malicious software includes 100 scripting exploit(s), 9 trojan(s), 8 exploit(s). Successful infection resulted in an average of 11 new process(es) on the target machine.

    Malicious software is hosted on 9 domain(s), including biznesstroika.be/, iklmango.org/, klmpoint.org/.

    6 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including netabuzam.org/, hornyenglandgrannies.com/, forstats.nl-web.com/.

    This site was hosted on 3 network(s) including AS11175 (DISTRIBUTEL), AS11814 (DISTRIBUTEL), AS15169 (Google Internet Backbone).

    Next steps:

    Return to the previous page.
    If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.
    Will those specifics be of any use? I have long frequented EQTraders and the boards, and would hate to not have that option!

  10. #10
    Database Druidess Aanuvane's Avatar
    Join Date
    Dec 2003
    Posts
    3,369
    http://mboards.eqtraders.com is what I put on restricted site. I can still get here, but lots of the page is disabled - no ads, no active x, etc. I just can't do any admin any more - like deleting and blocking spammers. Also I haven't had any problems with www.eqtraders.com - it's just the boards that bring me down
    300 Baker, Brewer, Potter, Jeweler, Fletcher, Smith (woodelf, drakkin, high elf and vah shir), Tailor (woodelf, drakkin, high elf), Researcher, Tinker, Poison Maker and Alchemist (x4 for friends )

  11. #11
    Super Moderator Drazzminius's Avatar
    Join Date
    Feb 2005
    Posts
    272
    I use Google Chrome with AVG Free. I have gotten a warning on a couple of occasions, but once I'm at the site I've been good to go. I deleted spammers the first two days, but Niami has blocked registrations at this time, so no new offenders have shown up.



    Unfortunately, it also means that there are no new members that truly contribute to the site.
    Mikaal Drazzminius
    Tier'Dal Necromancer
    Rodcet Nife by Birth / Quellious by Merger / Povar by Re-Merger


    Master Artisan
    Necrotalk Admin
    EQ Traders Super Moderator
    EQ Magelo Advisor/Moderator

  12. #12
    Apprentice Trader MareeTP's Avatar
    Join Date
    Aug 2006
    Posts
    193
    I've been hit twice with it too coming here - my AV has caught it. We had the same problem on our guild boards and ended up having to do some major work - we received random attacks from Israel, Germany, the Far East and all over. Had to put a lot of protection in place and in some instances, outright ban certain IPs. It took our people several weeks to fix it all.

    We believe they are randomly hitting weaknessess in the software itself, not targeting specific sites.
    Silmare - Fu World Order - Bristlebane
    Master Artisan ~ Master Researcher (Hybrid)
    Master Tinker ~ Master Alchemist ~ Master Researcher(Caster) ~ Master Poisoncrafter

  13. #13
    Expert Trader Draggar's Avatar
    Join Date
    Jan 2003
    Posts
    846
    Wonderful that we're getting all these warnings but none of the warnings tell us exactly WHAT the issue is.
    Draggar De'Vir
    92 Assassin - Povar




    Xzorsh
    57 Druid of Tunare - Povar

    Hark! Who is that, prowling along the fields! It is Draggar De'VIr, hands clutching two hardened pitas! He cries gutterally: "In the name of Thor the Mighty, I hereby void your warranty, and send you back to God!!!"

    "No one can predict the future, so we all should eat our desserts first!" - Gaye from 'The Maelstorm's Eye" (Cloakmaster's Cycle book 3)

Similar Threads

  1. Virus on EQ Traders?
    By Ysall in forum DenMother's Corner
    Replies: 8
    Last Post: 02-18-2006, 06:01 PM
  2. @#$% virus
    By Cigarskunk in forum Primal Scream Room
    Replies: 13
    Last Post: 08-26-2003, 09:16 AM
  3. Virus warning
    By sumamael in forum Primal Scream Room
    Replies: 14
    Last Post: 03-03-2003, 12:56 AM
  4. Email virus - do you have one?
    By Heartsong_Steelsoul in forum OOC Chat
    Replies: 12
    Last Post: 12-12-2002, 10:50 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •