Virus????? What happened?

**Dragonborn** · 04-07-2012, 12:18 AM

I've used this site for Years. Just came in here on my pc and norton went nuts. Some temp68.exe along with something that shut my entire pc down. All folders and files are Mia. This is not a troll or a fake post. It was DEFINITLY from something here. Maybe script in a post idk. Has this hit anyone else? And how am I able to fix it? Safe mode on windows is down and everything

**Dragonborn** · 04-07-2012, 01:24 AM

It looks like I have it fixed. With a combination of unhackme and unhide. It seems to have restored everything. Symptoms were all files and folders hidden. And massive hdd warnings. All fake positives btw. It must have been a random ad on the site that triggered it. This was the only site I was on in the last 4 hours and the files were triggered the second I loaded it. Comparing the uptime of the bad files
Via virus scanners it DEFINITLY was something here

. Still love this site. And
Like I said this isn't a fake
Message.

**Egat Bearskinner** · 04-07-2012, 07:34 PM

My Norton has blocked two attacks in the last couple weeks when visiting the main section of the forums. My guess is that it was in an ad as I hadn't yet clicked into any sub-forums.

**Niami DenMother** · 04-09-2012, 07:16 PM

We're seeing inconsistent virus warnings with the forums for both games ... as in sometimes Avast says there's something infected on the page, and sometimes it is fine. We're beating our heads against the wall on this one. It may be one of the ads, which will make it even harder to track down and block. (Not to mention destroy our income from the site if we have to turn off the ads ... guh). We're looking into it, and crossing fingers, toes and eyes.

**Zuklaak** · 04-18-2012, 07:09 PM

Google is reporting as an attack site. I had to turn it off in my browser to post.

**Aanuvane** · 04-19-2012, 06:20 AM

I got hit hard yesterday too - had to resort to turning off ads in order to come back.

**Niami DenMother** · 04-19-2012, 11:58 AM

The absolutely ironic part of google reporting it as an attack site is it looks like google adsense ads might be the culprit.

**Aanuvane** · 04-20-2012, 08:20 AM

I have had to add this to a list of restricted sites in my permissions to keep from getting hit every single time I come here now

**Laeaddor** · 04-24-2012, 08:38 AM

Originally Posted by Aanuvane

I have had to add this to a list of restricted sites in my permissions to keep from getting hit every single time I come here now

Which site did you add to restricted sites? I also had to ignore a warning to get to the boards.

Safe Browsing
Diagnostic page for mboards.eqtraders.com

What is the current listing status for mboards.eqtraders.com?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 3 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 303 pages we tested on the site over the past 90 days, 13 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-04-23, and the last time suspicious content was found on this site was on 2012-04-21.

Malicious software includes 100 scripting exploit(s), 9 trojan(s), 8 exploit(s). Successful infection resulted in an average of 11 new process(es) on the target machine.

Malicious software is hosted on 9 domain(s), including biznesstroika.be/, iklmango.org/, klmpoint.org/.

6 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including netabuzam.org/, hornyenglandgrannies.com/, forstats.nl-web.com/.

This site was hosted on 3 network(s) including AS11175 (DISTRIBUTEL), AS11814 (DISTRIBUTEL), AS15169 (Google Internet Backbone).

Next steps:

Return to the previous page.
If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.

Will those specifics be of any use? I have long frequented EQTraders and the boards, and would hate to not have that option!

**Aanuvane** · 04-24-2012, 12:07 PM

http://mboards.eqtraders.com is what I put on restricted site. I can still get here, but lots of the page is disabled - no ads, no active x, etc. I just can't do any admin any more - like deleting and blocking spammers. Also I haven't had any problems with www.eqtraders.com - it's just the boards that bring me down

**Drazzminius** · 04-24-2012, 06:56 PM

I use Google Chrome with AVG Free. I have gotten a warning on a couple of occasions, but once I'm at the site I've been good to go. I deleted spammers the first two days, but Niami has blocked registrations at this time, so no new offenders have shown up.

Unfortunately, it also means that there are no new members that truly contribute to the site.

**MareeTP** · 04-24-2012, 07:05 PM

I've been hit twice with it too coming here - my AV has caught it. We had the same problem on our guild boards and ended up having to do some major work - we received random attacks from Israel, Germany, the Far East and all over. Had to put a lot of protection in place and in some instances, outright ban certain IPs. It took our people several weeks to fix it all.

We believe they are randomly hitting weaknessess in the software itself, not targeting specific sites.

**Draggar** · 05-10-2012, 04:46 AM

Wonderful that we're getting all these warnings but none of the warnings tell us exactly WHAT the issue is.

Thread: Virus????? What happened?

Thread Tools

Display

Virus????? What happened?

Similar Threads

Virus on EQ Traders?

@#$% virus

Virus warning

Email virus - do you have one?

Posting Permissions