Windows 7 AVG Virus Threat

nitewulf

Honorable Member
#1
It just started tonight, but AVG 9.0 is warning that this site (windows7forums.com) is infected and therefore being blocked. Has anyone else reporrted this? As soon as you access any page on your site the alert from AVG pops up.
What's going on?
 


Joe S

Excellent Member
#2
It looks like AVG has one more problem to add to their recent oops list. They've had more than a couple of issues this year.
Joe
 


stueycaster

Millennium Celebration Award Winner
Premium Supporter
#3
There's a new Javascript on this site that my NoScript is blocking. It's called xblacknet.cn. I googled it and there were only a few hits. They're calling it a possible virus. I couldn't find anything definite. I'm going to pm a moderator or two about it.
 


kemical

Windows Forum Admin
Staff member
Premium Supporter
#4
Hm...weird it seems fine to me, have you guys updated your AVG lately? Some AVG updates have been known in the past to be a little 'over zealous' but just to be on the safe side I'll pm Mike to check a few things out..
 


Saltgrass

Excellent Member
Microsoft Community Contributor
#5
Microsoft Security Essentials seems to be having the same problem. Malex.genIE trojan or something similar.
 


nitewulf

Honorable Member
#6
Thanks, stueycaster. That's the javascript that's causing the alerts.
 


RAK

Extraordinary Member
#7
I reported, a couple of days ago, that my computer was running slow .-only on this site - with a momentary heavy useage of the CPU. There was very little response to the thread so I thought I was alone. Now it seems not so. I carried on my own investigation and, duing the course of these, I put in the maximum security precautions I could. IE under that strain, totally failed to access the site, although I was still able to access others.. I must admit that I have had no virus warning - yet.
 


Mike

Windows Forum Admin
Staff member
Premium Supporter
#8
It is not infected and I'm looking into this ASAP. There is a nocode imageresizer that we use in case someone posts large image - automatically resizes the the image on-the-fly. Trust me, the site is secure and I'm looking into it now.
 


Mike

Windows Forum Admin
Staff member
Premium Supporter
#9
Microsoft Security Essentials seems to be having the same problem. Malex.genIE trojan or something similar.
I'm using MSE and not getting any messages about this site.
 


Mike

Windows Forum Admin
Staff member
Premium Supporter
#10
It just started tonight, but AVG 9.0 is warning that this site (windows7forums.com) is infected and therefore being blocked. Has anyone else reporrted this? As soon as you access any page on your site the alert from AVG pops up.
What's going on?
Can you please post screenshots of the message?
 


stueycaster

Millennium Celebration Award Winner
Premium Supporter
#11
Here's a screeny of what NoScript is showing. I think this might be a brand new trojan that all of the A/V companies haven't found out about yet. NoScript blocks all javascripts til I allow them.

 


kemical

Windows Forum Admin
Staff member
Premium Supporter
#12
I'm using MSE and not getting any messages about this site.
Ditto.....
 


stueycaster

Millennium Celebration Award Winner
Premium Supporter
#13
Here's another screeny with better detail.

 


Mike

Windows Forum Admin
Staff member
Premium Supporter
#14
I am seeing xblacknet.cn with noscript, but only when logged in. Still testing here.
 


stueycaster

Millennium Celebration Award Winner
Premium Supporter
#15
I am seeing xblacknet.cn with noscript, but only when logged in. Still testing here.
That's why MSE isn't catching it. NoScript is blocking it.
 


Mike

Windows Forum Admin
Staff member
Premium Supporter
#16
I had MSE on before installing NoScript. I stopped using Firefox. Nonetheless, the problem is there... I rebuilt the installation as well as rebuilt much of the database, but I am still looking into where this is coming from.
 


Mike

Windows Forum Admin
Staff member
Premium Supporter
#17
The problem is gone on the extranet... internally it is still there. I have made major changes. The database itself is using over a 200-bit encryption cipher for the password.
 


Mike

Windows Forum Admin
Staff member
Premium Supporter
#18
Thanks for alerting of this problem -- forum users and visitors are not at risk. I will inform you of further details. I have gone so far as to contact both AVG and several other companies. The problem no longer exists on the front-end and I have completely banned this domain.
 


nitewulf

Honorable Member
#19
Hi Mike,
The alert from AVG complaining about the javascript is gone this morning so something must have changed since yesterday evening. Anyway, all appears to be ok now, at least with AVG 9.0.
 


Mike

Windows Forum Admin
Staff member
Premium Supporter
#20
Hi Mike,
The alert from AVG complaining about the javascript is gone this morning so something must have changed since yesterday evening. Anyway, all appears to be ok now, at least with AVG 9.0.
The problem has been resolved and was the result of an internal problem with one of our modules. This has been completely fixed and there is absolutely nothing to worry about.
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.
Top