Malware still present on site?

**GROGG** · 03-11-2012, 09:31 PM

I went to access the forum from Google chrome on my PC and it gave me this:

http://safebrowsing.clients.google.c...hrome&hl=en-US

Can the admins look into this issue again?

Sent from my MB501 using Tapatalk

**Saurus** · 03-12-2012, 09:46 AM

Confirmed, I get the same red screen. A real pain to have to hit "continue anyway" every time you open a new window. @Dumba - Google Safe Browsing diagnostic page for modmymobile.com/forums - (GROGG got a space in the url somehow). It shows the details. Exploit is coming from myfilestore.com < addownload.com < lzjl.com, like we noticed before. Some discussion here - https://www.vbulletin.com/forum/show...curity-Exploit.

Don't make me use IE.

**GROGG** · 03-12-2012, 02:25 PM

Thanks saurus. I fixed it.

Sent from my MB501 using Tapatalk

**Dumba** · 03-12-2012, 02:38 PM

Is it still showing?
I don't get the warning anymore now.

**Saurus** · 03-12-2012, 03:49 PM

Originally Posted by Dumba

Is it still showing?
I don't get the warning anymore now.

Still there on my browser. Maybe attached to my pc. I'll check & see what I can find. IE is ok, but that's probably because Bill Gates is slower to react than Mr. Google.

(update) Nothing I can find (but I really don't know what to look for). Virus scan only shows the usual android exploits. McAfee & MS may not have updates in place, this is a pretty recent outbreak.

But IE is doing it too, now. And BG won't let me go ANYWHERE. Google pointed here in IE - http://www.stopbadware.org/home/security, if that's any help.

Update #2:

I think I've tracked it down to that myfilestore.com site. The good news is that Microsoft Security Suite can now clear it out, as best I can determine. But I've been down a couple of days trying to get rid of it. The first 4 or 5 times it failed to update for some reason and had to fall back. But this morning it came up successfully.

For anyone experiencing this, if you're using Windows, check for the presence of any of the following ([Downloaded Program Files] is a hidden directory):

C:\Windows\Downloaded Program Files\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB** (Attached to MyWebSearch)
(Properties > CodeBase):
http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-/ZwinkyInitialSetup1.0.1.1.cab

C:\Windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf

C:\Program Files\MyWebSearch

If you see anything like this, you're infected, or soon will be. Install the latest AV updates for your pc.

**kurtwatson** · 05-28-2012, 03:47 AM

thanks i also fixed it and works properly
and think admin should look that issue
---------------------
more on Miami Locksmith

Thread: Malware still present on site?

LinkBack

Thread Tools

Display

Malware still present on site?

The Following User Says Thank You to kurtwatson For This Useful Post:

Posting Permissions