Thanks, Chronic.

Normally there are two 0x0 pixel hidden thingies at the bottom, they have now gone too.

Grmmm.. I should have mentioned the change when I saw it (a few days ago), but as the I-Frame link seemed o.k. and the other two disappeared I just assumed it was a change of hit-counter.

Assuming the malware has been removed, that won't instantly remove the "Attack site warning", that will come after the Google Bots have searched the sites and determined the threats are no longer here.

There is an option in FF to turn it off, it's been posted in this thread a couple times.

Sandy has sent a review request to Google, things should be cleared up in a few days.

So, the malicious iframe is removed and Chrome won't say the GMC is dangerous anymore. But is the actual exploit fixed? So this won't happen very soon again. Sorry if this question is already answered before, but I haven't followed the topic for the last 5 pages.

God... Am I glad that I got a free 90 days of Norton with my new laptop. I constantly got messages saying that an attack was being blocked.
Let's hope this won't happen again...

I'm glad to see the threat has been cleared. Unfortunetly my virus protection NOD32 needed to be updated and I delayed it because I was downloading from Itunes.

I now have a piece of Adware telling me I have no virus protection and I need to buy some. Fortunetly it blocks the websites but I still get an annoying warning on my toolbar and I'm looking into removing it.

But not Opera users!!

umm... it apears that the viruses are gone. I hear that Chronic fixed them. this topic should be closed...
-Caniac

note: I was the one who reported my own post, so the report button IS NOT going nuts. the mods allready have to close this topic, so lets not give them any extra work.

I think this is over now. At least, the page is loading at normal speed again and there was no Java or ActiveX thing trying to run. And AVG isn't warning me about this site anymore, so I think we're good.

EDIT: Sorry that I didn't see the above post, but my comp showed me an outdated version of this topic, so that the last post was the one that went, "Arghh this is so annoying".

Seriously guys by scanning through the whole topic, I've realized that most people here do not have an idea about security and browsers.
There's not such thing as a secure internet browser as long as you have Javascript/ActiveX/Java (or anything client-side) enabled and no anti-virus on your machine.

I was on Firefox because that's the browser I like to use, yet I was cautious and had Javascript off and my AV on all the time. I was prompted by my AV for the malicious page NOT from Firefox. So whatever browser you're on, don't trust this for your protection.



Couldn't agree more.

For those who say Chrome is safe, let me remind you it is still at beta stage and there was an bug some day ago which made possible jar files to be executed without noticed, however this is fixed but still it is a program meant for testing and debugging, not for actual everyday use. In other words, use at your own risk or wait until the public release comes out.

Good to see that the code was fixed. Those SQL injection attacks... they're pretty sneaky...

"We're"? You're. I'm still having problems. Still warnings in different browsers, notifications from AVG.

I'm still not sure why my Spybot and Mcaffee aren't running properly after I came to the site when infected. Anyone got any solutions? It would be a nice thing to help me. I'm so sad.

Okay, so it is safe to visit The GMC again, but I still wouldnt consider this matter "resolved" because even though the malware isn't planted on the site anymore, it is still laying dormant on mine (and probably some other peoples) systems. Whenever I log into my computer, I get a message from Norton telling me that an attack on my computer has been blocked, and that trojan.pandex has been blocked or something along those lines.



Even though the trojan is being blocked, and is doing no damage, the simple fact that it is on my system irritates me, what can we do to remove it?

I'm on this site right now looking for a solution maybe it'll help you. But IDK I haven't done it all yet.

LINK

My Google Toolbar consulted me before entering this website also. I also had the heading under the link "This Site May Harm Your Computer." What is the problem?

Read the screens people.

There is a difference between the browser warning that this is a potential "attack site" and that viruses and malware is on the site (probably generated by AV software.

The warnings about this being an attack site are google generated and there because of the malware that did exist on this site, that warning will go away when Google's search bot can longer find the malware. It might take a while.

If you are going to post something along the lines of of still getting messages, post the damn message.

Re-posting that you are getting the google "attack site" message, but not quoting it leaves everyone wondering if it is a legitimate concern, or the something else.

i just started getting it right when the pic was taken
http://img264.imageshack.us/img264/6636/picgo8.png

Then read the damn topic, start with the post immediately above yours. Then start going backwards.

This message has been mentioned NUMEROUS TIMES!

And had your read the whole post you would have understood that those messages are now expected. There is nothing that can be done about them. There is no need to continue posting them.

The administration is aware of them, they have contacted, Google and asked for a review of the site.

Now use a little critical thinking.

Do you think everyone who is still getting them should keep posting that they are. or are you the exception?

no, i mean they never happened to me before. they just started.

If you saw a fire, and the fire department was putting it out, would you still rush inside and call 911?

If you were told, that they were aware of it. Would you respond; but this was the first time you saw it?

hrmmm. i wonder what he is trying to say lol

There is no purpose in this thread because the problem has been solved.

NPT made perfect sense.

If you were talking about Fred, I guess he was just giving a visual of NPT's point.

Uhm not sure if anybody else noticed it already: but at least 1 of the 2 iframes (the one from inetppui) is back at the "main" site: gmc.yoyogames.com - it's not at top of this topic however..

So it's still not really "secure" here. :/

I think there's a purpose. If there's any unanswered question and this topic is closed, another one will just pop.

Lol @ Fred

yeah i was talking about fred. he is funny sometimes

iframes themselves are not insecure - its the nature of their content that can compromise a website, so if there is an iframe on this page, and it was supposed to be there, there's nothing to worry about. I *think* Chronic patched the forum earlier, so at the very least, the forum should be safer than it was before.

Yeah: but it was gone for like a few hours and now the iframe is "back"...

Well I'm not saying that another "attack" is impossible, but I don't see one... neither here nor on the main index. I see CSS entries for one, and a textbox that utilizes the CSS style... but not an actual iframe. Are you using any plug-ins for the site or something?

Yes, using firefox with "noscript" extension: exactly that extension triggers the warning about inetppui (both iframe, or when I globally allow iframes: javascript)...

Might be a caching problem (I did a ctrl-f5 refresh already though), searching the actual source I didn't find any iframe either :/

EDIT: well the iframe I "see" (when noscript blocks it) leads too:
hxxp://inetppui.com/html/3767/90281401124fd0c93474c063e1cae5b4/
EDIT2: don't have any real knowlenge about webdesign/js but this line seems to be creating the iframe:
*script removed by staff as a security precaution*

Yes there's a virus for sure. Firefox says the site is a reported attack site. I just opened this with Internet Explorer and Norton caught some adclicker thing. This forum has problems...

The virus is gone on my end. I see no trace of it in this page's source, the main page's source, or in my noscript alerts.

EDIT: I apologize, the iframe is still there, see Yourself's post down below.

That's probably an important find, that was one of the links that was listed in the source a bit more obviously yesterday. My guess is that may be a backup or something... Often the more obvious iframe would be removed, while the second would go unnoticed.

What's interesting is that that particular link doesn't show up directly in the source of the page, so you can't find it with a plain search. It probably comes from a little piece of javascript that appears in the source.

I've stopped recieving the viruses (My Anti-Virus software blocked them before (thankfully), otherwise I never would have known). If it was mentioned before that these things have stopped, then forget I ever said anything.

This event has been a bit troublesome to me...just thinking about how this happened. just makes me a bit...uneasy. At least I have great Virus/Spyware software.

I use IE and I have seen no warnings at all. Does that mean that my that my computer didnt found the virus and is insecure?

The websites clear stop thinking its still there.
If there was still a virus here my virus scanner wouldn't of even let me access this as its extremely sensitive.

Cheers

The two most insecure things in a webbrowser are:
- ActiveX (had one that kept turning off auto-update)
- the USER of the browser.

fix those problems and you'll have nothing to worry about

I loaded the site a few minutes ago and it was still here... Then i turned it off and on again and it was gone...

I´m still getting a notice of a virus when I log on... it´s detected by Norton as an attack on my computer and I´m also getting an alert for the trojan Adclicker...

The original iframe that was noticed has been removed, however there have still been some reports of some further problems, as well as the existence of another trickier one, that is encoded and trickier to spot.


One problem with an iframe is the content it leads to can easily or periodically be changed. I wouldn't be surprised if it works on some sort of cycle. Even if there is no warning now, there may be 5 minutes later. Member A could get an alert for a different virus than Member B.

Apparently there was another link to the site hidden a little more cleverly, this has also been removed.

In case you are viewing an older version of the page, please clear your internet cache (aka internet temp files) or press ctrl+f5 to make sure you are viewing the updated theme.

Ok i just did a full system scan (well partly), and i have 271 viruses, status: high, the name's of the virus's are Downloader and Trojan Horses. This is extremely bad, i did the scan last night. But it was on Sunday that i got the virus's

It's not our problem how many viruses are on your computer?

Just because you have a lot of viruses, doesn't mean they all came from the GMC.

Wow I exit this topic then come back about 10 seconds later and 3 people have posted already.. Dang..
Well anyways the virus isn't here I think because my norton isn't acting up anymore.