UPDATE? HELLO, ANYONE HOME?
Still getting this on Firefox:
Reported Attack Site!
This web site at www.auctiva.com has been reported as an attack site and has been blocked based on your security preferences.
Attack sites try to install programs that steal private information, use your computer to attack others, or damage your system.
Some attack sites intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.
Reported Attack Site!
This web site at www.auctiva.com has been reported as an attack site and has been blocked based on your security preferences.
Attack sites try to install programs that steal private information, use your computer to attack others, or damage your system.
Some attack sites intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.
Here is exactly what GOOGLE is reporting at about noon MST:
What is the current listing status for auctiva.com?
Site is listed as suspicious - visiting this web site may harm your computer.
Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.
What happened when Google visited this site?
Of the 45 pages we tested on the site over the past 90 days, 5 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-02-21, and the last time suspicious content was found on this site was on 2009-02-21.
Malicious software includes 6 scripting exploit(s), 6 trojan(s). Successful infection resulted in an average of 10 new processes on the target machine.
Malicious software is hosted on 2 domain(s), including luckffxi.com/, auctlva.com/.
1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including me9x.cn/.
This site was hosted on 3 network(s) including AS16509 (AMAZON), AS174 (COGENT), AS14744 (INTERNAP).
Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, auctiva.com did not appear to function as an intermediary for the infection of any sites.
Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.
A FIX NOW WOULD CERTAINLY BE NOT ONLY HELPFUL BUT APPROPRIATE!!!
What is the current listing status for auctiva.com?
Site is listed as suspicious - visiting this web site may harm your computer.
Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.
What happened when Google visited this site?
Of the 45 pages we tested on the site over the past 90 days, 5 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-02-21, and the last time suspicious content was found on this site was on 2009-02-21.
Malicious software includes 6 scripting exploit(s), 6 trojan(s). Successful infection resulted in an average of 10 new processes on the target machine.
Malicious software is hosted on 2 domain(s), including luckffxi.com/, auctlva.com/.
1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including me9x.cn/.
This site was hosted on 3 network(s) including AS16509 (AMAZON), AS174 (COGENT), AS14744 (INTERNAP).
Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, auctiva.com did not appear to function as an intermediary for the infection of any sites.
Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.
A FIX NOW WOULD CERTAINLY BE NOT ONLY HELPFUL BUT APPROPRIATE!!!
I'd like to add that firefox and IE are now also blocking auctiva or reporting it as an attack site
The bigger issue here, is that some of us that are on the bad servers, have auctions going. While these auctions and their pictures are still viewable. Having a customer click to enlarge a picture, and getting A TROJAN ATTACK notice, makes for NON-Sales. I would rather you pull all the servers, then leave them up with the problem. At least my customers will more than likely come back, instead of thinking I'm a hacker.
MY thought exactly... I have already been contacted by 6 different potential buyers in regards to this. How long before they complain to Ebay and they pull listings?
And yet.. still no update since 6:44 PM yesterday??
And yet.. still no update since 6:44 PM yesterday??
mmmm..something odd going on here. When I visit the Auctiva home page I no longer get the AVG virus warning and I am logged out yet I don't remember doing so.
Also, there is a flashing ALERT message button at the top of the page. When I mouse over it there are no details appearing in the taskbar at the bottom of my screen but details appear when I mouse over all other buttons.
Is this an genuine alert from Auctiva? I'm afraid to click on it!
Also, there is a flashing ALERT message button at the top of the page. When I mouse over it there are no details appearing in the taskbar at the bottom of my screen but details appear when I mouse over all other buttons.
Is this an genuine alert from Auctiva? I'm afraid to click on it!
If you are on a problem server you get a page load error right now. There has not been a single fully operational weekend since two weeks before Christmas.
So it is now Saturday afternoon EST... what's the latest Tech Support?
[QUOTE]Originally posted by morcovelo:
When a customer clicks on a picture link it will take them to the page that states it is a reported attack site. Big red box, very intimidating like I am trying to attack their computer myself.
So, any listings that I have done since last night are infected?
When a customer clicks on a picture link it will take them to the page that states it is a reported attack site. Big red box, very intimidating like I am trying to attack their computer myself.
So, any listings that I have done since last night are infected?
I am not receiving any messages at all when I click on pictures from auctions that were listed last night or today.
I don't think that is happening to everyone.
I don't think that is happening to everyone.
I don't know about any listing posted yesterday, but I can tell you that it is affecting ALL 250 of my listings active on ebay right now with the pics being hosted by Auctiva. People are emailing me and such... I am just waiting for it to get back to Ebay and then they pull my listings!
And yet... still no update!! Is anyone from Auctiva there?
And yet... still no update!! Is anyone from Auctiva there?
There is a new annoncement saying the problem is fixed ... it is not. I still get the warning in FireFox but not in IE.
It is not the pictures that are infected it is when the viewer goes to the auctiva site hosting the pics. That is when they can get the warning.
It is not the pictures that are infected it is when the viewer goes to the auctiva site hosting the pics. That is when they can get the warning.
Google is still giving the Reported Attack Site! warning/block. I have removed cache and figured that was why I still got the warning but it is still not allowing me to open the auctiva site. I think they have to clear this up with Google!
The announcement reads ...
"I just heard from our IT team and am pleased to report that users should not longer receive warnings from their antivirus software while on the Auctiva website."
I still get the warning so this is not true. Tried clearing cache etc. but still the same problem.
And I thought eBay had glitches.
"I just heard from our IT team and am pleased to report that users should not longer receive warnings from their antivirus software while on the Auctiva website."
I still get the warning so this is not true. Tried clearing cache etc. but still the same problem.
And I thought eBay had glitches.
When I go to ebay and one of my auctions, if I click on the link on the moving gallery that says "Click here to browse all my ebay items" I get the Site attack message. This is because it is taking you to the Auctiva ebay listing store. The regular pictures of my auctions are not affected.
If this is fixed now, Auctiva has to clear this with Google!
If this is fixed now, Auctiva has to clear this with Google!
Yea I had posted the news allert link up on twitter and got an email fomr them
Uh oh! We found a bad apple in your Twitter feed.
We detected a link in your account pointing to a phishing site or other harmful material that we identified as malware. Here's the troublesome post:
"Antivirus Warnings on Auctiva Website (2/20/09) [ your unsafe link was here ]"
February 20, 2009 20:48
We removed this update from Twitter. Please be mindful of others in the Twitter community, and post only safe links on Twitter.com.
Thanks! Twitter Support
Uh oh! We found a bad apple in your Twitter feed.
We detected a link in your account pointing to a phishing site or other harmful material that we identified as malware. Here's the troublesome post:
"Antivirus Warnings on Auctiva Website (2/20/09) [ your unsafe link was here ]"
February 20, 2009 20:48
We removed this update from Twitter. Please be mindful of others in the Twitter community, and post only safe links on Twitter.com.
Thanks! Twitter Support
quote:Originally posted by Sabatur Pro Audio:
I don't know about any listing posted yesterday, but I can tell you that it is affecting ALL 250 of my listings active on ebay right now with the pics being hosted by Auctiva. People are emailing me and such... I am just waiting for it to get back to Ebay and then they pull my listings!
And yet... still no update!! Is anyone from Auctiva there?
I just deleted all of the listings that were done from last night to today. And I think it was right up there with your amount. I didn't list them yet. So, clean up isn't bad. Just a bunch of time wasted. I am sure auctiva is not at fault - just super frustrating!
I hope this is fixed.. I mean will ebay start pulling all of our listings?
I do not get the error on Camino, but Safari and Firefox both give me the Red Screen of Fear.
At least I've been able to work around this using Camino. No errors through Ebay there, either.
However, it sickens me that potential bidders are being scared away from my listings.
Mike said this was fixed - but not so.
At least I've been able to work around this using Camino. No errors through Ebay there, either.
However, it sickens me that potential bidders are being scared away from my listings.
Mike said this was fixed - but not so.
Hi everyone - just logged on after abandoning Auctiva lately - fed up with messages about viruses everytime I logged on - to see that the problem has been fixed & closed. Not so sure Auctiva - just got the following from AVG - WARNING (TROJAN) & INFECTION re EXPLOIT.FLASH 21/02/09 21:43
Thankfully they are in my virus vault.
Also checked some photos on a listing to find the following that I didn't put in there:
countercredit.gif & deadflashcounter.jpg
Suggest people check their image downloads on auctiva hosting and delete asap.
Hope this is useful.
Thankfully they are in my virus vault.
Also checked some photos on a listing to find the following that I didn't put in there:
countercredit.gif & deadflashcounter.jpg
Suggest people check their image downloads on auctiva hosting and delete asap.
Hope this is useful.
Firefox keeps displaying an ATTACK SITE WARNING every time you go to Auctiva or change the page there. On ebay if you try to supersize a picture the attack site page comes up. If you turn off the display warning box in the Firefox security section it stops.
Yes.. IE seems to be working now. But Firefox is still an issue no matter what they are saying
A few of our auctiva.com web servers have been pulled out to do some emergency repairs. This means we are running on fewer servers than normal and the site will be running slower than normal. Friday 7:30pm update: We are faster than earlier today, but are continuing to rotate servers in and out and are still not at full capacity. Planning to be back to full capacity Saturday afternoon.
Riiiiiiiiiiiiiight.
Still waiting to hear from a legal speaking agent for Auctiva regarding whether or not our personal information has been compromised.
Vendio, here I come!!
Riiiiiiiiiiiiiight.
Still waiting to hear from a legal speaking agent for Auctiva regarding whether or not our personal information has been compromised.
Vendio, here I come!!
I would consider Vendio but looking at their pricing, I think my total fees for ebay would more than double. It is hard enough making any money on ebay without doubling my direct expenses.
I agree.. Ebay's fees are bad enough without adding more expenses and less profit.
Obviously, I am a little upset right now because of what's going on but I have to say, I will still stick Auctiva (unless another great item comes along). I have been using them for over a year now and this is the FIRST real issue I have seen. Although to me, this is big!
I guess I would just feel a lot better (and more secure) if SOMEONE from Auctiva would just keep us posted. This is what is making me lose confidence. The idea that these posts have been going on all day and not one respnse. A little pathetic actually.
Obviously, I am a little upset right now because of what's going on but I have to say, I will still stick Auctiva (unless another great item comes along). I have been using them for over a year now and this is the FIRST real issue I have seen. Although to me, this is big!
I guess I would just feel a lot better (and more secure) if SOMEONE from Auctiva would just keep us posted. This is what is making me lose confidence. The idea that these posts have been going on all day and not one respnse. A little pathetic actually.
They HAVE been posting updates in this thread
Posted February 21, 2009 03:05 PM
Hi Community,
Update - If you are using the Firefox browser and are unable to use your account because you are receiving a warning stating the Auctiva is an "attack site", you should be able to workaround it by selecting "Options" from the "Tools" menu and disabling the "tell me if the site I’m visiting is a suspected attack site" setting under the "Security" tab.
We have removed what was causing that warning to be displayed from our systems but that warning is still showing up because we need to be rescanned by Google, which we are going to do as soon as we finish up the work we're doing.
If you have any questions, please feel free to contact our customer support team using the web form on the following page of our site: http://www.auctiva.com/help/requesthelp.aspx. I'll post further updates to this thread as additional information becomes available.
-Mike
Posted February 21, 2009 03:05 PM
Hi Community,
Update - If you are using the Firefox browser and are unable to use your account because you are receiving a warning stating the Auctiva is an "attack site", you should be able to workaround it by selecting "Options" from the "Tools" menu and disabling the "tell me if the site I’m visiting is a suspected attack site" setting under the "Security" tab.
We have removed what was causing that warning to be displayed from our systems but that warning is still showing up because we need to be rescanned by Google, which we are going to do as soon as we finish up the work we're doing.
If you have any questions, please feel free to contact our customer support team using the web form on the following page of our site: http://www.auctiva.com/help/requesthelp.aspx. I'll post further updates to this thread as additional information becomes available.
-Mike
And here I was checking the original thread they started... don't know what I was thinking! Didn't think they atsrted another thread....
my sister is a mere 5 miles away from me & still gets the warnings.
she uses firefox like i do but when changing the security as i did she still can't access AUCTIVA
the change in securtiy settings DID help me
she is on a mac i'm not
is there anything she can do to get on
she is going nutz & won't stop harassing me with annoying help me phone calls!
so pleeeeeeeez help us both!!! LMAO
she uses firefox like i do but when changing the security as i did she still can't access AUCTIVA
the change in securtiy settings DID help me
she is on a mac i'm not
is there anything she can do to get on
she is going nutz & won't stop harassing me with annoying help me phone calls!
so pleeeeeeeez help us both!!! LMAO
quote:Originally posted by Sabatur Pro Audio:
Yes.. IE seems to be working now. But Firefox is still an issue no matter what they are saying
Yea, I am able to use IE, but not Firefox. I did a scan and found a TROJAN. I really am at a loss at what to do. I am not a techie. So, I don't know how this virus and the Mcafee works. After the scan, I didn't see anything stating it was gone or for me to delete it. It is on the old 'kids' computer. If anyone knows if Mcafee automatically removed it, please let me know.
quote:my sister is a mere 5 miles away from me & still gets the warnings.
she uses firefox like i do but when changing the security as i did she still can't access AUCTIVA
the change in securtiy settings DID help me
she is on a mac i'm not
is there anything she can do to get on
she is going nutz & won't stop harassing me with annoying help me phone calls!
so pleeeeeeeez help us both!!! LMAO
I am on a MAC too. Tell her to use Safari and to click the ignore warning button when the page loads. She will get the auctive start page to log in.
Oops...I take that back. I can't log in either. I keep hitting the ignore warning button and it keeps looping back.
Tech support help!
Tech support help!
Mcaffee should automatically take care of it if it was found by Mcaffee. You might try scanning again!
Nowhere near fixed. Google keeps scanning and showing more and more infections on their test. The virus remains active and we get nothing from Auctiva for hours on end.
quote:Originally posted by iceman:
Nowhere near fixed. Google keeps scanning and showing more and more infections on their test. The virus remains active and we get nothing from Auctiva for hours on end.
Ok, apparently virus free. I will scan again when I log off.
I am scanning my system using Norton evertime I log off but the information that I posted was what google is showing for the auctiva site and 2 out of the 3 servers it is using to cause the Firefox warning messages. Google is doing it at their end, not mine.
Ok.. this is a little ridiculous. So now checking the NEW thread they started, I see no update. Have they started yet another to let us know?
And the answer is to turn off the security check? So then I am vulnerable for other sites?
So yesterday i said that I would stay with Auctiva... today I am re-thinking this.
And the answer is to turn off the security check? So then I am vulnerable for other sites?
So yesterday i said that I would stay with Auctiva... today I am re-thinking this.
The problem is that buyers get that message when they click on an image in your eBay listing if they are using Firefox. And a lot of people use Firefox.
Yes, I will just tell my customers to turn off their security... they will be fine with that
Hi Folks,
If you are getting repeated warnings from your Antivirus and/or system messages, like "Data Exception Protection", it's probable that your system is infected with a Trojan that's persistent and keeps attempting to infect from that China site. From Google's analysis, it's apparent that there are muliple possible trojans and downloaded viruses involved. Some may be very diffcult or nearly impossible to clean 100%. After recognizing that possibility, here's what I did with one XP system that did get infected and needed a restore.
1. I removed/unplugged the system from the network, i.e. the persistent route of infection is from the China site. That at least breaks the connection for added infection and/or theft of personal info.
2. I rebooted the system to Safe Mode (press and hold F8 key during boot for menu).
3. I used System Restore to restore to a point prior to the infection, as follows:
3a. From Desktop, select Start -> All Programs -> Accessories -> System Tools -> System Restore
3b. From the Welcome to System Restore window, select "Restore my computer to an earler time" (default) and "Next>" button.
3c. From the Select a Restore Point window, you'll see a Calendar where the bolded dates indicate the system has available restore points. Select an available date prior to the probable infection. February 18th or earlier should be Safe, given the reports started on the 20th. Select "Next>" button and continue.
3d. The restore should commence with a final reboot when complete.
4. On reboot, goto System Properties, Remote Tab, and unSelect "Remote Assistance" and "Remote Desktop" features (precautions).
4a. (UPDATE: added 2/24) Follow steps posted on this thread by Auctiva Mike to clear your browser cache. Note, I did do this step and forgot to add it to my original post. Thanks to the person who started this thread for the warning on route of infection.
https://community.auctiva.com/e...?r=92410481#92410481
5. Run checks including Microsoft's Malicious Software Removal Tool to verify or their One Care Safety Scanner. Reconnect to the net to get the tools.
http://www.microsoft.com/secur...eremove/default.mspx
Any new programs or updates installed post the recovery will require reinstall.
Any data, eMail, etc. should be retained post restore without a problem.
Hope this helps those with badly infected XP or Vista systems.
(UPDATE: added 2/24) Please follow advise posted my Mike and Kevin at Auctiva. I'm offering this procedure as another alternative, not an officially sanctioned method by Auctiva.
Danno
If you are getting repeated warnings from your Antivirus and/or system messages, like "Data Exception Protection", it's probable that your system is infected with a Trojan that's persistent and keeps attempting to infect from that China site. From Google's analysis, it's apparent that there are muliple possible trojans and downloaded viruses involved. Some may be very diffcult or nearly impossible to clean 100%. After recognizing that possibility, here's what I did with one XP system that did get infected and needed a restore.
1. I removed/unplugged the system from the network, i.e. the persistent route of infection is from the China site. That at least breaks the connection for added infection and/or theft of personal info.
2. I rebooted the system to Safe Mode (press and hold F8 key during boot for menu).
3. I used System Restore to restore to a point prior to the infection, as follows:
3a. From Desktop, select Start -> All Programs -> Accessories -> System Tools -> System Restore
3b. From the Welcome to System Restore window, select "Restore my computer to an earler time" (default) and "Next>" button.
3c. From the Select a Restore Point window, you'll see a Calendar where the bolded dates indicate the system has available restore points. Select an available date prior to the probable infection. February 18th or earlier should be Safe, given the reports started on the 20th. Select "Next>" button and continue.
3d. The restore should commence with a final reboot when complete.
4. On reboot, goto System Properties, Remote Tab, and unSelect "Remote Assistance" and "Remote Desktop" features (precautions).
4a. (UPDATE: added 2/24) Follow steps posted on this thread by Auctiva Mike to clear your browser cache. Note, I did do this step and forgot to add it to my original post. Thanks to the person who started this thread for the warning on route of infection.
https://community.auctiva.com/e...?r=92410481#92410481
5. Run checks including Microsoft's Malicious Software Removal Tool to verify or their One Care Safety Scanner. Reconnect to the net to get the tools.
http://www.microsoft.com/secur...eremove/default.mspx
Any new programs or updates installed post the recovery will require reinstall.
Any data, eMail, etc. should be retained post restore without a problem.
Hope this helps those with badly infected XP or Vista systems.
(UPDATE: added 2/24) Please follow advise posted my Mike and Kevin at Auctiva. I'm offering this procedure as another alternative, not an officially sanctioned method by Auctiva.
Danno
Add Reply
Sign In To Reply