Hey,
I’m sorry if this is in the wrong forum, but I didn’t really know where to put this,
Recently (earlier today) I went on a website and up pops the “Warning, a virus has been detected!” so I clicked on “Abort connection” does this mean the virus has been put onto my computer? If it makes a difference I didn’t go to download something it was just a text/picture based site
Thanks in advance
then you are safe, avast stopped it
do you have the URL for that website ?
make it unclickabel by posting hxxp and not http
if you dont have it i recomend this program as an extra scanner
http://www.malwarebytes.org/ always run update before you scan
hxxp://world-of-warcraft-gold.com
Thanks for post, i’m running a Thorough Scan atm…only 6%, this shall take ages
P:S I honestly wasn’t buying gold, they had some quest guides on there 
I am getting a " malicious url blocked " …but no IP block from MBAM
and not listed in hpHOST
http://hosts-file.net/default.asp?s=http%3A%2F%2Fworld-of-warcraft-gold.com
So that means…? 
means i don`t no why avast blocked it…maybe correct maybe not…?
Hi Berol and Pondus:
WOT does not like this site, and the trojan downloaders have been reported by users:
Find report here: http://www.mywot.com/en/scorecard/wowgold-us.com
Trojan-PSW.Win32.WOW is a family of trojan spies. The malware steals account information and passwords for the online game World of Warcraft.
World of Warcraft is a fantasy based massively multiplayer online role-playing game (MMORPG) released by Blizzard Entertainment.
The WOW trojan is designed to steal account information in order to allow a remote hacker access to the player’s account. The hacker can then logon and steal the player’s virtual assets by transferring them to another player account. Such assets are often sold or auctioned off for real-world currency. With millions of players, such trojans can easily affect thousands of users.
As of September 2006, there is an estimated seven million active World of Warcraft subscriptions worldwide.
There is this script link to a bad domain: * link - hxtp://js.users.51.la/2672154.js
and this one: * link - hxtp://www.51.la/?2672154
http://www.mywot.com/en/scorecard/world-of-warcraft-gold.com gives malicious content viruses 2
08/04/2009
jamesjr93 says Malicious content, viruses Avast found a trojan. Stay away from this site
01/06/2009
Zooms Malicious content, viruses When i entered it, f-secure blocked a trojan downloader inst …
This is a cleaner alternative: http://wow.igxe.com/
pol
Virscan - 2672154.js - 1/36
http://virscan.org/report/0a983bae15a4fe3f32e68d595bf751ba.html
Virscan - www.51.la.htm - 0/36
http://virscan.org/report/8114358a5d226ea9000204ee2f747967.html
So does this mean I have a trojan? 
If you got the " malicious url blocked " then avast blocked the website and nothing was downloaded… 
But try a quick scan with Malwarebytes
Hi Pondus,
On: http://virscan.org/report/8114358a5d226ea9000204ee2f747967.html
there is a redirect to icon.aijang.net
polonus
Just finished a quick scan on malwarebytes and the results were
Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org
Database version: 4083
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
09/05/2010 17:09:10
mbam-log-2010-05-09 (17-09-10).txt
Scan type: Quick scan
Objects scanned: 123652
Time elapsed: 23 minute(s), 58 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
I’ll take it that means theres nothing to take my WoW password? As it didn’t appear to say it foind any
Hi Pondus,
Analyzing your link to http://virscan.org/report/0a983bae15a4fe3f32e68d595bf751ba.html
because of finding this
51.la 专业̀
I get this being the exploit: http://securityreason.com/exploitalert/8014
polonus