It seems this site hasent been blacklisted by avast. I recently visited this website thinking it was part of kerbalspaceprogram.com however it seems to be a fan site. When looking into the securi site scan this website seems to have malware.

URL visited: kerbalspaceprogram.net/privacy-policy (DO NOT GO TO THIS ADDRESS…)
Affects: Unknown Site Host Affects: Bad plugin on wordpress http://labs.sucuri.net/db/malware/malware-entry-mwiframehd202
Malware type: iFrame injection Diagnosis: http://sitecheck.sucuri.net/results/www.kerbalspaceprogram.net/privacy-policy
Blacklist: Hasent been Blacklisted yet, This seems to be an injection into the wordpress site.

Virus Total Scan: Green https://www.virustotal.com/en-gb/url/448b52271d9c6555f309120eb511f54ca036569924bd3f9c366bcf4b69fef300/analysis/1363898822/
Additional Scans pointing towards possible phishing scam? http://www.phishtank.com/phish_detail.php?phish_id=1768044

Any help on detecting and clearing this up? In addition mods should note that a previous post i had has been put on hold for some strange reason
Thanks
OliPicard

edit your post and remove www from the link so it is not clickable

VirusTotal
https://www.virustotal.com/en-gb/file/58f0dc1eb771150bf9f8cdf1e216eda6ae8534b1de46e39823751eb1d6e02d0c/analysis/1363898701/

Hi Pondus, Have done as you have requested. (Sorry about that.)

Thanks…then we avoid click accidents

Should i run Mbam/CCleaner/Combofix/OTL? It may be time for Essexboy!

should note that sucuri saw this as this type of signature. http://labs.sucuri.net/db/malware/malware-entry-mwiframehd202 MW:IFRAME:HD202

you may do that… AdwCleaner / Malwarebytes / OTL / aswMBR
you find the guide at top in this forum section

Tracing site, Will post anything i can find. First site seems clean until you see its redirecting people to another bit.ly site It seems to be a middleman attack. http://www.phishtank.com/phish_detail.php?phish_id=1768044 note it seems this site may have just been infected. This isnt good.

Running MBAM, shall post log, After that will run aswmbr

Mbam log

Just tried to run ASWMBR however this poped up and refused to go away.
Also provided this link http://cima.security.comodo.com/report/5203462c9e1a600682aedf312e89f35cb1c7fe9b.htm

Running OTL shall post log

That is blocking aswmbr

OTL log + extras log

Shall go ahead and scan ASWMBR now

Yep turn off comodo though

Consider this: http://www.blog.web6.org/adsense-plugin-wordpress-are-you-sure-it-is-safe/ (link article author = KIMI)
See

185: < !-- Google Ads Injected by Adsense-Insert - wXw.naeem.pk → < a href=“htXp://www.naeem.pk”> < /a> < if​rame src=“http://wXw.naeem.pk/ai.html” width=“0” height=“0” frameborder=“0” marginwidth=“0” marginheight=“0”> < / if​rame >

polonus

aswMBR log attached. Was able to mark it as a false postive. Not sure why it did that as it was disabled…

So far nothing untoward in those scans, Steam has some ports open for that site. But, again looks ok

Hi Polonus, Glad to see you here! Yeah ive looked at the securi scan and it seems in the additional info tab to be redirecting people to a phishing site (which has just been indentified today.)

Am alittle worried to say the least.