Really weird, I was warned by the search engine and then by my AV proggy that grimy's contained malicious code. Is he fighting back? Not sure what the deal is, anyone else having probs?

McAfee didn't detect anything when I went to the site and nothing showed in Yahoo and Google's search as being bad (McAfee SiteAdvisor). But some AVs catch what others don't.

               / Promethius / Enigma / Wolfen /

"A man who has no skills can be taught, a man who has no honor has nothing."

How in the world would a site like grimy's have anything malicious?

There are more false positives than there are actual viruses it seems.

Thats what I thought was weird, it was through google first off. I thought that has to be one of those situations where it is a false positive. So I visited the site and my AV proggy went nutz....but then when I tried to d/l something it would say server down. I don't know I was asking if anyone else has any issues...thanks for the input Ill have to see whats up on my end.

I think it is the new version of firefox, mine did it today when I did the new update.

Grimy Trader - Scrubbed Clean!

On Aug. 18th, someone was able to FTP a modified file into the site that redirected visiting browsers to download something from another site. The code has been removed and the FTP security has been fully revamped so that it can't happen again. Google has also re-scanned the site and removed their warning screen.

I've run multiple virus scans on my computer and found nothing. I don't know that anything actually got downloaded or installed, but I encourage you to scan your PC just to be safe. The code was only up on the site between Aug 18th and the 22nd.

I know the IP address that the malicious FTP originated from and am following up with the provider.

Sorry for the hassle, I'm still trying to figure out how they got in. Seems like either an attack on the host server or a brute force thing. But the Grimy Trader isn't a real high-profile target. You know, he likes to keep a low-profile!

It's safe to visit. If you run into any problems, please let me know!

RammaR

I built a website for a local restaurant here and it had the exact same thing happen to it. I had an ftp account as part of the Joomla installation and that is how he got in.

I took similar steps and beefed up the password on the ftp account. I also blocked the IP which was an overseas address. This happened about 3 weeks ago and shocked the heck out of me. I had never seen an instant forced download of that nature before and prior to that always thought the need for anti-virus scanning and real-time protection was overblown. I am sure a bunch of you reading this are thinking that you have to click on something or allow an activex script to run - No and no. I am glad to hear Grimy's is back. But, anyone that visited it recently should run MalwareBytes and a full anti-virus scan (something like Avast) just to be safe.

Awsome RammaR! Glad you got that fixed, it was really strange cause I had visited the site a few days before and it was fine, then I got all these warnings from google and from my AV software a few days later. I knew I wasn't crazy...well nah I am crazy...

Either way thanks for your support and work man!

Grimy is offline for a few days, should be back up shortly - may be changing hosting services....

Yell at us when you are back

Helix