Web Attack: Malicious Toolkit Website 9

vayumedia · ‎09-19-2011

I use Symantec Endpoint protection and I own http://www.vayumedia.com .

I had a few of my website's visitors tell me that they thought I had a virus on my website. When I opened my website I recevied the Norton Pop Up: [SID 24089] Web Attack: Malicious Toolkit Website 9. I receive it in Internet explorer sometimes and sometimes not.

I ran the URL thru:

Norton Safe Web: Safe

AVG Tool: Safe

GoogleSafeBrowsing: Safe

UrlVoid.com: Safe

Online Link scan: safe

Dr. Web: Safe

We couldn't find anything on the website. I am at a loss why Norton is reporting this.

What can I do to detect the issue and remove it from the website? Or is this a false reporting issue?

SendOfJive · ‎02-07-2009

Have you tried going to your site by clicking on a link in a Google search? Sometimes these types of attacks will only be triggered if there is a referrer. The fact that the attack does not launch on every visit does not mean there is not an infection - many of these are randomized to evade detection. It may not be a false positive.

vayumedia · ‎09-19-2011

I couldn't replicate it this moment but I had enough of the warning pop-ups and feedback from visitors that I do think it is real.

However, I don't know what tools I can use to remove this problem form the website.

delphinium · ‎11-21-2008

Norton is identifying 129.121.39.173/home/index.php. if that helps at all. I am not affected on Firefox because NoScript stops the script from running. It is recognized on Internet Explorer immediately and blocked.

Under certain circumstances profanity provides relief denied even to prayer.
Mark Twain