Site Virus?

Discussion in 'Site and Technical Issues' started by Slorcoe, Feb 7, 2012.

  1. Slorcoe

    Slorcoe PEB Forum Regular Member

    Joined:
    May 4, 2009
    Messages:
    103
    Trophy Points:
    33
    Jason,

    Everytime i log on to PEBF from home my Microsoft Security flashes a threat to clean up.. Only on this site though.
  2. commosgt

    commosgt PEB Forum Regular Member

    Joined:
    Sep 5, 2008
    Messages:
    216
    Trophy Points:
    33
    I agree totally! Something is going on! I logged in via my personal laptop as well as at work! And both times I received alerts. I use a enterpise anti-virus at work as I am the IT guy and my corporate security guy called me asking what am I doing! Jason, please have your site reviewed to insure that no one has hacked the site!!

    commosgt
  3. Jeep Freak

    Jeep Freak PEB Forum Regular Member

    Joined:
    Oct 2, 2010
    Messages:
    865
    Trophy Points:
    43
    I've been getting them for about a week now. It says something about fake ads and then it redirects me to ads.
  4. Jason Perry

    Jason Perry Site Founder Staff Member

    Joined:
    May 15, 2007
    Messages:
    10,946
    Trophy Points:
    1,225
    I am not sure what is going on, but I am looking into it. I got an alert from Google webmaster tools that listed several blog posts as the problem along with a few posts. All of the blog posts were "spam-tastic" with links to sites selling pharmaceuticals, so I just deleted those posts. The regular posts, I did not see anything wrong with them, but I deleted them anyway. I checked with the forum software site and the response I got from a few people is that they reviewed the site using three different virus checking software and the site came up as clean.

    I am by no means a technical expert on these things. My initial investigation revealed that if there is an issue, it is likely either something called a base64 decode or an SQL injection attack. So, while I think the site is clear, I am still trying to figure out if there is an issue. Please let me know if you encounter any problems.
  5. Slorcoe

    Slorcoe PEB Forum Regular Member

    Joined:
    May 4, 2009
    Messages:
    103
    Trophy Points:
    33
    TYVM!!!!!!
  6. nwlivewire

    nwlivewire PEB Forum Regular Member

    Joined:
    Jul 27, 2009
    Messages:
    1,675
    Trophy Points:
    98
    I have the same problem on my home laptop, too.

    Just now.
  7. Dfree454

    Dfree454 PEB Forum Regular Member

    Joined:
    Nov 11, 2011
    Messages:
    113
    Trophy Points:
    18
    Same problem as of last night.




    Safe Browsing
    Diagnostic page for pebforum.com/f85

    What is the current listing status for pebforum.com/f85?
    Site is listed as suspicious - visiting this web site may harm your computer.
    Part of this site was listed for suspicious activity 3 time(s) over the past 90 days.
    What happened when Google visited this site?
    Of the 14 pages we tested on the site over the past 90 days, 3 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-02-09, and the last time suspicious content was found on this site was on 2012-02-07.
    Malicious software includes 2 trojan(s), 2 exploit(s), 1 scripting exploit(s). Successful infection resulted in an average of 7 new process(es) on the target machine.
    Malicious software is hosted on 8 domain(s), including c.h1x.com/, allazo.osa.pl/, horrsescorp.in/.
    7 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including gamegoldonline.in/, freepartytube.in/, horrsescorp.in/.
    This site was hosted on 1 network(s) including AS26496 (PAH).
    Has this site acted as an intermediary resulting in further distribution of malware?
    Over the past 90 days, pebforum.com/f85 did not appear to function as an intermediary for the infection of any sites.
    Has this site hosted malware?
    No, this site has not hosted malicious software over the past 90 days.
    How did this happen?
    In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.
    Next steps:
    Return to the previous page.
    If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.
    Updated 6 hours ago
    © Google - Google Home
  8. TXNVYMOM

    TXNVYMOM PEB Forum Regular Member

    Joined:
    Feb 8, 2010
    Messages:
    79
    Trophy Points:
    21
    Same thing here... today.
  9. P3FE

    P3FE PEB Forum Regular Member

    Joined:
    Nov 16, 2011
    Messages:
    46
    Trophy Points:
    0
    i have a MAC, NO ISSUES!!!!! not like that should be surprising though....
  10. Jason Perry

    Jason Perry Site Founder Staff Member

    Joined:
    May 15, 2007
    Messages:
    10,946
    Trophy Points:
    1,225
    Still trying to get to the bottom of this. I can't tell at this point if there is an actual issue or not.
  11. oldsoldier

    oldsoldier PEB Forum Regular Member

    Joined:
    Aug 23, 2011
    Messages:
    45
    Trophy Points:
    21
    So far I have not had a problem, per se with the site, mine is that I'm looking at this on a gov't comp. and everyonce in a while I get the warning about the contents not having a valid security certificate, but other than that no real problems.
  12. nwlivewire

    nwlivewire PEB Forum Regular Member

    Joined:
    Jul 27, 2009
    Messages:
    1,675
    Trophy Points:
    98
    I had problems a couple of days ago, but it seems to have disappeared and am logging in without the warning.
  13. grizz13

    grizz13 PEB Forum Regular Member

    Joined:
    Feb 13, 2012
    Messages:
    2,359
    Trophy Points:
    143
    I am constanly getting a message for blocked content from McAfee on all of this sites pages...
  14. TXNVYMOM

    TXNVYMOM PEB Forum Regular Member

    Joined:
    Feb 8, 2010
    Messages:
    79
    Trophy Points:
    21
    Same problem today...Norton is giving warnings of attacks and I get a popup telling me that if I continue that it could cause my computer to crash. So I cancelled and signed out of the browser and then resigned into the browser, proceeded to website and didn't get any warnings on second try.

    Norton rated these as "High". An intursion attempt by www1.strong-masterxd.uni.me and kurazgdanc.in
  15. Dfree454

    Dfree454 PEB Forum Regular Member

    Joined:
    Nov 11, 2011
    Messages:
    113
    Trophy Points:
    18
    I got the message again today....
  16. nwlivewire

    nwlivewire PEB Forum Regular Member

    Joined:
    Jul 27, 2009
    Messages:
    1,675
    Trophy Points:
    98
    I am still getting Google search blocks when I Google for specific issues and your Forum comes up as a possible click site for an answer to a specific question. It says it won't let me enter that specific site on your Forum and says the Forum may be a virus site.

    It asks the Forum site admistrator to contact Google for additional information.

    I am however, able to go directly to pebforum.com. But in my searching to specific answers, when the forum spot does come up, I can't access this site very often that way.

    And it makes others who are searching for answers think your entire website may be viral.

    OK Jason. Knowledge is power. Is this a military IT conspiracy or what?
    hahaha
    nwlivewire
  17. buckstr

    buckstr PEB Forum Regular Member

    Joined:
    Nov 24, 2009
    Messages:
    164
    Trophy Points:
    33
    You can now add me to the list of those having this problem. I keep getting a "Reported Attack Site" Warning when I try to view most of the posts.
  18. Jason Perry

    Jason Perry Site Founder Staff Member

    Joined:
    May 15, 2007
    Messages:
    10,946
    Trophy Points:
    1,225
    I have employed my technical smart guy to look into the issue. This is in addition to the near term migration to a new forum software platform. Hopefully, this issue will be resolved shortly and all members will have a better forum experience. I don't know if we are talking hours, days, or (hopefully sooner than this) weeks, but things should be fixed before long.
  19. commosgt

    commosgt PEB Forum Regular Member

    Joined:
    Sep 5, 2008
    Messages:
    216
    Trophy Points:
    33
    Jason, one thing I noticed the last couple of days is that somehow someway someone hacked the code to your site and embedded viral code so that it re-directs you to another site which in turn tries to install a virus onto a members system. I am seeing a lot of "hi5" virus code as well as other re-directs. Hope this helps but I suggest bringing the site down and run forensics. I would not do a software upgrade to the site until this has been done and verified due to if the code is embedded and no resolution, then when you do the upgrade it will still be there. Just food for thought and only my opinions and suggestions.

    commosgt
  20. kelly29207

    kelly29207 Member

    Joined:
    Feb 2, 2012
    Messages:
    57
    Trophy Points:
    8
    Jason,
    Just as a heads up..every time after I access your site, I run spybot. Problems it brings up as malware/adware are BurstMedia, CasaleMedia, DoubleClick, MediaPlex, and Zedo. I keep my computer very clean, and have done kind of a test to see if this is where it's coming from..turns out..I'm sorry to say, it is. Hope that you can get this fixed soon as I love this site!

    Tks!

Share This Page