Malware Warnings

Discussion in 'Website discussion' started by shudder, Sep 21, 2011.

  1. shudder

    shudder no big deal

    Joined:
    Feb 2, 2007
    Messages:
    2,577
    Likes Received:
    0
    Trophy Points:
    36
    Occupation:
    Sr. Systems Administrator - Disney Animation
    Location:
    Calabasas, CA
    Home Page:
    ^^ Thanks, Gene. You da man.

    - shud
     
  2. DirtyGirlMonkey9

    DirtyGirlMonkey9 New Member

    Joined:
    Dec 30, 2009
    Messages:
    71
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Aliso Viejo, CA
    I'm getting the warnings on the main screen now.
     
  3. bing!

    bing! Active Member

    Joined:
    Jul 24, 2010
    Messages:
    3,220
    Likes Received:
    3
    Trophy Points:
    38
    The Pub tagged as an attack site....

    Ive been getting the odd "attack blocked" warning viewing threads on STR. Also a few "certificate expired" notes. A few minutes ago, Norton Security just blocked the entire "The Pub" forum as a reported attack site.

    Waddup with that? I remember someone asking about a similar issue. Any thoughts appreciated. How to avoid? Work around? Is there an evil mirror site?

    Sorry to post here, can't get into The Pub disabling my security. There must be some mistake here. Thought the mods should know.

    Here's a screen capture.

    [​IMG]
     
  4. LBmtb

    LBmtb good times

    Joined:
    Oct 27, 2004
    Messages:
    4,568
    Likes Received:
    12
    Trophy Points:
    38
    Occupation:
    software engineer
    Location:
    Long Beach
    Have consulting work to catch up on tonight but I'm making time tomorrow night to update our vBulletin and check things out on the server. Keep posting any info you have about the issues including screenshots and other relevant details. If you're on Windows or just want to be super safe I'd recommend disabling javascript when browsing STR until we know for sure that it's clean.
     
  5. bing!

    bing! Active Member

    Joined:
    Jul 24, 2010
    Messages:
    3,220
    Likes Received:
    3
    Trophy Points:
    38
    Just posted about it. Then i found this thread again. I have the same warnings.
     
  6. dirtmistress

    dirtmistress AKA Roadiemistress

    Joined:
    Jul 2, 2007
    Messages:
    5,727
    Likes Received:
    1
    Trophy Points:
    38
    Gender:
    Female
    Occupation:
    retired
    Location:
    MDR adjacent
    OMFG!! My computer is growing hair! SH*T! Outta here!
     
  7. Mongo

    Mongo Chewyeti "MongOHNO!"

    Joined:
    Jan 4, 2010
    Messages:
    1,129
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    measurement tech.
    Location:
    Lakewood, Ca
    tried to load the print screen, epic pail... this site is no bueno
    [​IMG]
     
  8. shudder

    shudder no big deal

    Joined:
    Feb 2, 2007
    Messages:
    2,577
    Likes Received:
    0
    Trophy Points:
    36
    Occupation:
    Sr. Systems Administrator - Disney Animation
    Location:
    Calabasas, CA
    Home Page:
    Load the print screen...

    Epic pail...

    No bueno...


    Huh? Yo no se. What are you on about?...

    - shud
     
  9. shudder

    shudder no big deal

    Joined:
    Feb 2, 2007
    Messages:
    2,577
    Likes Received:
    0
    Trophy Points:
    36
    Occupation:
    Sr. Systems Administrator - Disney Animation
    Location:
    Calabasas, CA
    Home Page:
    I see you're back on line George, with some time to spare...[​IMG]Sadly -- the Time Killing Thread is still dogging us with malware warnings.Thanks for your work on this!- shud
     
  10. LBmtb

    LBmtb good times

    Joined:
    Oct 27, 2004
    Messages:
    4,568
    Likes Received:
    12
    Trophy Points:
    38
    Occupation:
    software engineer
    Location:
    Long Beach
    Things went relatively smoothly. Locked down access a bit more, changed passwords, updated the forum software, scanned the server for rootkits, and put in a ticket to the host to update other software (mail server, ssh, etc).

    The likely culprit was hidden in a few forum templates. A line of code was essentially embedding a tiny hidden image from a server in Germany (for those who are interested: http://whois.gwebtools.com/hqhrt.com). Took those out. The warning messages won't go away until next time Google scans the pages - assuming I found all the infections.

    Note: I sent in a request to Google for them to scan the site. Hopefully within the next day or so we'll know the final verdict.
     
    Last edited by a moderator: Sep 24, 2011
  11. kyle M

    kyle M Dirty Drunx

    Joined:
    Aug 5, 2009
    Messages:
    878
    Likes Received:
    0
    Trophy Points:
    0
    Occupation:
    drinking and riding
    Location:
    CORONA, CA
    thx! i got my fix Before i started having withdraws! S!!!!!!!!ck
     
  12. speckledtrout

    speckledtrout Active Member

    Joined:
    Jul 28, 2007
    Messages:
    2,442
    Likes Received:
    0
    Trophy Points:
    36
    Occupation:
    actor
    Location:
    Silverlake in Los Angeles
    Hey now, are you one of those Mac haters I've heard so much about?I have had no problems on my iMac or iPad. I have, however, gotten some big ol' red flags on my work PC and my shitty Droid phone.
     
  13. UPSed

    UPSed SPECIALizED

    Joined:
    Sep 8, 2008
    Messages:
    1,132
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Simi Valley
    Don't know if it's related to the fix but the group tab opens up the classifieds. :-k
     
  14. LBmtb

    LBmtb good times

    Joined:
    Oct 27, 2004
    Messages:
    4,568
    Likes Received:
    12
    Trophy Points:
    38
    Occupation:
    software engineer
    Location:
    Long Beach
    Oops. My fault - fixed now. Thanks for the heads up.
     
  15. genusmtbkr5

    genusmtbkr5 STR Moderator

    Joined:
    Mar 5, 2007
    Messages:
    8,618
    Likes Received:
    3
    Trophy Points:
    38
    Gender:
    Male
    Occupation:
    Lead Aircraft Mechanic for Major Airline at LAX
    Location:
    South Bay/Pedro
    Thanks George. I like to new feature of "Auto-Saved" when posting. So many times I lost text because the computer dropped offline.
     
  16. shudder

    shudder no big deal

    Joined:
    Feb 2, 2007
    Messages:
    2,577
    Likes Received:
    0
    Trophy Points:
    36
    Occupation:
    Sr. Systems Administrator - Disney Animation
    Location:
    Calabasas, CA
    Home Page:
    Yeah, I should have written in a thank you as well, George. Cool new stuff. Editor is real nice now -- lots of readily available options in there right at your fingertips now. Woot!

    So... thanks!

    - shud
     
  17. bvader

    bvader Long Live The Gorn!

    Joined:
    Jan 19, 2008
    Messages:
    2,940
    Likes Received:
    0
    Trophy Points:
    36
    Occupation:
    Tech Guy
    Location:
    Huntington Beach
    Just got this on a classified page today @ 10:50 Kaspesky detected

    10/12/2011 10:50:45 AM Suspicious malicious URL AD240F5F32519E05 http: //www. oxysatt. cjb. net/mja59s7n/?2 High

    BTW DO NOT CLICK ON THE URL
     
  18. MohammedInABearSuit

    MohammedInABearSuit Sticks and Stones...

    Joined:
    Feb 15, 2008
    Messages:
    2,566
    Likes Received:
    0
    Trophy Points:
    36
    Google reporting STR as attack site

    FYI, Just got blocked by Google's malware check this AM:
     
  19. JoeTruth

    JoeTruth Active Member

    Joined:
    May 29, 2007
    Messages:
    4,086
    Likes Received:
    1
    Trophy Points:
    36
    Location:
    Sierra Madre, CA
    I believe it's a binary code bug, having to do with 11-11-11. This is the beginning of the end as we know it. Good luck to us and more importantly, good luck to the others!
     
  20. Heyitsdave

    Heyitsdave Member

    Joined:
    Jun 27, 2009
    Messages:
    925
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Fullerton
    Yes, Firefox will not load the site and google chrome gives a malware warning prior to loading.
     

Share This Page

Help keep STR alive, please click the donation button below