Jump to content


Photo
- - - - -

Viruses On This Site


  • Please log in to reply
41 replies to this topic

#1 Volga Boatman

Volga Boatman

    Dishonorably Discharged

  • Dishonorably Discharged
  • PipPipPipPipPipPipPip
  • 1,640 posts

Posted 06 September 2011 - 03:12 PM

Lately, I have been encountering one virus after another on this site.

I am lucky my machine is mostly protected with anti-v software. On a site that is policed by the moderators and owners, why does this keep happening?

What steps are the managment taking here to combat this electronic disease(s)?
Llamas are bigger than frogs.:cool:

#2 brndirt1

brndirt1

    Saddle Tramp

  • Members
  • PipPipPipPipPipPipPipPip
  • 9,709 posts

Posted 06 September 2011 - 03:28 PM

My Norton has blocked three "unauthorized access" attempts today, without any getting through my own unit. I don't know what can be done by Otto and the others at the "site" level itself, I just count on my personal Norton 2011.
Happy Trails,
Clint.

#3 Volga Boatman

Volga Boatman

    Dishonorably Discharged

  • Dishonorably Discharged
  • PipPipPipPipPipPipPip
  • 1,640 posts

Posted 06 September 2011 - 03:38 PM

Well, at least they must be informed that this occurs on their site more often than I care to admit.

I presume it is NOT other members who are perpetrating this, so what in the blue blazes is going on? If one of these bloody things gets through, I'll not be a very happy poster. It costs money to fix.
Llamas are bigger than frogs.:cool:

#4 Skipper

Skipper

    Kommodore

  • ModeratorsOKF Moderator
  • 22,309 posts

Posted 06 September 2011 - 03:47 PM

next time this happens could copy the link of the thread /post please, so we know what to look for.

Vorsicht+Feind.JPG


#5 CAC

CAC

    Ace of Spades

  • Members
  • PipPipPipPipPipPipPip
  • 2,399 posts

Posted 06 September 2011 - 10:26 PM

I've got an idea of who it is...will keep you'al posted.
I try to be the man my dog thinks i am...

#6 Volga Boatman

Volga Boatman

    Dishonorably Discharged

  • Dishonorably Discharged
  • PipPipPipPipPipPipPip
  • 1,640 posts

Posted 06 September 2011 - 11:09 PM

My security just blocked another one.

Seems to happen when you access the site through the main page, that is when you jump to the general page for the first time.

For the moderators, my software report said the File Name was 129.121.212.1/Home/index.php

Threat name was Exploit Blackhole Exploit Kit (type 1889)

Please do not click on the above.
Llamas are bigger than frogs.:cool:

#7 Skipper

Skipper

    Kommodore

  • ModeratorsOKF Moderator
  • 22,309 posts

Posted 07 September 2011 - 04:21 AM

I'll send the info to Otto . Hopefully it's a false postive.

Vorsicht+Feind.JPG


#8 USMCPrice

USMCPrice

    Idiot at Large

  • Members
  • PipPipPipPipPipPipPip
  • 2,842 posts
  • LocationGod's Country

Posted 07 September 2011 - 08:53 AM

Yeah, I've had the warnings also, both at home and at work.
"I come in peace, I didn't bring artillery. But I am pleading with you with tears in my eyes: If you f**k with me, I'll kill you all."Marine General James Mattis, to Iraqi tribal leaders
"Every Marine is, first and foremost, a rifleman. All other conditions are secondary."Gen. Alfred Gray, 29th Commandant of the Marine Corps

#9 theblackalchemist

theblackalchemist

    Member

  • Members
  • PipPipPipPipPip
  • 294 posts

Posted 07 September 2011 - 09:08 AM

My security just blocked another one.

Seems to happen when you access the site through the main page, that is when you jump to the general page for the first time.

For the moderators, my software report said the File Name was 129.121.212.1/Home/index.php

Threat name was Exploit Blackhole Exploit Kit (type 1889)

Please do not click on the above.


Thanks for the info mate.

Any recollection which link redirected you to the said page?
Will help the admins.

Also for those of you who have a firewall up, i'd suggest you block the ip range from 129.121.0.0 to 129.121.255.255. If you dont, i'd suggest you get one, an example being peerblock.

Regards,
TBA

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This day, remember those who gave all, so that we may lack none.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#10 Skipper

Skipper

    Kommodore

  • ModeratorsOKF Moderator
  • 22,309 posts

Posted 07 September 2011 - 10:12 AM

thanks for the info, Otto has been informed with link and the I.P. adress.

Vorsicht+Feind.JPG


#11 Volga Boatman

Volga Boatman

    Dishonorably Discharged

  • Dishonorably Discharged
  • PipPipPipPipPipPipPip
  • 1,640 posts

Posted 07 September 2011 - 02:40 PM

No link direction, but a security window pops up when you go to the 'Forum' for the first time for your daily visit.

There was another type that was blocked, but I did not have the presence of mind to write it down.

Hope this helps. These bloody viruses are annoying to say the least.
Llamas are bigger than frogs.:cool:

#12 LRusso216

LRusso216

    Graybeard

  • ModeratorsOKF Moderator
  • 10,289 posts
  • LocationPennsylvania

Posted 07 September 2011 - 07:58 PM

While I'm glad Otto has been informed, I get no virus warnings from Norton. I wonder where they are coming from?

image001.png

Lou


#13 theblackalchemist

theblackalchemist

    Member

  • Members
  • PipPipPipPipPip
  • 294 posts

Posted 08 September 2011 - 02:00 AM

I hope no one is still sticking to internet explorer here, if you are, you are literally begging to be attacked.

Regards,
TBA

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This day, remember those who gave all, so that we may lack none.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#14 36thID

36thID

    Member

  • Members
  • PipPipPipPipPipPipPip
  • 1,052 posts

Posted 08 September 2011 - 09:24 PM

I love this site but the warnings are alarming.

Last Sunday I got one, I stayed away until today and got another.

These creeps that pull this nonsense need their kiesters kicked !

#15 brndirt1

brndirt1

    Saddle Tramp

  • Members
  • PipPipPipPipPipPipPipPip
  • 9,709 posts

Posted 09 September 2011 - 07:01 PM

I just got a "MalWare" warning from what appears to be Google, however when I went to my Norton what I found was this:

?Category: Norton Product Tamper Protection
Date & Time,Risk,Activity,Status,Recommended Action,Date,Actor,Actor PID,Target,Target PID,Action,Reaction
9/9/2011 11:50 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, September 09, 2011 11:50 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3604,C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\18.6.0.29\ccsvchst.exe,2220,Open Process Token,Unauthorized access blocked


?Category: Norton Product Tamper Protection
Date & Time,Risk,Activity,Status,Recommended Action,Date,Actor,Actor PID,Target,Target PID,Action,Reaction
9/9/2011 12:00 PM,Medium,Unauthorized access blocked (Set Regietry Security Key),Blocked,No Action Required,"Friday, September 09, 2011 12:00 PM",C:\WINDOWS\SYSTEM32\SVCHOST.EXE,888,HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHDRVX86\0000\Control\,0,Set Regietry Security Key,Unauthorized access blocked


?Category: Norton Product Tamper Protection
Date & Time,Risk,Activity,Status,Recommended Action,Date,Actor,Actor PID,Target,Target PID,Action,Reaction
9/9/2011 12:03 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, September 09, 2011 12:03 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,4560,C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\18.6.0.29\ccsvchst.exe,2220,Open Process Token,Unauthorized access blocked

All medium risk, all blocked. Don't know what is going on or why, this is the first MalWare warning I've ever received since Volga Boatman started claiming he was getting virus warnings.
Happy Trails,
Clint.

#16 Gebirgsjaeger

Gebirgsjaeger

    Ace

  • Members
  • PipPipPipPipPipPipPip
  • 4,321 posts

Posted 09 September 2011 - 07:15 PM

Don´t worry about the warning Clint! I do have the Norton 360 and this warning pops up so often no matter if i´m on this site or not! So i ignore them.
Regards, Ulrich

Horrido!

"We're surrounded. That simplifies our problem!" LtGen. Chesty Puller.

#17 urqh

urqh

    Tea drinking surrender monkey

  • Members
  • PipPipPipPipPipPipPipPip
  • 9,681 posts

Posted 09 September 2011 - 08:21 PM

Google warns the site is dangerous again....Happened months ago. Go in thru Yahoo and no problems whatsoever.

British Army 1939-1945 - World War II Tribute Video

 

 

[URL="http://youtu.be/Zbp_4XBmD4w"]

 

 

 

 

 

 
 

 


#18 jagdpanther44

jagdpanther44

    Battlefield wanderer

  • TrusteeOKF Trustee
  • PipPipPipPipPipPipPip
  • 1,608 posts
  • LocationCheshire, England

Posted 09 September 2011 - 09:44 PM

Same here - Google warns me that the site has malaware.

Like others, I also encountered this problem a few month back and this is the first time since then that i've had the warning.
Regards
John

"It is always wise to look ahead, but difficult to look further than you can see" - Winston Churchill

#19 OpanaPointer

OpanaPointer

    I Point at Opana

  • Members
  • PipPipPipPipPipPipPip
  • 4,806 posts

Posted 09 September 2011 - 10:33 PM

You can turn off the alarm in /Options/Tools/Security. I just ran three AVs with no hits.

"One of our King Tigers could take five of your Shermans, but you always had six of them."


WWII Resources. Primary sources.
The Myths of Pearl Harbor. Demythologizing the attack.
Hyperwar. Hypertext history of the Second World War.
Pearl Harbor Attack Message Board
Veteran: USN, 1969-1989

#20 LRusso216

LRusso216

    Graybeard

  • ModeratorsOKF Moderator
  • 10,289 posts
  • LocationPennsylvania

Posted 09 September 2011 - 11:51 PM

I also ran a full scan with Norton and received nothing. I don't know where the problem is, but I also turned off the warning.

image001.png

Lou


#21 TD-Tommy776

TD-Tommy776

    Man of Constant Sorrow

  • TrusteeOKF Trustee
  • PipPipPipPipPipPipPip
  • 4,316 posts
  • LocationThe Land of 10,000 Loons

Posted 10 September 2011 - 12:42 AM

I'm getting "Virus Warning" and "Attack Site" messages. Google diagnostic confirms a malicious script. Here's a capture of Google's diagnostic:

Attached File  Snapshot 2011-09-09 19-34-21.jpg   75.19KB   9 downloads

Freedom is precious and many gave their lives for it. It is the duty of the future generation
to remember that sacrifice, and offer some sacrifice for themselves if Freedom is threatened.

Cecil Earl Workman, WWII Veteran, "L" Co., 129th Inf. Regt., 37th Inf. Div.


halvorsonpto129ir37id3.jpg

PFC Glenn W. Halvorson

bannereto776tdv2.png

PFC Norman L. Halvorson


#22 Biak

Biak

    Adjutant

  • ModeratorsOKF Moderator
  • 5,595 posts

Posted 10 September 2011 - 01:04 AM

I hadn't had any trouble until the wife checked Facebook. I haven't been able to get on at all until I turned off the "block site" thing. Everythinggggggggg wejkd seems to be fine nooow. ?

Happiness is nice but it can't buy money.

 

Kilroy_Was_Here_by_catluvr2.gif


#23 gunbunnyb/3/75FA

gunbunnyb/3/75FA

    Member

  • Members
  • PipPipPipPipPip
  • 440 posts

Posted 10 September 2011 - 02:10 AM

just to let you guys know,i just logged in and i got an attack page warning from my antivirus program.

#24 sonofacameron

sonofacameron

    Member

  • Members
  • PipPipPipPipPip
  • 132 posts

Posted 10 September 2011 - 08:25 AM

Firefox would not open the site first thing this morning, obviously ok now. My AVG anti virus blocked me on I.E too with same message as Volga Boatman got, re Black Hole etc.

#25 leccy1

leccy1

    Member

  • Members
  • PipPipPipPipPip
  • 266 posts

Posted 10 September 2011 - 11:51 AM

I have been prevented by Google on my Linux lappie from logging in for 24 hours now, just ignored the warnings. I had the same as is in post 21 but never got the option to ignore till today.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users