Don't click or your IP will be banned


Hittin' The Web with the Allman Brothers Band Forum
You are not logged in

< Last Thread   Next Thread >Ascending sortDescending sorting  
Author: Subject: VIRUS on this website!?!?!?

Peach Pro





Posts: 249
(249 all sites)
Registered: 5/19/2009
Status: Offline

  posted on 3/13/2011 at 05:01 PM
Folks,
I came here today to get my Beacon update, and every single page I go to in this site, my anti-virus program detects, and denies, a virus. This is what my virus thing keeps saying everytime I click a new page within this site..

3/13/2011 4:56:32 PM
Denied: HEUR:Exploit.Script.Generic
"http://weiojow.co.cc/sbmw5xwud/sz9kvt.php?dbg=ip&id=4430F2F6463811E0AD 50A2DFE1E63F12_1//sz9kvt"
Firefox


I added the quotes so it wouldn't be a clickable link.

 

____________________
The Plasma Always Wins

 
Replies:

Peach Pro



Karma:
Posts: 406
(451 all sites)
Registered: 10/23/2003
Status: Offline

  posted on 3/13/2011 at 05:09 PM
I also get same type of virus message. Not sure what it means hopefully somebody tech savey will address this.

An intrusion attempt by "Weiojow.co.cc (91.206.200.10, 80). was blocked.

 

Zen Peach



Karma:
Posts: 40434
(41898 all sites)
Registered: 7/19/2007
Status: Offline

  posted on 3/13/2011 at 05:17 PM
quote:
Folks,
I came here today to get my Beacon update, and every single page I go to in this site, my anti-virus program detects, and denies, a virus. This is what my virus thing keeps saying everytime I click a new page within this site..

3/13/2011 4:56:32 PM
Denied: HEUR:Exploit.Script.Generic
"http://weiojow.co.cc/sbmw5xwud/sz9kvt.php?dbg=ip&id=4430F2F6463811E0AD 50A2DFE1E63F12_1//sz9kvt"
Firefox


I added the quotes so it wouldn't be a clickable link.


I got it, too. It kept opening windows media player - really weird. Norton Anti-Virus blocked it.

 

____________________
Front feet doin' the shuffle, back feet too, love them good ol' Georgia blues


 

Peach Master



Karma:
Posts: 974
(974 all sites)
Registered: 4/14/2010
Status: Offline

  posted on 3/13/2011 at 06:07 PM
Yes, I wrote something earlier today in the Mooogis thread because I thought maybe the Moogis flash banner might not have been updated for the newest version of Java. I certainly don't know if that is the problem of if the site has been hacked. I think it may be that because if the site was hacked every single person would get what we are.

Ok this is the specs and what I encountered.

I run Mozilla and Avast Anti Virus. The first thing i got was a mal ware notice from Avast then I got a notice about the site needing a lower version of the Java plugin. I know the other day there was an update of both Firefox and Java. Java had a new version. Sometime it is considered malware. But not to Avast. I also got a malware notice from Windows defender, which almost never kicks in visibility on my Vista operating system.

Windows defender needed to be updated and manually and it made me run a scan. Every page of this web site got a malware message and all the security kicked in especially when I tried to write a reply. I ended up updating Avast program in case it needed to be updated. So I did that and still after updating everything, windows defender and Avast, I updated to most current and even disabled the latest version of Java, I still get these reports and blocking of the site.

Windows defender: Rouge: Win 32/Fake Rean - rated - severe
Java Security warning: vuln: weiojow.co.cc

Also stating the latest version of Java 1.6.0 vem, is not the latest and may not contain the latest security update.

Avast is saying there is a malware site but I can't read the web address because it goes beyond the screen. The chest says it is a Win 32 Malware.





 

Zen Peach



Karma:
Posts: 24984
(25100 all sites)
Registered: 8/20/2004
Status: Offline

  posted on 3/13/2011 at 06:30 PM
quote:
Windows defender: Rouge: Win 32/Fake Rean - rated - severe
Java Security warning: vuln: weiojow.co.cc


same thing I got

 

Administrator



Karma:
Posts: 1235
(1492 all sites)
Registered: 9/10/2001
Status: Offline

  posted on 3/13/2011 at 06:40 PM
Hey there sweet family,

Rowland is aware of the problem and is working on it.

Take care and know that you are loved,

Lana

 

____________________
Practice intentional acts of kindness.
View Lana Archer's profile on LinkedIn

 

True Peach



Karma:
Posts: 11675
(12118 all sites)
Registered: 1/8/2005
Status: Offline

  posted on 3/13/2011 at 06:45 PM
quote:
Rowland is aware of the problem and is working on it.


Good to know! Thanks Lana!

 

____________________
We'd all like to vote for the best man, but he's never a candidate.

 

Administrator



Karma:
Posts: 286
(392 all sites)
Registered: 8/27/2001
Status: Offline

  posted on 3/13/2011 at 07:07 PM
Some hacker is adding an iframe to block titles that references the site in China. The iframe is being served by the machine in China and that is where the malware is. I have removed the iframe twice but still working on preventing recurrence.

More fun on a Sunday afternoon !

Best,
Rowland

 

Peach Master



Karma:
Posts: 946
(945 all sites)
Registered: 1/7/2004
Status: Offline

  posted on 3/13/2011 at 07:15 PM
Hearty and grateful thanks to Rowland for keeping this site going, in light of the heavy traffic this time of year. Admin extraordinare and Defender of Malware!!
 

Extreme Peach



Karma:
Posts: 1189
(1209 all sites)
Registered: 11/8/2003
Status: Offline

  posted on 3/13/2011 at 07:28 PM
Thanxs Lana!!
 

World Class Peach



Karma:
Posts: 5463
(5472 all sites)
Registered: 12/14/2002
Status: Offline

  posted on 3/13/2011 at 09:45 PM
Like you and Lana don't have anything better to do on a Sunday afternoon! Thanks for your diligence! You guys are the best!
 

Zen Peach



Karma:
Posts: 40434
(41898 all sites)
Registered: 7/19/2007
Status: Offline

  posted on 3/14/2011 at 10:29 AM
Rowland and Lana - thanks for your time and efforts. It is truly appreciated.

 

____________________
Front feet doin' the shuffle, back feet too, love them good ol' Georgia blues


 

Peach Extraordinaire



Karma:
Posts: 4937
(4936 all sites)
Registered: 3/28/2008
Status: Offline

  posted on 3/14/2011 at 11:28 AM
thanks!!
 

Peach Master



Karma:
Posts: 526
(526 all sites)
Registered: 9/22/2010
Status: Offline

  posted on 3/14/2011 at 12:17 PM
Yes thanks everyone! I truly enjoyed spending my Sunday afternoon trying and failing to remove this super-aggressive Trojan from my harddrive! I'm sure I'll truly enjoy spending my Monday on it too. It's always nice when a two-second visit to this website results in a crippled laptop. BTW I'm sure many of you have this Trojan as well, you just may not know it yet. Hopefully your anti-virus program did better than McAfee did for me... Anyway if you're seeing pop-ups or anything from a bogus program "Anti-Virus Anti-Spyware 2011," you may as well just toss your computer in a river rather than deal with the incredible frustration of trying to remove this virus.

Curious though, is this from a bad script in that Moogis banner? Too late to save me but maybe others can block scripts for this site in hopes of avoiding a similar catastrophe.

 

Zen Peach



Karma:
Posts: 46252
(46253 all sites)
Registered: 7/8/2004
Status: Offline

  posted on 3/14/2011 at 12:20 PM
quote:
Yes thanks everyone! I truly enjoyed spending my Sunday afternoon trying and failing to remove this super-aggressive Trojan from my harddrive! I'm sure I'll truly enjoy spending my Monday on it too. It's always nice when a two-second visit to this website results in a crippled laptop. BTW I'm sure many of you have this Trojan as well, you just may not know it yet. Hopefully your anti-virus program did better than McAfee did for me... Anyway if you're seeing pop-ups or anything from a bogus program "Anti-Virus Anti-Spyware 2011," you may as well just toss your computer in a river rather than deal with the incredible frustration of trying to remove this virus.

Curious though, is this from a bad script in that Moogis banner? Too late to save me but maybe others can block scripts for this site in hopes of avoiding a similar catastrophe.


I got something called "AntiMalwareGo" on my PC a couple of weeks ago. Ended up having to reformat the hard drive. You have to be very careful rebooting when you have one of these, they can eventually make Safe Mode unuseable.

Faceless scams.

 

____________________
"Live every week like it's Shark Week." - Tracy Jordan

 

Zen Peach



Karma:
Posts: 18593
(18594 all sites)
Registered: 11/20/2006
Status: Offline

  posted on 3/14/2011 at 06:10 PM
Thanks, Lana and Rowland, for spending your day off with this. (I'm sure there were many more things you would have rather been doing ... hope you both know how much you, and this site, are appreciated )

 

____________________
"Come on down to the Mermaid Cafe and I will buy you a bottle of wine, and we'll laugh and toast to nothing and smash our empty glasses down..."

 

World Class Peach



Karma:
Posts: 5060
(5061 all sites)
Registered: 8/27/2006
Status: Offline

  posted on 3/14/2011 at 07:14 PM
Did anyone else go out and get a shot of Penicillin?

better safe than sorry I says.


 

Peach Extraordinaire



Karma:
Posts: 4555
(4608 all sites)
Registered: 1/1/2008
Status: Offline

  posted on 3/15/2011 at 02:09 AM
glad i'm not the only one this is happening to
 

Peach Master



Karma:
Posts: 958
(962 all sites)
Registered: 9/28/2004
Status: Offline

  posted on 3/15/2011 at 03:05 AM
quote:
Hearty and grateful thanks to Rowland for keeping this site going, in light of the heavy traffic this time of year. Admin extraordinare and Defender of Malware!!



Not to mention, Peach Fan Deluxe ..........Peace.....joe

[Edited on 3/15/2011 by crazyjoe]

 

A Peach Supreme



Karma:
Posts: 2417
(2420 all sites)
Registered: 11/30/2001
Status: Offline

  posted on 3/15/2011 at 12:51 PM
Ya, I got that too. I use AVG (free version) which grabbed it and got rid of it. Stayed away from the site for a while to give L&R time to deal with it. Being paranoid I've run a couple more scans, all clear, nothing out of the ordinary...

Initially I thought that one of our banned friends might have wanted to get some revenge during the Beacon run.

 

____________________
"Please don't confront me with my failures ... I'm aware of them"

 
 


Powered by XForum 1.81.1 by Trollix Software


Privacy | Terms of Service
The ALLMAN BROTHERS BAND name, The ALLMAN BROTHERS name, likenesses, logos, mushroom design and peach truck are all registered trademarks of THE ABB MERCHANDISING CO., INC. whose rights are specifically reserved. Any artwork, visual, or audio representations used on this web site CONTAINING ANY REGISTERED TRADEMARKS are under license from The ABB MERCHANDISING CO., INC. A REVOCABLE, GRATIS LICENSE IS GRANTED TO ALL REGISTERED PEACH CORP MEMBERS FOR The DOWNLOADING OF ONE COPY FOR PERSONAL USE ONLY. ANY DISTRIBUTION OR REPRODUCTION OF THE TRADEMARKS CONTAINED HEREIN ARE PROHIBITED AND ARE SPECIFICALLY RESERVED BY THE ABB MERCHANDISING CO.,INC.
site by Hittin' the Web Group with www.experiencewasabi3d.com