 Did this site get compromised?
|
Joined: Jun 2008
Posts: 188
Adjunct
|
OP
Adjunct
Joined: Jun 2008
Posts: 188 |
I usually visit this site daily but haven't since the 4th.
I don't go to too many internet sites, just a few.
After my visit on the 31st I closed my browser and the faux Windows Security screen came up on my computer. I quickly yanked the power cord and came back up in safe mode. I removed the WinNT/Alureon.S from my system. It was late and I was ticked so I didn't retrace my steps. On the 1st I fought it again and began to realize it was after my visit here that it popped up. On the 4th when I came back one more time to confirm it got the Win32/Pdfjsc.PC. I could see if I was going lots of places but I only go to a handful; and each time Microsoft Security Essentials popped up after or during my visit here.
Just wondering... Not looking to start a fight just trying to figure out what's going on.
|
|
|
Re: Did this site get compromised?
|
Joined: Mar 2009
Posts: 12,964
Stickman Yogi
|
|
Stickman Yogi
Joined: Mar 2009
Posts: 12,964 |
It recently happened to me too. I just chocked it up to being yet another faulty dumbass microsoft product.
Live to love, love to live.
|
|
|
Re: Did this site get compromised?
|
Joined: Feb 2007
Posts: 23,207 Likes: 58
Fe Butt
|
Fe Butt
Joined: Feb 2007
Posts: 23,207 Likes: 58 |
My anti-virus blocks a trojan every time I open this site too over the last couple weeks.
I learned all I need to know about life by killing smart people and eating their brains.
Eat right ,Exercise ,Stay fit, Die Anyway!
|
|
|
Re: Did this site get compromised?
|
Joined: Jan 2005
Posts: 6,821
Bar Shake
|
|
Bar Shake
Joined: Jan 2005
Posts: 6,821 |
Malwarebytes shows a site being blocked when I open the home page.
FJ is aware of it and, I'm sure, looking into it.
195.14.112.163
Contra todo mal, mezcal; contra todo bien, tambiƩn
|
|
|
Re: Did this site get compromised?
|
Joined: Feb 2007
Posts: 23,207 Likes: 58
Fe Butt
|
|
Fe Butt
Joined: Feb 2007
Posts: 23,207 Likes: 58 |
Probably has to do with those ads we had that conformed to what we were talking about.
I learned all I need to know about life by killing smart people and eating their brains.
Eat right ,Exercise ,Stay fit, Die Anyway!
|
|
|
Re: Did this site get compromised?
|
Joined: Aug 2008
Posts: 1,048
Learned Hand
|
|
Learned Hand
Joined: Aug 2008
Posts: 1,048 |
I got a warning tonight too. first time ever here
Something's up
01010100 01110010 01101001 01110101 01101101 01110000 01101000 <3
|
|
|
Re: Did this site get compromised?
|
Joined: Mar 2005
Posts: 2,419
Oil Expert
|
|
Oil Expert
Joined: Mar 2005
Posts: 2,419 |
I never get this because I always go directly to the forum index when I log on and never to the home page - so no ads.
Cheers, Richard
~~~~~~~~~~~~
09 America, Staintune Pipes, K&N, Breathe, Hagon Nitros, AI & O2 removed, tune 20184 (modified), MTX-L a/f gauge
|
|
|
Re: Did this site get compromised?
|
Joined: Feb 2007
Posts: 23,207 Likes: 58
Fe Butt
|
|
Fe Butt
Joined: Feb 2007
Posts: 23,207 Likes: 58 |
I don't know if there are still any ads since I have always had them blocked but I remember members talking about how they seemed to advertise what the discussion was about.
I learned all I need to know about life by killing smart people and eating their brains.
Eat right ,Exercise ,Stay fit, Die Anyway!
|
|
|
Re: Did this site get compromised?
|
Joined: Aug 2008
Posts: 1,048
Learned Hand
|
|
Learned Hand
Joined: Aug 2008
Posts: 1,048 |
Quote:
I never get this because I always go directly to the forum index when I log on and never to the home page - so no ads.
I get no ads, as they are blocked. I DID get a virus warning today on this site.
01010100 01110010 01101001 01110101 01101101 01110000 01101000 <3
|
|
|
Re: Did this site get compromised?
|
Joined: Jan 2005
Posts: 7,630 Likes: 7
Monkey Butt
|
|
Monkey Butt
Joined: Jan 2005
Posts: 7,630 Likes: 7 |
I'm on a mac so I don't get any of that crap. 
We all like to think of ourselves as rugged individualists. But when push comes to shove most of us are sheep who do what we are told. Worst of all, a lot of us become unpaid agents of whoever is controlling the agenda by enforcing the current dogma on the few rugged individualists who actually exist.
|
|
|
Re: Did this site get compromised?
|
Joined: Aug 2010
Posts: 1,738
Learned Hand
|
|
Learned Hand
Joined: Aug 2010
Posts: 1,738 |
|
|
|
Re: Did this site get compromised?
|
Joined: Jan 2005
Posts: 3,611 Likes: 1
Loquacious
|
|
Loquacious
Joined: Jan 2005
Posts: 3,611 Likes: 1 |
Something on this site has changed in the last week or so- I used to be able to access it at work, now it's blocked by websense with a warning about malicious content......?
Stewart
.......
"It's outside your field of expertise."
"Poppycock normally is."
|
|
|
Re: Did this site get compromised?
|
Joined: Aug 2010
Posts: 1,738
Learned Hand
|
|
Learned Hand
Joined: Aug 2010
Posts: 1,738 |
Okay, who is being malicious????? 
|
|
|
Re: Did this site get compromised?
|
Joined: Mar 2005
Posts: 2,419
Oil Expert
|
|
Oil Expert
Joined: Mar 2005
Posts: 2,419 |
I use a Mac so I'm not susceptible to most virus/trojans. But I use Little Snitch which tells/asks me when a website is wanting to communicate on unusual ports. I have been getting an unuasal port request from one of the forum pages over the last week but I'm buggered if I can find it now - and my memory aint what it used to be - at least I think it used to be better. Anyhoo I'll post it if I come across it - the link/photo that wants to talk on a suspicious port.
Cheers, Richard
~~~~~~~~~~~~
09 America, Staintune Pipes, K&N, Breathe, Hagon Nitros, AI & O2 removed, tune 20184 (modified), MTX-L a/f gauge
|
|
|
Re: Did this site get compromised?
|
Joined: Aug 2009
Posts: 558
Adjunct
|
|
Adjunct
Joined: Aug 2009
Posts: 558 |
Sorry guys, it was me. I was thinking very malicious thinks the last few weeks.
2008 Speedy, AI removed, DIY airbox destruction with K&N filters, spectres, re-jetted and "custom" rattle can paint job.
|
|
|
Re: Did this site get compromised?
|
Joined: Jan 2005
Posts: 18,825
"Lighten up, Francis."
|
|
"Lighten up, Francis."
Joined: Jan 2005
Posts: 18,825 |
I don't get it on the forums only on the homepage, but it never mentions a specific virus. I've narrowed it down to a WordPress plug-in but I'm not sure which one. I was notified of it happening on the forum but I can't seem to reproduce it. I'm not running any ads on the forums and there isn't any added functionality to the forum software that could be causing it (and we're still running the old software that hasn't caused these sorts of problems before). I'm not getting anything like this on any of my other Dreamhost-hosted web sites. They're pretty good about keeping things secure.
I'm still looking into it.
|
|
|
Re: Did this site get compromised?
|
Joined: Mar 2009
Posts: 12,964
Stickman Yogi
|
|
Stickman Yogi
Joined: Mar 2009
Posts: 12,964 |
Quote:
Sorry guys, it was me. I was thinking very malicious thinks the last few weeks.
Ah, so it's a case of a Zach attack
And not a hack attack,
Or a computer hijack
Taking over PCs but not the Mac
If it was really you Zach
That put the kink in my back
And the smoke in my stack
Then back off Jack, I mean Zach
This is a great place to yak
And yak, about a plan of attack
To fix your bike if it should lack
The ability to bounce back
I know, I'm doing the yakety yak,
But whatever... just don't talk back
If we can keep this site and forum on track
(Sing it now...)
Black is black, I want my baby back!
This has been a senseless rhyming exercise, thus supporting the idea of futility.
Live to love, love to live.
|
|
|
Re: Did this site get compromised?
|
Joined: Feb 2007
Posts: 23,207 Likes: 58
Fe Butt
|
|
Fe Butt
Joined: Feb 2007
Posts: 23,207 Likes: 58 |
I don't get the warning on the forum either, just the home page.
I learned all I need to know about life by killing smart people and eating their brains.
Eat right ,Exercise ,Stay fit, Die Anyway!
|
|
|
Re: Did this site get compromised?
|
Joined: Feb 2007
Posts: 23,207 Likes: 58
Fe Butt
|
|
Fe Butt
Joined: Feb 2007
Posts: 23,207 Likes: 58 |
Just went out and came back in and the warning I get says it's HTML:Frame-OZ ( forget if the "Z" was upper or lower case). Don't know if that is of any help or not.
I learned all I need to know about life by killing smart people and eating their brains.
Eat right ,Exercise ,Stay fit, Die Anyway!
|
|
|
Re: Did this site get compromised?
|
Joined: Sep 2006
Posts: 3,012
Loquacious
|
|
Loquacious
Joined: Sep 2006
Posts: 3,012 |
cutting trhe quote short; Quote:
(Sing it now...)
Black is black, I want my baby back!
This has been a senseless rhyming exercise, thus supporting the idea of futility.
but Keith, i think you just channeled Dwight!
allhailthefrenchpress
|
|
|
Re: Did this site get compromised?
|
Joined: Jan 2005
Posts: 18,825
"Lighten up, Francis."
|
|
"Lighten up, Francis."
Joined: Jan 2005
Posts: 18,825 |
Okay, I'm just going to strip down the homepage and see if I can track it down. Dangit.
|
|
|
Re: Did this site get compromised?
|
Joined: Sep 2009
Posts: 123
Adjunct
|
|
Adjunct
Joined: Sep 2009
Posts: 123 |
I get this message from G-Data Quote:
Virus: HTML:IFrame-OZ [Trj] (Engine-B)
Virus dƩtectƩ pendant le chargement des contenus Web.
Adresse: www.bonnevilleamerica.com
Statut : L'accĆØs a Ć©tĆ© refusĆ©.
Site is blocked
I do not read/write english very well. Thank's to be patient.
Triumph America/Speedmaster French community : http://www.yogourtnoway.com
|
|
|
Re: Did this site get compromised?
|
Joined: Aug 2009
Posts: 2,580
Loquacious
|
|
Loquacious
Joined: Aug 2009
Posts: 2,580 |
Quote:
I don't get the warning on the forum either, just the home page.
+1
but only last Thursday (I only check the homepage once a week)
I don't know what it is, but security essentials tells me it there then cleans it up.
No problems with the forums, apart from the odd link
Too old to die young, too ugly to leave a good looking corpse
|
|
|
Re: Did this site get compromised?
|
Joined: Jan 2005
Posts: 12,164 Likes: 1
Should be Riding
|
|
Should be Riding
Joined: Jan 2005
Posts: 12,164 Likes: 1 |
I got that message just one time, but nothing since. I think that was last week sometime.
|
|
|
Re: Did this site get compromised?
|
Joined: Aug 2010
Posts: 1,738
Learned Hand
|
|
Learned Hand
Joined: Aug 2010
Posts: 1,738 |
What ever you did FJ it seemed to fix it for me. 
|
|
|
Re: Did this site get compromised?
|
Joined: Jan 2005
Posts: 18,825
"Lighten up, Francis."
|
|
"Lighten up, Francis."
Joined: Jan 2005
Posts: 18,825 |
The only problem I'm aware of has not been fixed. I disabled everything and even changed the theme. Still there. Been surfing WordPress Hack sites looking for an answer but so far bupkis. The good news is that I don't think there's anything really bad going on.
|
|
|
Re: Did this site get compromised?
|
Joined: Aug 2009
Posts: 37
Greenhorn
|
|
Greenhorn
Joined: Aug 2009
Posts: 37 |
I just tried the home page and Malwarebytes Anti-Malware blocked access to 195.14.112.163 outgoing port 61553.
Frank
|
|
|
Re: Did this site get compromised?
|
Joined: Jan 2005
Posts: 18,825
"Lighten up, Francis."
|
|
"Lighten up, Francis."
Joined: Jan 2005
Posts: 18,825 |
Unfortunately it's looking like I have to take off and nuke it from orbit. It's the only way to be sure. Then reinstall everything except the forum from scratch.
That's probably going to have to wait until next weekend as I'll be out of town on business starting tomorrow.
|
|
|
Re: Did this site get compromised?
|
Joined: Aug 2008
Posts: 1,048
Learned Hand
|
|
Learned Hand
Joined: Aug 2008
Posts: 1,048 |
Quote:
Unfortunately it's looking like I have to take off and nuke it from orbit. It's the only way to be sure.
I agree, it's the only way to be sure. 
01010100 01110010 01101001 01110101 01101101 01110000 01101000 <3
|
|
|
Re: Did this site get compromised?
|
Joined: Mar 2006
Posts: 382
Adjunct
|
|
Adjunct
Joined: Mar 2006
Posts: 382 |
I keep getting a thing that says norton blocked attack from blackhole tools
|
|
|
Re: Did this site get compromised?
|
Joined: Jan 2007
Posts: 331
Adjunct
|
|
Adjunct
Joined: Jan 2007
Posts: 331 |
Blackhole attack as well! 
|
|
|
Re: Did this site get compromised?
|
Joined: Mar 2009
Posts: 109
Adjunct
|
|
Adjunct
Joined: Mar 2009
Posts: 109 |
almost two weeks ago i was logged in here and got hit with a virus or trojan. lost everything in my computer. when i logged in a few minutes ago my Norton anti-virus blocked another attempt. Hope it's not the site, i need to keep up to date on the Mid-West Ralley
|
|
|
Re: Did this site get compromised?
|
Joined: Jan 2005
Posts: 18,825
"Lighten up, Francis."
|
|
"Lighten up, Francis."
Joined: Jan 2005
Posts: 18,825 |
I wish you guys would specify homepage or forums. They are not the same thing.
|
|
|
Re: Did this site get compromised?
|
Joined: Mar 2007
Posts: 5,616
Check Pants
|
|
Check Pants
Joined: Mar 2007
Posts: 5,616 |
John, i just tried getting in from the home page and it asked for my email address so i could subscribe to RSS feed updates. The page was black with an orange strip ( hehe Harley colors ). It never took me to ba.com like it said it would. I had to come in throgh a google search for the ba.com forum. Ill see if i can post a screen shot for you.
SOLD: 07 Black BA, 39mm FCRs, TPUSA stage 1 head, TPUSA 813 cams, TPUSA 10.8:1 pistons, TTP #3 igniter, Specialty Spares Long Cannons, Tsukayu Hard Bags. 82HP/55tq
NEW: 19 Goldwing Tour DCT
|
|
|
Re: Did this site get compromised?
|
Joined: Mar 2011
Posts: 46
Greenhorn
|
|
Greenhorn
Joined: Mar 2011
Posts: 46 |
My computer crashed last week also. Bought another one, but now I am running through Linux. I am so tired of microsoft.
|
|
|
Re: Did this site get compromised?
|
Joined: Mar 2005
Posts: 2,419
Oil Expert
|
|
Oil Expert
Joined: Mar 2005
Posts: 2,419 |
Quote:
John, i just tried getting in from the home page and it asked for my email address so i could subscribe to RSS feed updates. The page was black with an orange strip ( hehe Harley colors ). It never took me to ba.com like it said it would. I had to come in throgh a google search for the ba.com forum. Ill see if i can post a screen shot for you.
Just happened to me. I think Friar might have taken the Home page down until he can fix it and this is an 'under construction' page. The email request is for subscribing to RSS feeds of the site.
Last edited by foglefar; 06/12/2011 6:39 PM.
Cheers, Richard
~~~~~~~~~~~~
09 America, Staintune Pipes, K&N, Breathe, Hagon Nitros, AI & O2 removed, tune 20184 (modified), MTX-L a/f gauge
|
|
|
Re: Did this site get compromised?
|
Joined: Feb 2007
Posts: 23,207 Likes: 58
Fe Butt
|
|
Fe Butt
Joined: Feb 2007
Posts: 23,207 Likes: 58 |
That is because he took the home page down what I want to know is why it's HD colors! 
I learned all I need to know about life by killing smart people and eating their brains.
Eat right ,Exercise ,Stay fit, Die Anyway!
|
|
|
Re: Did this site get compromised?
|
Joined: Jan 2005
Posts: 12,164 Likes: 1
Should be Riding
|
|
Should be Riding
Joined: Jan 2005
Posts: 12,164 Likes: 1 |
Quote:
John, i just tried getting in from the home page and it asked for my email address so i could subscribe to RSS feed updates. The page was black with an orange strip ( hehe Harley colors ). It never took me to ba.com like it said it would. I had to come in throgh a google search for the ba.com forum. Ill see if i can post a screen shot for you.
|
|
|
Re: Did this site get compromised?
|
Joined: Oct 2008
Posts: 2,420
Oil Expert
|
|
Oil Expert
Joined: Oct 2008
Posts: 2,420 |
Hmmm...My computer also had a crash a week/week and a half ago and I lost everything. It's completely unsaveable now. I was wondering if I picked something up somewhere.  Luckily, it's works computer and it's being replaced with a new one. 
|
|
|
Re: Did this site get compromised?
|
Joined: Jan 2005
Posts: 18,825
"Lighten up, Francis."
|
|
"Lighten up, Francis."
Joined: Jan 2005
Posts: 18,825 |
The homepage is down until further notice (at least a week). The forums should be unaffected.
|
|
|
|
|
