the store for all your blade, costuming (in any regard), leather (also in any regard), and steel craft needs.www.facebook.com/tdhshop
yes, this really is how we make our living.
All,
We need URLs from the site where the attacks are coming from; otherwise, there's nothing to connect the two. Thanks for your help.
Ravenlord, here's what our host had to say about this - if you (or anyone else affected) could supply the bolded information, we would greatly appreciate it. Thanks in advance.
Hello,
I have checked the server in detail. I could find that the URL "http://www.redszone.com/forums/showthread.php?t=93571" is being served by accessing the database.
I have checked the tables corresponding to the thread 93571. But I could not find any attachments or suspicious files that are linked to it. Please see the corresponding table pasted below.
--
mysql> select * from thread where threadid=93571;
+----------+---------------------------------------+------------+---------+--------+------+------------+--------------+------------+------------+------------+------------+-------+--------+-------+---------+--------+---------+-----------+--------+-------------+-------------+-----------------------------------+----------+----------+-------------+--------------+------------+--------+----------+----------------+
| threadid | title | lastpost | forumid | pollid | open | replycount | postusername | postuserid | lastposter | dateline | lastedit | views | iconid | notes | visible | sticky | votenum | votetotal | attach | closereason | firstpostid | similar | rss_feed | rss_date | hiddencount | deletedcount | lastpostid |wrdate | prefixid | taglist |
+----------+---------------------------------------+------------+---------+--------+------+------------+--------------+------------+------------+------------+------------+-------+--------+-------+---------+--------+---------+-----------+--------+-------------+-------------+-----------------------------------+----------+----------+-------------+--------------+------------+--------+----------+----------------+
| 93571 | Drew Stubbs is the perfect #8 hitter. | 1326948915 | 7 | 0 | 1 | 17 | WebScorpion | 28 | Ravenlord | 1326849525 | 1326860498 | 749 | 0 | | 1 | 0 | 0 | 0 | 0 | | 2526149 | 87133, 80390, 68946, 78719, 48675 | 0 | | 0 | 0 | 2526762 | | | lineup, stubbs |
+----------+---------------------------------------+------------+---------+--------+------+------------+--------------+------------+------------+------------+------------+-------+--------+-------+---------+--------+---------+-----------+--------+-------------+-------------+-----------------------------------+----------+----------+-------------+--------------+------------+--------+----------+----------------+
--
But I am still not sure about some of the values in the table. Can you please get back to us with the details of the malware that was detected by the antivirus ? This data would be available with the detection report of the antivirus.
Also please discuss this issue with a database programmer as the issue goes deeper in to the codes, we are facing more limitations.
Thank you for the understanding.
I have a fresh install of windows 7, running symantec anti virus and have had no issues whatsoever. all my antivirus is up to date.
Dubito Ergo Cogito Ergo Sum.
info sent, hope it works.
the store for all your blade, costuming (in any regard), leather (also in any regard), and steel craft needs.www.facebook.com/tdhshop
yes, this really is how we make our living.
I don't know if this is actually much help but this is what sophos just just flagged:
Virus/spyware 'Mal/Iframe-X' has been detected in "http://www.redszone.com/forums/clientscript/vbulletin_menu.php".
"This isn’t stats vs scouts - this is stats and scouts working together, building an organization that blends the best of both worlds. This is the blueprint for how a baseball organization should be run. And, whether the baseball men of the 20th century like it or not, this is where baseball is going."---Dave Cameron, U.S.S. Mariner
I've confirmed that was a malicious file and it has been removed. Please let me know if this continues, and if so, the URL(s).
I had one about a month ago - trojan got in and I have Windows 7 and McAfee - got the one where it takes over all your IE pages and asks you to install "Win7 security" or something, nasty little bugger.
Had to call McAfee and get it scrubbed, and they updated their database. Yikes.
Definitely had to do with ads. Ah well, yet another reason to pay the site fee - I figure I've broken even, given that I hadn't posted in awhile ;-)!
PEACE
-BLEEDS
I think that in a year or two, one of these guys - Frazier, Dorn, Valaika, Cumberland, Stubbs - will be ready to replace Dunn. They won't hit as many home runs as Dunn, but they should have similar OPS. - 757690, July 22, 2008
Alonso will be playing 1B for the REDS and batting 4th one year from today. - Kingspoint, July 9, 2009
Board Moderators may, at their discretion and judgment, delete and/or edit any messages that violate any of the following guidelines: 1. Explicit references to alleged illegal or unlawful acts. 2. Graphic sexual descriptions. 3. Racial or ethnic slurs. 4. Use of edgy language (including masked profanity). 5. Direct personal attacks, flames, fights, trolling, baiting, name-calling, general nuisance, excessive player criticism or anything along those lines. 6. Posting spam. 7. Each person may have only one user account. It is fine to be critical here - that's what this board is for. But let's not beat a subject or a player to death, please. |