Hi everyone!

I want to update you on the current status of our investigation relative to malware/virus concerns. I also want to assure you that your 350Z admins were on this with our techs from the beginning. Our techs have done a deep search of the site and have not found any evidence that our servers are hosting and serving any virus or malware. We don't believe it's a virus from one of our advertising partners because we are not seeing this issue on any of the other sites. The other possibility is that an infected image has been uploaded, however, we not found any evidence of that at this time.

We need your help by posting a screenshot of any antivirus pop up or other viewing problems. Please include as much information as you can concerning your activities (view page, pic etc) leading up to the virus appearing. Thanks!

Bob..

 

You just stated you couldn't find the issue on this site, and there is obviously something lurking around in here, so I suspect you're not going to see it on your other sites either.

I don't think the 'user injected content' angle is going to pan out.

 

There's a previous post that said it's going on over on G35Driver.......

 

They have tried everything to replicate the problem just without any luck.

You make it sound as if IB created the virus and distributed it or as if they knowingly allowed for this to happen or as if they're just not doing anything. None of us are having these issues anymore, correct? So at the very least, it's temporarily gone which would explain why they can't locate the source.

The IB technicians have been on it and will continue to stay on top of it in case there's another outbreak.


Anyway, for those who may have missed it the first time:

 

This image must be on driver as well then because it's infecting users on G35Driver. I'll take a screen shot of the error code page although I'm sure this won't help. It's just bogging my google chrome and safari down. I did a virus sweep and i'm squeaky clean here. Mostly PC's

 

lol at the spyware doctor ads the forum has now. gotta love how adaptive they are.

 

Can you guys please start posting the links where you are getting flags?

 

__________________
__________________
__________________
__________________

 

I recieved the pop-up earlier this week. I just "X" it out and left it alone. I figured it was BS, because it didn't ressemble my company's traditional anti-virus pop-ups. Never saw it again or had any problems with my work PC...

 

Not at all. IB is as much a victim of this as the members. I already stated that I believe it is the ultimate responsibility of the user to harden their browsers. You are as likely to get this ANYWHERE else on the web. I still believe it was served thru the ad network. It is getting quite common. However, most sites are much more responsive in protecting their users. That is my only criticism, the massive delay. And no, I dont mean from Mods. Most of what I posted was trying to help users.

I'll be busy this weekend helping clean up (fresh install) some member's PCs so, this does actually affect me, even tho my machine has not been exploited because I run noscript and ABP.

 

Take a screenshot of the full page if you get a flag as well...

 

damn, I didnt expect this to happen when I made this thread. I could have sworn this issue had been brought up before ever mentioned it.

 

The one that popped up on me 2 or 3 times was the windows defender virus. I was looking in the classified section (Turbo, nitrous or engine or tuning under 350Z section)and the browser was redirected to the site that popped up the scanning of the computer saying windows defender. I hit cntrl alt delete and ended the process of the IE browser. That was my experience. Just scanned the computer and did the windows essentials and everything seems fine.

I guess the Anti virus people need money again. lol

 

I had a virus for 1 week due to this site.. Just got it back up and running.... FTMFL...

 

Why? It doesn't matter what page you are viewing. It matters what ad you get.

 

I went ahead and did this using XP SP3 but couldn't duplicate the problem, not to say it doesn't exist 'cause clearly it does. I had no AV or ad/script blocker running on this tester. It was just open for anything to try anything. I also installed all necessary components to play videos from Youtube and Streetfire.

 

The screenshot will have the ad in it along with the exact virus name. Not that ads have been confirmed as the portal yet.

 

Haven't been able to duplicate it lately.....

 

the browser was redirected to the site that popped up the scanning of the computer saying windows defender.
There is no chance of getting a screen shot before it was too late.

It happened when I switched to a new page, for example:
Viewing page 3 in my350z.com/forum/tuning/utec information/page=3 then I clicked to switch to page 2 and as soon as page 2 loaded, it would redirect the browser immediatly to a new website, phished website, showing windows defender software and animated scanning, (looks real time) of the fake software almost like an animated gif or flash movie.
You would have to screen shot every page for it to ever have a chance to work and the redirect was so fast that you would have switched pages before you had a chance to get the image. Just so your software guys know what was happening. If it was an ad then it was redirecting the client computer on load of the new page. Probably done using a javascript or some other script running on page load command.
Hope that helps.

 

OK I see what you guys are saying now. I think I got something different, because my AV flagged it and displayed a message of the threat that was blocked.