speedlimit

Hi everyone!

I want to update you on the current status of our investigation relative to malware/virus concerns. I also want to assure you that your 350Z admins were on this with our techs from the beginning. Our techs have done a deep search of the site and have not found any evidence that our servers are hosting and serving any virus or malware. We don't believe it's a virus from one of our advertising partners because we are not seeing this issue on any of the other sites. The other possibility is that an infected image has been uploaded, however, we not found any evidence of that at this time.

We need your help by posting a screenshot of any antivirus pop up or other viewing problems. Please include as much information as you can concerning your activities (view page, pic etc) leading up to the virus appearing. Thanks!

Bob..

tware

iTrader: (12)

You just stated you couldn't find the issue on this site, and there is obviously something lurking around in here, so I suspect you're not going to see it on your other sites either.

I don't think the 'user injected content' angle is going to pan out.

Driven1

iTrader: (2)

There's a previous post that said it's going on over on G35Driver.......

3hree5ive0ero

iTrader: (95)

They have tried everything to replicate the problem just without any luck.

You make it sound as if IB created the virus and distributed it or as if they knowingly allowed for this to happen or as if they're just not doing anything. None of us are having these issues anymore, correct? So at the very least, it's temporarily gone which would explain why they can't locate the source.

The IB technicians have been on it and will continue to stay on top of it in case there's another outbreak.


Anyway, for those who may have missed it the first time:

Tian

This image must be on driver as well then because it's infecting users on G35Driver. I'll take a screen shot of the error code page although I'm sure this won't help. It's just bogging my google chrome and safari down. I did a virus sweep and i'm squeaky clean here. Mostly PC's

Entaille

iTrader: (16)

lol at the spyware doctor ads the forum has now. gotta love how adaptive they are.

phreaktor

iTrader: (22)

Can you guys please start posting the links where you are getting flags?

3hree5ive0ero

iTrader: (95)

__________________
__________________
__________________
__________________

VO...

iTrader: (25)

I recieved the pop-up earlier this week. I just "X" it out and left it alone. I figured it was BS, because it didn't ressemble my company's traditional anti-virus pop-ups. Never saw it again or had any problems with my work PC...

tware

iTrader: (12)

Not at all. IB is as much a victim of this as the members. I already stated that I believe it is the ultimate responsibility of the user to harden their browsers. You are as likely to get this ANYWHERE else on the web. I still believe it was served thru the ad network. It is getting quite common. However, most sites are much more responsive in protecting their users. That is my only criticism, the massive delay. And no, I dont mean from Mods. Most of what I posted was trying to help users.

I'll be busy this weekend helping clean up (fresh install) some member's PCs so, this does actually affect me, even tho my machine has not been exploited because I run noscript and ABP.

phreaktor

iTrader: (22)

Take a screenshot of the full page if you get a flag as well...

zerafian

iTrader: (24)

damn, I didnt expect this to happen when I made this thread. I could have sworn this issue had been brought up before ever mentioned it.

se-r altima dri

The one that popped up on me 2 or 3 times was the windows defender virus. I was looking in the classified section (Turbo, nitrous or engine or tuning under 350Z section)and the browser was redirected to the site that popped up the scanning of the computer saying windows defender. I hit cntrl alt delete and ended the process of the IE browser. That was my experience. Just scanned the computer and did the windows essentials and everything seems fine.

I guess the Anti virus people need money again. lol

Jay'Z

iTrader: (118)

I had a virus for 1 week due to this site.. Just got it back up and running.... FTMFL...

MDHRZ

iTrader: (14)

Why? It doesn't matter what page you are viewing. It matters what ad you get.

Black Z Eddie

I went ahead and did this using XP SP3 but couldn't duplicate the problem, not to say it doesn't exist 'cause clearly it does. I had no AV or ad/script blocker running on this tester. It was just open for anything to try anything. I also installed all necessary components to play videos from Youtube and Streetfire.

phreaktor

iTrader: (22)

The screenshot will have the ad in it along with the exact virus name. Not that ads have been confirmed as the portal yet.

Driven1

iTrader: (2)

Haven't been able to duplicate it lately.....

se-r altima dri

the browser was redirected to the site that popped up the scanning of the computer saying windows defender.
There is no chance of getting a screen shot before it was too late.

It happened when I switched to a new page, for example:
Viewing page 3 in my350z.com/forum/tuning/utec information/page=3 then I clicked to switch to page 2 and as soon as page 2 loaded, it would redirect the browser immediatly to a new website, phished website, showing windows defender software and animated scanning, (looks real time) of the fake software almost like an animated gif or flash movie.
You would have to screen shot every page for it to ever have a chance to work and the redirect was so fast that you would have switched pages before you had a chance to get the image. Just so your software guys know what was happening. If it was an ad then it was redirecting the client computer on load of the new page. Probably done using a javascript or some other script running on page load command.
Hope that helps.

phreaktor

iTrader: (22)

OK I see what you guys are saying now. I think I got something different, because my AV flagged it and displayed a message of the threat that was blocked.