I had a few problems a couple of weeks ago accessing tMP from both home and at work because of possible viruses. I'm still getting warnings at home but all seems clear at work now!
I had a few problems a couple of weeks ago accessing tMP from both home and at work because of possible viruses. I'm still getting warnings at home but all seems clear at work now!
Me too. It took my work PC out for a whole day last week (which didn't go down well!) so I've been avoiding. The Norton on my home laptop is still flagging it as unsafe today...... not goodOriginally Posted by Lucy V
Alex
my posts are my views only, I am not speaking for my band or any other organisation
Flagged again today by AVG: Exploit Blackhole Exploit Kit (type 200129.121.128.110/Home/index.php
Sort it out tMP you are trying to shaft my pc too!!!
Martin Hall
Err excuse me! We've already stated several times now that there is no threat to your computer from tMP. We have run diagnositics on our servers and everything has come back clear. We've checked and re-checked for any threat and there simply isn't one.
So no, we are not trying to 'shaft' your computer - as we have already said. Next time, how about thinking before you start banding acusations like that around?
Ian Hayto | Flugel | Enderby Band
Be interested to know what people are using/running when they access tmp and get these warnings, might give a clue as to the cause? There are many known exploits in (for example) Internet Explorer which can allow nasties to infect which have nothing to do with the site visited.
FWIW I use Firefox 4 with NoScript and AdBlock Plus, on Windows XP, run Comodo Internet Security and Threatfire, scan with Malwarebytes, and have never had a problem with tMP.
Cenosillicaphobic undergoing treatment
Andy Pullin
Principal Cornet, Eccleston Band.
http://www.ecclestonbrass.co.uk/
IE9 doesn't seem to have a problem - so far.
Looks like a job for Windows Update...
Andrew Baker
Kaspersky antivirus is picking it up. It is the 'Windows Recovery' malware and it is being found at the web address 129(dot)121(dot)128(dot)110/Home/...won't print the full address incase people click on it. I know this IP isn't TMP's IP but there is something on your homepage, maybe an ad, that every so often tries to open this IP.
Malware / virus alerts from tMP
Despite your reassurance that tMP is "clean", I am still getting alerts!! Points to note:
So how to reconcile your statement that your servers are clean, yet many users are receiving virus / malware alerts?? It has already been noted in this thread that:
- I AM ONLY GETTING ALERTS ON VISITING tMP - and on no other sites
- This only happens occasionally - not every time
- The latest alert is shown in the attached screenshot... detected by AVG 10.0.1209, virus database version 1500/3611.
- It is also picked up by MalwareBytes 1.50.1.1100 database version 6496
Files Infected:
c:\Users\....\AppData\Local\Temp\jar_cache10874010 49578954379.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.- I am running Internet Explorer 8.0.6001.19048; Windows Vista SP2 with all patches / security updates applied
Scanning the server itself apparently gives a clean bill of health; browsing can occasionally - but not always - give virus / malware alerts. The adverts change - perhaps there is just a single (or possibly a combination of) advert pointing to a rogue site.
- post #25 mentions embedded links to malicious sites
- post #30 suggests that the Adverts frames on the Home Page
(Note too, that the above MalwareBytes alert is to a Java executable; not all users will have Java enabled, therefore may not be susceptible to this problem....)
It is not sufficient for tMP to state that its servers are clean; you may also need to ensure that scripts giving scrolling / changing graphics linking to sponsors are beyond question....
HTH...
I run Kaspersky on my PC at home, and it has never picked up any problem relating to tMP. It's Windows XP, and everything is fine under each of IE8, FF3, and Chrome.
I haven't had any warnings either, on different PCs, with different Windows-versions and different virusscanners (but always using Firefox, release 3 or 4).
The three adds on the right side of the screen are, afaik, only animated gifs with a hyperlink. They have been on the site for quite a long time already ("the new 2009/2010 brochure" ????).
What else could it be? the Twitter app? the Paypal link?
Apparently there is a link to suspicious server with IP address 129.121.128.110. I have looked through the source code of several forum pages, but can't find this link
I found this though the website http://safeweb.norton.com/safety?ulang=eng, but they are not clear at all about what they mean with "Embedded Link To Malicious Site". I've looked around on Google a bit, and I found several other websites that colmplaiend about "false positives" from Norton as well.
embedded links within tMp will most likely have the URL and not the IP address .
This may be relevant - particularly the bit about conditional redirects (where the dodgy redirect only happens under certain conditions).
http://redleg-redleg.blogspot.com/20...ious-site.html
Cenosillicaphobic undergoing treatment
Andy Pullin
Principal Cornet, Eccleston Band.
http://www.ecclestonbrass.co.uk/
I havent had any warnings either - but I still got the virus. It came straight past AVG without so much as a by-your-leave. Same 'windows defender/protector sort of virus that's been mentioned on the thread before.
I have to say - without any hint of malice (I know you guys are doing your damndest to make sure TMp is clean) it definitely came down from somewhere on this site too. I'd been happily sibeliussing away for a couple of hours, and (thankfully) saved mystuff and decided to check my subscribed threads. Boom. Pop-ups, errors, disappearing files, the whole nine yards.
I've since given AVG the heave-ho (useless sack of old iron that it was) and invested in Kaspersky - which took it's time but threw it out.... and found a shedload of other spyware cookies that AVG had been ignoring for months....
Andi Cook: BBb Bass - Hebden Bridge
Composer in Residence - Skelmanthorpe
Find me at www.penninemusic.com and www.kirkleesmusic.co.uk
Got a piece you want arranging? Email thirteen_ball_music@yahoo.co.uk or tweet @13BallMusic to discuss...
if there's anyone who can definitely say which link on the website is referring to this supposedly malicious, please let us know, so we can take care of removing the add or whatever is causing it.
All the other speculations aren't really helping us further...
Posting Permissions
Reply With Quote