Security Issues...........

[sunshine]

My Norton is not happy with the site at the moment - Site is unsafe but then says there are no threats?

Mine shows exactly the same. Norton gives details for 6 threats that are caused by tMP being "embedded" to a dangerous site. I'm a bit of a computer numpty and don't really understand what embedded means. Is it possible for tMP to break links from this dangerous site?

[Janet Watkins]

I am unhappy about accessing tMP from my Windows PC. I had a few 'pop-up' threats as mentioned on the previous page which were picked up by AVG. (similar to screenshot in #12)

I cannot say with any certain that this website was responsible, but last week after accessing tMP on my Windows PC I had another warning which I thought I had dealt with in the right way. Shortly after this 'all hell broke loose' with spurious warning messages popping up every few seconds. I had caught the 'Windows Restore' virus!

Thankfully I kept a reasonably calm head, did the research using my trusty Asus EEE netbook which runs using Firefox under Linux Xandros and set about repairing the damage.

Several hours passed at my PC registry editting, running virus scanners and unhiding all the files and folders which 'disappeared'. I think it is all back to normal, but I refuse to access tMP from it at the moment!

It may have been totally unconnected to tMP but I am not prepared to take the risk at present.

[Pauli Walnuts]

John: whilst the site may be free of viruses, can you be certain that every single advertiser doesn't have links to other sites that may be considered malicious?

Also, SQL Injection attacks are not just the domain of viruses.

What should be more interesting is where in the site is there a link to the ip address that a number of people have reported?

[TheMusicMan]

John: whilst the site may be free of viruses, can you be certain that every single advertiser doesn't have links to other sites that may be considered malicious?

Also, SQL Injection attacks are not just the domain of viruses.

What should be more interesting is where in the site is there a link to the ip address that a number of people have reported?

How can any site know if there are any embedded & possibly malicious links in another organisations site...?

[andyp]

Google says nothing wrong.....

http://www.google.com/safebrowsing/d...mouthpiece.com

[Pauli Walnuts]

How can any site know if there are any embedded & possibly malicious links in another organisations site...?

I was referring to embedded links in your own site - all of the clickable adverts are embedded links back to the owners site.
As the anti virus warnings have come from 2 respected software tools (Norton & AVG) it might be worth looking at that aspect.
Interestingly, when I've had these warnings about tMp, it has been intermittent - and of course, the banner adverts are variable - different ones each time you load the page so once again, worth starting there.
Finally, many people have added their own embedded links in their signatures - maybe one of those has been compromised.

Just trying to be helpful

[TheMusicMan]

I was referring to embedded links in your own site - all of the clickable adverts are embedded links back to the owners site.
As the anti virus warnings have come from 2 respected software tools (Norton & AVG) it might be worth looking at that aspect.
Interestingly, when I've had these warnings about tMp, it has been intermittent - and of course, the banner adverts are variable - different ones each time you load the page so once again, worth starting there.
Finally, many people have added their own embedded links in their signatures - maybe one of those has been compromised.

Just trying to be helpful

Yep, and I appreciate it, hence asking the question.

None of the adverts are embedded, they are all hosted on the same server - which I have recently had fully checked by the server admins at the data center for all currently known virus's and for any potential security compromises. We came up absolutely 100% clear.

I am not sure about users signatures, that may very well be something to consider.

[TheFopp]

I'm getting the same thing with Kaspersky AV when I open the homepage.

[oleredeye]

I am unhappy about accessing tMP from my Windows PC. I had a few 'pop-up' threats as mentioned on the previous page which were picked up by AVG. (similar to screenshot in #12)

I cannot say with any certain that this website was responsible, but last week after accessing tMP on my Windows PC I had another warning which I thought I had dealt with in the right way. Shortly after this 'all hell broke loose' with spurious warning messages popping up every few seconds. I had caught the 'Windows Restore' virus!

Thankfully I kept a reasonably calm head, did the research using my trusty Asus EEE netbook which runs using Firefox under Linux Xandros and set about repairing the damage.

Several hours passed at my PC registry editting, running virus scanners and unhiding all the files and folders which 'disappeared'. I think it is all back to normal, but I refuse to access tMP from it at the moment!

It may have been totally unconnected to tMP but I am not prepared to take the risk at present.

I, too, caught the "Windows Restore" virus - at the same instant that I entered tMP Home Page.

'All hell broke loose' is a good description; I have now got back to normality by deleting a spurious exe and its entry in the MSConfig startup, running antivirus scans, using (the real) System Restore to revert to a clean configuration, and unhiding all My Documents! A few hours work, and not recommended for the feint-hearted.....

As a result of my prior experience (see post #12), the observations of others, and my clear "cause and effect" infection - I cannot believe that tMP is free from infection or risk!!

**Caveat Windows users**

[sunshine]

My Norton has given me a full report including the actual pages which it says has unsafe links. (See below). For obvious reasons I'm not going to click on the links, but maybe one of the mods will know which threads/pages the links are referring to.

Threat Report

Total threats found: 6

Embedded Link To Malicious Site (what's this?) Threats found: 6
Here is a complete list: (for more information about a specific threat, click on the Threat Name below)
Threat Name: Embedded link to malicious site 129.121.128.110 Location: http://www.themouthpiece.com/vb/show...oto=nextnewest



Threat Name: Embedded link to malicious site 129.121.128.110 Location: http://www.themouthpiece.com/vb/newr...ote=1&p=662821



Threat Name: Embedded link to malicious site 129.121.128.110 Location: http://www.themouthpiece.com/vb/send...friend&t=44322



Threat Name: Embedded link to malicious site 129.121.128.110 Location: http://www.themouthpiece.com/vb/showthread.php?t=35129



Threat Name: Embedded link to malicious site 129.121.128.110 Location: http://www.themouthpiece.com/vb/showthread.php?t=43354



Threat Name: Embedded link to malicious site 129.121.128.110 Location: http://www.themouthpiece.com/

[Ianroberts]

I run AVG at work, and at home. Avg at home will not let me access the site, but im free as a bird to log on here at work !

[Pauli Walnuts]

129.121.128.110 is currently a wordpress blog in Thai so I doubt any tMp advertiser is linked to it.

Also, for those on AVG - it is probably the Linkscanner tool that is detecting potential malicious links. It may be that the version you have at work hasn't got that enabled.

[phildriscoll]

129.121.128.110 is a server at OSO technologies, a hosting company in the USA. It could have many websites on it accessed via individual virtual host names, in addition to the wordpress site you see by accessing the IP address directly.

[Lucy V]

I too got a virus the moment I logged into tMp a couple of weeks ago, in fact this is the first time I've visited the site since, I've been deliberately avoiding it so as not to have to go through and sort out all the virus problems again.

Today I thought I would try again hoping that in the meantime it would have been sorted but my Norton has reported it as an unsafe site with the same 6 issues that are listed above.

It clearly is an issue which needs to be sorted asap.

Lucy
______________________________________________

[P_S_Price]

Is it possible that it might be the rolling threads dialogue at the top of the Adds Frame?

This was appearing normally until recently, but in the office it now does not appear, and is marked as a Crossed out image. I suspect that the corporate Firewall is cutting this out; and it may be doing so if it contains something suspect.