I am unhappy about accessing tMP from my Windows PC. I had a few 'pop-up' threats as mentioned on the previous page which were picked up by AVG. (similar to screenshot in #12)
I cannot say with any certain that this website was responsible, but last week after accessing tMP on my Windows PC I had another warning which I thought I had dealt with in the right way. Shortly after this 'all hell broke loose' with spurious warning messages popping up every few seconds. I had caught the 'Windows Restore' virus!
Thankfully I kept a reasonably calm head, did the research using my trusty Asus EEE netbook which runs using Firefox under Linux Xandros and set about repairing the damage.
Several hours passed at my PC registry editting, running virus scanners and unhiding all the files and folders which 'disappeared'. I think it is all back to normal, but I refuse to access tMP from it at the moment!
It may have been totally unconnected to tMP but I am not prepared to take the risk at present.
Last edited by Janet Watkins; 17.04.2011 at 15:43.
Whitwell Brass Band
**Fourth Section Midlands Area Champions 2009**
John: whilst the site may be free of viruses, can you be certain that every single advertiser doesn't have links to other sites that may be considered malicious?
Also, SQL Injection attacks are not just the domain of viruses.
What should be more interesting is where in the site is there a link to the ip address that a number of people have reported?
Cenosillicaphobic undergoing treatment
Principal Cornet, Eccleston Band.
As the anti virus warnings have come from 2 respected software tools (Norton & AVG) it might be worth looking at that aspect.
Interestingly, when I've had these warnings about tMp, it has been intermittent - and of course, the banner adverts are variable - different ones each time you load the page so once again, worth starting there.
Finally, many people have added their own embedded links in their signatures - maybe one of those has been compromised.
Just trying to be helpful
None of the adverts are embedded, they are all hosted on the same server - which I have recently had fully checked by the server admins at the data center for all currently known virus's and for any potential security compromises. We came up absolutely 100% clear.
I am not sure about users signatures, that may very well be something to consider.
I'm getting the same thing with Kaspersky AV when I open the homepage.
Find my arrangements at Pennine Music Publishing
'All hell broke loose' is a good description; I have now got back to normality by deleting a spurious exe and its entry in the MSConfig startup, running antivirus scans, using (the real) System Restore to revert to a clean configuration, and unhiding all My Documents! A few hours work, and not recommended for the feint-hearted.....
As a result of my prior experience (see post #12), the observations of others, and my clear "cause and effect" infection - I cannot believe that tMP is free from infection or risk!!
**Caveat Windows users**
Euphonium / Webmaster
Bilsdale Silver Band - North Yorkshire
My Norton has given me a full report including the actual pages which it says has unsafe links. (See below). For obvious reasons I'm not going to click on the links, but maybe one of the mods will know which threads/pages the links are referring to.
Total threats found: 6
Embedded Link To Malicious Site (what's this?) Threats found: 6
Here is a complete list: (for more information about a specific threat, click on the Threat Name below)
Threat Name: Embedded link to malicious site 188.8.131.52 Location: http://www.themouthpiece.com/vb/show...oto=nextnewest
Threat Name: Embedded link to malicious site 184.108.40.206 Location: http://www.themouthpiece.com/vb/newr...ote=1&p=662821
Threat Name: Embedded link to malicious site 220.127.116.11 Location: http://www.themouthpiece.com/vb/send...friend&t=44322
Threat Name: Embedded link to malicious site 18.104.22.168 Location: http://www.themouthpiece.com/vb/showthread.php?t=35129
Threat Name: Embedded link to malicious site 22.214.171.124 Location: http://www.themouthpiece.com/vb/showthread.php?t=43354
Threat Name: Embedded link to malicious site 126.96.36.199 Location: http://www.themouthpiece.com/
I run AVG at work, and at home. Avg at home will not let me access the site, but im free as a bird to log on here at work !
188.8.131.52 is currently a wordpress blog in Thai so I doubt any tMp advertiser is linked to it.
Also, for those on AVG - it is probably the Linkscanner tool that is detecting potential malicious links. It may be that the version you have at work hasn't got that enabled.
184.108.40.206 is a server at OSO technologies, a hosting company in the USA. It could have many websites on it accessed via individual virtual host names, in addition to the wordpress site you see by accessing the IP address directly.
I too got a virus the moment I logged into tMp a couple of weeks ago, in fact this is the first time I've visited the site since, I've been deliberately avoiding it so as not to have to go through and sort out all the virus problems again.
Today I thought I would try again hoping that in the meantime it would have been sorted but my Norton has reported it as an unsafe site with the same 6 issues that are listed above.
It clearly is an issue which needs to be sorted asap.
Last edited by Lucy V; 20.04.2011 at 11:32. Reason: typo!
Is it possible that it might be the rolling threads dialogue at the top of the Adds Frame?
This was appearing normally until recently, but in the office it now does not appear, and is marked as a Crossed out image. I suspect that the corporate Firewall is cutting this out; and it may be doing so if it contains something suspect.
Rochdale Salvation Army Band - Solo Horn,
SA CN Divisional Band - 1st Horn
Available for Depping (I'm Cheap me - I play for free) .