Anyone else getting virus attacks from this site?

[Shampoo]

Anyone else getting hit by virus attacks from this site yesterday? My whole computer is down doing some "boot scan". Scan is showing trojans came from threads on this site. Says "infected by JS: Decode-BUP [Trj]. Came from thread titled "need suggestions hair transplant new patient". I am typing this all on my i-phone.

[london81]

Yes, I've had a few recently when first clicking on the site, thankfully my anti virus blocks it. Only when I first click on a link then it seems to stop.

[Shampoo]

London81....i guess my Avast anti-virus caught it and went into "boot scan" mode.

[Blake Bloxham]

Hi Guys,

 

This is the first I'm hearing about this issue. I'm forwarding the information to Bill and our Webmaster immediately. I apologize for any inconvenience this caused. If you have any additional information, please send me a private message.

 

Thanks!

[Bill - Seemiller]

Shampoo and London,

 

Thanks for bringing this to our attention. While I'm not having any issues accessing the site, we've contacted our webmaster to investigate this issue.

 

Personally, I'm not convinced that the site has a Trojan, especially if only a couple people are experiencing something like this. It's possible your machines are infected with some Trojan/spyware/adware that was coincidentally activated or executed at the same time you connected to our site. That said, we don't want to rule out any possibilities, so we will be thoroughly investigating this.

 

We will keep you posted.

 

Thanks,

 

Bill

[Rootz]

Doesn't really make sense how you could get a trojan from just opening and reading threads. The popular internet browsers out there have pretty good (and basic) security features to prevent this. If the virus scan program you're running is bogus, it could be looking at your internet browsing history and using a random website you visited as cause.

[1978matt]

I get it as well and have done for the last month. It pops up in the corner : "Norton Antivirus blocked .... from accessing your computer" or something. Then I press F5 and the site loads.

[hairthere]

I have an Apple so I have no clue what you're talking about

[Hans - Webmaster]

This is very odd. I am on the site at least twice a day and have not had any issues with warnings at all. I just tested the site on a number of different platforms and browsers and not one warning. Shampoo, I did a search for the thread/post you mention and could not find anything. The closes to that is http://www.hairrestorationnetwork.com/eve/175016-need-suggestions-hair-transplant-doctor.html and that loaded fine with nothing untoward.

 

Those of you who have noticed this, please can you post as much information about your machine.

Operating System and version

Browser used and version

Anti virus application and version.

 

I use the standard Microsoft Security Essentials and found that this is more than adequate protection and am quite fanatical about clean computers. I run some 6 machines and not a single one has had a warning, or notice about a virus.

 

This is disturbing and we do run daily scans of to search for any malicious files or code and I have not seen anything there either.

 

Hope this is something more like a browser hijacker (quite common when visiting pages linked from Facebook).

[TakingThePlunge]

I have not received any such notices. I'm using Norton Security Suite on Windows 7.

[Talukdar]

I think i am secure. I always use internet security on my Laptop. Now i am using Avast internet security.

[Hans - Webmaster]

I have run full scans on all the code and posts in the database, including physical files on the server and have not found anything that presents a security threat to users.

 

I also ran a deep level scan on my own systems and there were no threats, viruses, trojans or hijackers at all. I have not seen any warnings about security when on this site (or any of our related sites) and can be fairly certain that things are safe and secure here.

 

As any user goes, it is always best NOT to click on anything before reading all the related text and then if you are not sure (especially on websites) just close your browser before you click on a suspected bad instruction/link.

 

Typically, these do often appear to look legitimate, but can result on bad things being installed on your machine. Always err on the side of caution.

 

Hope this helps.

[1978matt]

Windows 8

IE10

Norton 360

 

Messages were: Web Attack: "Exploit Toolkit Website 49"

 

The problem seems to have stopped.

norton1.bmp

[Hans - Webmaster]

Hi Matt,

Thanks for the info. I did take a look at Norton's site for this message and it may just be a false positive, as quite a few pages have images linked from services like Photobucket and others, which may have certain scripts that could be seen by Norton as a potential "threat".

 

If I look at the domain showing the traffic source "koleksikelbo.web.id/" , it is a free domain sharing service, where this particular script is lurking. I have done a search in our database and there is no result for this domain in any of the tables, so it may well have been in one or other spammer profile, which has already been removed.

[Shampoo]

Thanks for the help. Like you say it may be on my end. I will let you know if it happens again.