Announcement

Collapse
No announcement yet.

I need to find out what is going on with this malware

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • I need to find out what is going on with this malware

    I need ideas as to why this malware is still an issue because I need to get it resolved. I haven't had even one instance of this shit since the board started or teamskip.net started and I am having issues almost every week including today.

    Is there some fuck up that is doing this on purpose? It was the teamskip site the last few times so I assume that is the issue again but I don't know until Creator checks it out. Still, is it somebody doing something to the site, itself, or can you report the site and have this kind of an impact if someone wanted to?

    I wonder about this after the bullshit about the Body By Vii crap supplement/MLM scheme we were talking about last month because it started right after that. I wonder if someone was pissed because their fake income they felt was in jeopardy because I ripped that shitty scheme apart. I can't think of anything else.

    Thoughts?

    Skip


    Facebook: Skip Hill
    Instagram: @intensemuscle
    YouTube: TEAMSKIP
    TikTok: @intensemuscle


    For Training Inquiries: [email protected]

    Use discount code "SKIP" and get your TEAM SKIP protein here: www.TrueNutrition.com/TEAMSKIPblend

  • #2
    Skip,

    Not to familiar with the issues you are experiencing, but here are some thoughts:

    When and where does this message appear? In order to check for suspected files go to AdminCP -> Maintenance -> Diagnostics -> Suspect File Versions. Do you get any messages when running this function?

    Also: If you believe you got hacked, then change all your passwords and ask your hoster from where the attack came and what has been done.

    When you got this message from any webmaster tool then you might be a victim of cross-site contamination and once you remove the offending links/ads/content you can get it re-evaluated and everything should be fine again.

    Best regards

    Comment


    • #3
      It's definitely someone doing it, because there were strange inserts into the html, weird folders that shouldn't be there, etc.
      PM me to discuss website/video/dvd etc. related work.

      Comment


      • #4
        I haven't seen anything odd....feel left out.
        2005 HOA Natural Classic
        2006 OCB Midwest
        2007 ABA Natural Illinois
        2008 HOA Natural Classic
        2011
        NPC Mid-Illinois
        NPC Midwest Open
        NPC Natural Grand Prix
        2012 NGA Clash of the Titans
        2013
        USPA Illinois State
        NGA Heart of America
        NGA Clash of the Titans




        SAVE 5% ON YOUR NEXT ORDER FROM www.truenutrition.com order - Use Code RHB606

        Comment


        • #5
          I honestly don't know this stuff because I am retarded when it comes to this shit. Redskull and Creator are on it. I don't doubt it can be fixed but I am curious as to how it is happening in the first place. I don't gt how someone is gaining access to do this.

          Skip
          Originally posted by jrf0104 View Post
          Skip,

          Not to familiar with the issues you are experiencing, but here are some thoughts:

          When and where does this message appear? In order to check for suspected files go to AdminCP -> Maintenance -> Diagnostics -> Suspect File Versions. Do you get any messages when running this function?

          Also: If you believe you got hacked, then change all your passwords and ask your hoster from where the attack came and what has been done.

          When you got this message from any webmaster tool then you might be a victim of cross-site contamination and once you remove the offending links/ads/content you can get it re-evaluated and everything should be fine again.

          Best regards


          Facebook: Skip Hill
          Instagram: @intensemuscle
          YouTube: TEAMSKIP
          TikTok: @intensemuscle


          For Training Inquiries: [email protected]

          Use discount code "SKIP" and get your TEAM SKIP protein here: www.TrueNutrition.com/TEAMSKIPblend

          Comment


          • #6
            Any new members that joined around the time this started happening ?


            I dunno much about this, however I used to moderate a paintball board a couple of years ago, usually when something like this happened it always was:

            A) Someone purposely doing it

            B) Someone with access to the VBulletin account spreading the malware accidentaly (uploading data through a contaminated PC) or on purpose.


            It's really weird because I use boatload of anti-malware/adware software and besides the browser warning I never actually got anything from this site.


            ProM and some other boards were having this same malware problem a couple of weeks ago if I remember it well.
            "If you're ready to do DC, you're not gonna give a flying f*(k about fatigue from the previous exercise. You get under the bar and kill it, each and every time." - homonunculus

            "Nothing better than coming to IM and seeing a Wall of Text next to that big Tricep pic." - Lonnie123

            “Hateful to me as the gates of Hades is that man who hides one thing in his heart and speaks another.” - Homer

            The scale doesn't show a number. When he steps on it, it simply reads: Big Mother Fucker. - Skip

            Comment


            • #7
              Redskull,

              Securing vBulletin/vBSEO, and stopping those reinfections

              Have you updated IM with the latest patches? If you are not updated, you are still open to being reinfected.

              Once you are updated and the malware has been removed (also check for backdoors and change your passwords), the reinfections should stop. If they do not, you have to check your PHP settings. You have to make sure that register_globals is set to “off” on php.ini:

              The solution is disabling Register Global on your server More on register_globals: PHP: Using Register Globals – Manual

              It is strongly advise everyone to contact your host and make sure to disable Register Global within PHP!
              Last edited by jrf0104; 10-25-2012, 07:07 PM.

              Comment


              • #8
                I got the browser prompt about malware today, I'm using google chrome.

                It's based on content from teamskip apparently. Just letting you know that it's still an ongoing problem.

                Comment


                • #9
                  Creator is on it and said he will find the issue and fix it so that it isn't a recurring thing. I hope he can. It is getting old.

                  Skip


                  Facebook: Skip Hill
                  Instagram: @intensemuscle
                  YouTube: TEAMSKIP
                  TikTok: @intensemuscle


                  For Training Inquiries: [email protected]

                  Use discount code "SKIP" and get your TEAM SKIP protein here: www.TrueNutrition.com/TEAMSKIPblend

                  Comment


                  • #10
                    Originally posted by jrf0104 View Post
                    Redskull,

                    Securing vBulletin/vBSEO, and stopping those reinfections

                    Have you updated IM with the latest patches? If you are not updated, you are still open to being reinfected.

                    Once you are updated and the malware has been removed (also check for backdoors and change your passwords), the reinfections should stop. If they do not, you have to check your PHP settings. You have to make sure that register_globals is set to “off” on php.ini:

                    The solution is disabling Register Global on your server More on register_globals: PHP: Using Register Globals – Manual

                    It is strongly advise everyone to contact your host and make sure to disable Register Global within PHP!
                    Thanks for the info. I don't have access to that stuff, but I'll bump this so creator can see it.
                    PM me to discuss website/video/dvd etc. related work.

                    Comment


                    • #11
                      Its not IM.

                      Its teamskip.net and has been isolated to this domain. I have removed any direct references to teamskip.net which will prevent the warning from appearing for IM. Since IM is fine and secure.
                      Official Web Designer of Intensemuscle.com :peace:

                      Advocate for Socially Relevant Search Engine -http://theenginuity.com

                      Comment


                      • #12
                        Originally posted by Creator_11 View Post
                        Its not IM.

                        Its teamskip.net and has been isolated to this domain. I have removed any direct references to teamskip.net which will prevent the warning from appearing for IM. Since IM is fine and secure.
                        just got it when I logged on 5 min ago. Using Chrome
                        Lets get serious. Lets get ugly. Beat the logbook - Gollum
                        BEAT YOUR FREAKING LOGBOOK! That's what you should be worrying about - DC

                        It has everything to do with what you put in your mouth. Stop putting unhealthy shit in your mouth - trucelt

                        Save 5% at TrueProtein.com - snc768

                        Comment


                        • #13
                          Originally posted by Glyder View Post
                          just got it when I logged on 5 min ago. Using Chrome
                          Same here, same browser.

                          Comment


                          • #14
                            Originally posted by Glyder View Post
                            just got it when I logged on 5 min ago. Using Chrome
                            this is due to teamskip links still existing on the site. Teamskip is currently being fixed.
                            :typing:
                            Official Web Designer of Intensemuscle.com :peace:

                            Advocate for Socially Relevant Search Engine -http://theenginuity.com

                            Comment


                            • #15
                              I was actually getting a pop up on my iPhone last week, something about not recognizing the page and it possibly being harmful. It's since cleared up but it was the first time that had happened on any site.

                              Comment

                              Working...
                              X