![]() |
|
Thread Tools |
#1
|
||||
|
||||
Malware warning issue
I'm getting a malware warning when I click on links in the forum.
An example would be in this thread: http://www.minibuggy.net/forum/proje...tml#post321638 If I click on the link (which I know is okay), I get a Google Malware Website Warning - bright red screen. If I click on the show details button it tells me: Current status: Partially dangerous Some pages on www.minibuggy.net are not safe to visit right now. It also shows: Site Safety Details Some pages on this website send visitors to the following dangerous websites: anesthesia books.co*. I've broken up the URL a tad, just to make sure it doesn't mess this up. It looks like I'm not the only one on the site having the issue. I put up a thread to see if anyone else was having the problem and it seems to be across the board: http://www.minibuggy.net/forum/minib...ick-links.html ![]() Anyone have thoughts on this or would be interested in helping me out? Thanks in advance No members have liked this post.
|
#2
|
|||
|
|||
I checked the site in Chrome but I do not see the malware error (with the malware error warning enabled in Chrome's settings). I've seen something like this before when someone embedded a picture from a malicious site so in your case it might be because someone embedded an image from that anesthesia site.
Worst case you have malware on your server or infected files. It's hard to say from our end.
__________________
https://technidev.com - security, development, exploits, vBulletin
dave[at]technidev[dot]com Contact me for custom vBulletin 3/4 work & server/website management. No members have liked this post.
|
#3
|
||||
|
||||
Odd, I'm not getting any warning either. I clicked around on the site and never got the warning.
Are they only getting it when logged in?
__________________
Former vBulletin.org Staff Member
Try a search before posting for help. Many users won't, and don't, help if the question has been answered several times before. W3Schools - Online vBulletin Manual If I post some CSS and don't say where it goes, put it in the additional.css template. I will NOT help via PM (you will be directed to post in the forums for help.) No members have liked this post.
|
#4
|
||||
|
||||
You look good here..
https://sitecheck.sucuri.net/results/www.minibuggy.net/ Usually if you see that warning in a Google search result there is a little link there to submit a review. Have google review and if they find malware on your site they will tell you through Google Webmaster Tools.
__________________
No members have liked this post.
|
#5
|
||||||||
|
||||||||
I assume this
is the result of a link anonymizer/redirecter (dbseo?)? Maybe start by searching your post table in phpmyadmin to find the link to the actual bad site:
--------------- Added 18 Dec 2016 at 09:38 --------------- Also, I got a filestore72.info hit on a link from a google site search... No members have liked this post.
|
#6
|
||||
|
||||
It's interesting how some people get the malware warning and others do not. I've seen the same with a post on the forum asking "Anyone getting this?" Some do, some don't and it doesn't seem to be any particular, or not, browser.
I'll go give the ideas you've put up a try. Thanks! No members have liked this post.
|
#7
|
|||
|
|||
I've seen the filestore72.info malware before. It supposedly only executes when someone comes from a search engine and I believe it infects the datastore cache. It's a pain to get rid of it. It creates a cookie so people will only see it once.
Check all of your plugins and hooks and I recommend overwriting all vbulletin files with fresh files downloaded from vbulletin.com.
__________________
https://technidev.com - security, development, exploits, vBulletin
dave[at]technidev[dot]com Contact me for custom vBulletin 3/4 work & server/website management. No members have liked this post.
|
#8
|
||||
|
||||
Yes, TheLastSuperman has written an extensive guide to disinfecting your forum of filestore72
https://www.vbulletin.com/forum/foru...lestore72-info https://clients.urljet.com/knowledge...version-2.html https://clients.urljet.com/knowledge...e123-Hack.html No members have liked this post.
|
#9
|
|||
|
|||
Originally Posted by Dave
The research I did when our MB was infected said that the cookie keeps the redirect from happening for THAT USER/BROWSER more than once PER DAY. And that's what seemed to happen for me. It made it nearly impossible to track. If I'd seen the redirect from ONE infected post, other infected posts didn't redirect because I'd seen it that day from the other post. But the next day, I'd see the redirect - exactly once.
![]()
No members have liked this post.
Last edited by Bill Stuntz; 19 Dec 2016 at 01:53. |
#10
|
||||
|
||||
I had my server provider (Liquid Web) do a search and they're finding nothing.
Originally Posted by Liquid Web
I need to submit to Google that the site's all right - but I'm having issues.
Google wants me to upload a file into the main directory of the site, but I can't for the life of me figure out where that is:
Originally Posted by Google
I have the file downloaded and ready to install, but I can't figure out where to put it.
I've been all through the file manager and can't figure out where I'm supposed to put the file. Anyone have thoughts on how to find it? I realize this is a basic request but it's stifled me. I've worked on using FileZilla to upload but I can't get it to talk to the server. Arrrggghhh. ![]() No members have liked this post.
|
#11
|
||||
|
||||
Just upload it to the root of your domain.. Google just needs to find that file to verify you own the site.
public_html/ --------------- Added 07 Jan 2017 at 12:06 ---------------
Originally Posted by Bill Stuntz
You do not need to track it. All you need to do is search your entire site for the code and remove it all and there are tell tale signs for myfilestore.![]()
Once clean you have to change all your log ins and implement some security measures..
__________________
No members have liked this post.
Last edited by RichieBoy67; 07 Jan 2017 at 18:01. |
#12
|
||||
|
||||
Originally Posted by K-fab
Your site is far from alright; there is still the filestor72 problem.
![]()
No members have liked this post.
|
![]() |
«
Previous Thread
|
Next Thread
»
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
Thread Tools | |
|
|
New To Site? | Need Help? |
All times are GMT. The time now is 06:56.