Is there a virus on this website?

News: Registration is free here at the CPMF!

Hello fellow members...

I am not sure if it's just me... but has anyone noticed an "active x" control pop-up on certain screens on this website?  It says that it wants to download some Microsoft data retrieving info software into my computer (something like that).   I've tried three different computers, and all have the same issue.  All the virus scanners on my computers all pop-up indicating a harmful virus was blocked.   

It sometimes on this website, and sometimes not... not sure if there's something or someone that was able to hack into this site...

Has anyone noticed this?

Thanks,

Michael 

Michael,

I have had no pop ups appear or any warnings from my McAfee Software.

Hope this helps.

Michael:
Yes, it was on last mid-night.  But I have McAfee internet security installed on my computer, it automatically let me to turn it down.  I didn't read it in detail but McAfee site advisor indicated that the site (or the link that I click) was phishing or scams and trying to steal some user information.  I can't remember exactly the link but the post I guess was between yesterday afternoon and mid-night.  Probably the link was hacked.

Now, it is okay for me.

Yuman

Yep,Trend Micro caught it on my work comp.

I had an active X object try to load. The website that was loading in behind was saying "Your computer may be infected, blah, blah". When I closed the window it never came back. My Mcafee anti-virus did pick it up. This site puts a cookie on the computer when you log in. Those cookies can be traced by other sites and trigger the behavior described. Having never seen this happen here on this site, I wonder if the tracking cookie given at login has been changed. 

If you do have any concerns, delete your cookies and login again. Maybe choose 24 hours for the period to see if the  cookie expires as designed.

I use Kaspersky, and it just told me there is a malicious trojan script running on this forum. I have never seen this before.

I had an active X object try to load. The website that was loading in behind was saying "Your computer may be infected, blah, blah". When I closed the window it never came back. My Mcafee anti-virus did pick it up. This site puts a cookie on the computer when you log in. Those cookies can be traced by other sites and trigger the behavior described. Having never seen this happen here on this site, I wonder if the tracking cookie given at login has been changed. 

If you do have any concerns, delete your cookies and login again. Maybe choose 24 hours for the period to see if the  cookie expires as designed.

Basically just got the same Active X pain. my PC Spyware just picked it up on this site. Got the same Pop-in virus claim, I did the same thing by closing it down then did a very thourough scan before coming back on. I use NOD32 Antivirus.

Yes, I was on the site about half an hour ago and when I left the site, my Norton Firewall blocked an high risk intrusion attempt.

What URLs are generating this problem? Is it on ALL pages, or only some? Has anyone who has seen this been able to narrow down the source of the problem?

I had a problem when I tried to reply to the grading poll question.

I had it happen to me twice when I went into 4 miscut 20s on Ebay. It said a Trojan horse had been detected. It happened about 8am EST this morning.

I'm not seeing anything strange. Can you guys please take screenshots of all these alerts and email them to me? bwjm@cdnpapermoney.com. Please include the page you were at (ie: full URL) when you got the message.
Thanks!

There is a hit and miss on this virus...  in most cases, when you logout or have not logged in, that's where this virus hits...

When you scroll your cursor or mouse over the links... you will see the following:
http://www.cdnpapermoney.com/forum/index.php?PHPSESSID=7bbc149d80fd07cccaf0b2b2631e9276
(the website address when you drag your cursor over buttons or links will show on the bottom left side of the Internet Explorer window). 

I have no idea what that PHPSESSID is... but, what I know is that it's on all the address links after the Canadian papermoney website's address.  Whenever you click any of the links to any subjects ... your computer seizes up a bit, the "active x control" pops up on the window, and states:  "This website want to run the following add on:  'Microsoft  Data Access-Remote, Data Services Dat...' from Microsoft Corp.  If you trust the website and add on and want to allow it to run, click here..."   While this is running, the virus scanners pops up to indicate a known virus is blocked, and when you try to close the window... sometimes your computer freezes...

I WOULD ADVISE, DO NOT CLICK THIS...  as it's going to install something on your computer which can be permanent... and perhaps can track what your passwords, etc., are on PayPal, your banking website, etc... 

I hope this helps. 

Michael

I found this website, trying to search this "Microsoft Remote Access Data Services.." 

This is an EXCELLENT little article showing the real website vs... a fake website:

http://msmvps.com/blogs/hostsnews/archive/2007/09/13/can-you-spot-the-fake.aspx

So Brent, I think this website has been attacked by some scrupulious person... and there's some debugging that someone's going to do...

Michael

Yes, this has also haeppened to me twice over the last few days.  Very frustrating.  I tried to open the polls last nite when it hit me again.  The earlier time when I clicked to access/open the forum it would just not open at all.  I restarted the computer and then it did open without trouble.  I will look more closely next time and get details.