Is there a virus on this website?

News: Registration is free here at the CPMF!

OK, I got it to happen once in Internet Explorer, but it has never happened in Firefox. I also cannot seem to reproduce it in Internet Explorer, which is annoying.
As far as I can tell, none of the source files for the website have been modified, but I haven't been able to properly examine this thing in action yet.

OK, I see the stupid thing, but I can't figure out where it's coming from. It's got to be in the source code somewhere, but everything I've looked at seems fine.

What pages are generating this problem? Is it only when you're viewing a topic? Does it happen when viewing a forum, or the main page? PMs?

Hi Brent,

It's EVERYWHERE!!!  It's on the mainpage of cdnpapermoney.com, the forum links to each section, when you post a reply, click the home page, click the help button, and so on....  Not sure if it's affecting PM.   

Hard to recreate the error. I got it twice in a row doing some testing. Both times it happened when I clicked the General bread crumb shortcut at the top of the page. It happened while I was logged in and not logged in on the same link both times. Not sure it's in the code, or a MIME setting in the webservers settings. MIME is a communication that occurs between a web server and browser (IE mostly). This is where the webserver tells the browser what software is required to "see" pages or open specific file types embedded in pages (mpg, avi, pdf). If this is a hosted site, then it is possible that something changed for another site on the server, but the settings were applied across all sites instead of just the site that requires that Active X object.
It is unlikely a virus, but since there are no active x objects on this site, anti-virus software is flagging it as a threat. My next step is to actually install it to see what happens.

I installed the active x object as requested. I've not seen any issuses with the computers (running this on 2 seperate laptops).
I also have not seen any foreign connections appear when I'm using the internet. After the install of active x object, I  updated and ran the following software and all indicated no threats found.

Symantec anti-virus v 10 Enterprise Edition
Spybot Searce and Destroy
Ad Aware Personal

It's either been fixed, or the active x object was not harmful (in my opinion).

Please note: I DO NOT recommend installing this activex control.

From what I have seen, there is definitely malware being returned on random page requests for this website. I do not know where it's coming from, despite spending hours poring over source code.

Hello,

I just became a member and there seems to be problems where ever I go on the site. I had a virus detected (trojan) when trying to become a member but my software took care of it, but when I tried to get into the recent posts my computer hung.   I rebooted and went back in and found this post and again got the virus detected and systems hung. I went back and finally got to post this.  Is this something to do with this specific site right now since I did access the site about 1 week ago as a guest and no problems . I am a little concerned that it is popping up so frequently and causing my computer to hang.
Any info appreciated.
Is is best to stay away from the site until this gets resolved.

ELDIABLO666

Use Firefox and you should not have this problem: www.getfirefox.com.

I am investigating, but this is going to take some time. Please be patient.

How about now? Is anyone getting that damned thing now?

I noticed it for the first time yesterday (Internet Explorer)- Active X controls were trying to load when I clicked a page yesterday so I ran for the Hills. Today seems alright - fullscan on my computer and she's healthy as a horse !!! 

Everything seems to be fine in this end of the world.

Hi Brent,

It seems that the website address, still has that weird PHPSESSID.

http://www.cdnpapermoney.com/forum/index.php?PHPSESSID=19e35906acd129334213a4c0807399f5&topic=6703.msg33425#new

It's a hit or miss on this... it seems that it randomly does this everytime you go into the link or refresh the screen... 

Normally, it should be:

http://www.cdnpapermoney.com/forum/index.php?topic=6703.0 or this:

http://www.cdnpapermoney.com/forum/index.php?topic=6703.msg33426#msg33426

Not sure if this can be corrected.

Disregard the PHPSESSID thing. That's just tracking your session so the server knows it's still you making each request. I would expect that if you enable cookies or something, you should be able to avoid that. If not, no big deal.

I noticed it for the first time yesterday (Internet Explorer)- Active X controls were trying to load when I clicked a page yesterday so I ran for the Hills. Today seems alright - fullscan on my computer and she's healthy as a horse !!! 

 My computer was as healthy as a horse too but a trojan horse! My computer was running rough yesturday I did a virus scan and there was a virus called SHeur.AIGJ in there but I'm not sure were I got it from.

 

I noticed it for the first time yesterday (Internet Explorer)- Active X controls were trying to load when I clicked a page yesterday

Yesterday was the same for me and after 11:30 or so I couldn't open the forum at all.Seems fine now.

I will be installing firefox very soon.

Working good on my end Brent.

Thanks!