So the past 2 days I've come to the website, I've been hit with a virus. The root site isn't weezer.com so I think it's advertisements, but you guys need to look into this. The virus is "exploit redkit exploit kit" or something like that.

Views: 654

Reply to This

Replies to This Discussion

Thanks Chombey I was just about to ask the same thing, it's not just you...

I have heavy duty Norton so It gives an immediate notice that it just attacked such and such virus.

Hope it hasn't affected any boardies without anti virus.

i've noticed the random ads once or twice but thought it was just my computer doing something odd. however, i guess that's not  the case being as you guys and blake have noticed something similar. I'll send sarah kim a link to this thread - maybe she can get the ning people to check it out.

I got a similar message from from Symantec when I logged onto the site just now as well. I've been trying to find some specific info for you in the program logs but I can't seem to find anything. :S

Actually, I just found it in the Symantec log. This is what came up when I loaded the site. Hope it's useful in some way:

Event Type: Intrusion Prevention
Severity: Critical
Direction: Incoming
Protocol: TCP
Remote Host: 91.121.196.115
Application: \DEVICE\HARDDISKVOLUME2\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
Signature ID: 25736
Signature SubID: 67262
Signature Name: Web Attack: Exploit Toolkit Website 8
Intrusion-URL: cadoojeux.com/omwi.htm?h=1239077

here's a message i got today:

weezer.com contains content from middleeastconnection.com, a site known to distribute malware. Your computer might catch a virus if you visit this site.

hey guys. ive been looking into this with the Ning people, and they had this to say:

"According to Google Safe Browsing and Norton Safe Web, weezer.com is currently free of issues:

http://www.google.com/safebrowsing/diagnostic?site=weezer.com

http://safeweb.norton.com/report/show?url=weezer.com

 

Based on what your member (AF) posted, the issue isn't from weezer.com directly since the intrusion-URL is cadoojeux.com/omwi.htm?h=1239077. I suggest looking through weezer.com for an image or file that has been posted relating to cadoojeux.com/omwi.htm?h=1239077. It might help narrow your search if you ask AF or G Foo Chombey to identify which specific posts or pages prompt this notice."

how about it guys?

and happy otter, where did you get that message? from who? what kind of message was it?

i have a strong feeling this is not actually on weezer.com, but something thats masquerading as it on your computers. you may have a virus and its saying its related to this site, when actualy its source is elsewhere. thats my theory right now. post up any other details you may see. thanks, karl

Hi. I came back just now because I got the email notification about your reply, and as soon as I did the same Symantec alert came up for me again. I haven't ever had an "intrusion alert" come up for me other than these couple of times recently (and only while accessing this site). I clicked on the direct link in the reply-notification email, so it has only been this actual thread that I've loaded so far on this visit to the site.

Actually, I just checked the Symantec log and this time the Intrusion-URL was "middleeastconnection.com/omwi.htm?h=1239077", which seems to match with the message happy otter was getting.

i got it on a google chrome malware warning page that popped up when i tried to go to weezer.com/forum. it was one of those pages that gave me a warning and asked me if i wanted to continue to the site or not. that's only happened this one time, though, on my home laptop.

my (brand new) work computer has been popping up a virus warning from norton when i visit the site as well. i haven't looked at the details of that one, though.

same as otter - as i navigate around the site on my work PC, i constantly get a sophos malware/virus warning - malware/virus jsredir-n. no problems wth any other site i visit, or with viewing weezer.com on my android tablet.

also, the main forum banner doesn't load up for me.

the banner thing is a separate bizarre issue im working on right now. something changed in how the ning platform reads our css code. ill have it fixed soon.

As for the virus thing, ill keep on the ning people about this. its possible there is some sort of software deal in their servers that allows for weird external things to show up as an intrusion but not actually be infecting the site. i dont know yet, but ive done scans and cant find a virus anywhere on the site. if you see other weird things, add them to this thread please.

Not getting anything here in IE or Chrome

 

Using kaspersky - it's not reporting anything untoward.

anti-spy part of it is silently blocking some stuff:

23/01/2013 11:25:20 http://www22.glam.com/gad/glamadapt_jsapi_track.act?;afid=183770529...; blocked Database *728x90*


Not sure what that is though - is that the banner??

 

Nothing reported in the Web-AV section though

 

Do you guys have any toolbars installed or anything??

thanks, karl and smock. i don't have any non-standard toolbards installed. i get this issue in both firefox and IE under windows 7.

Reply to Discussion

RSS

Weezer Bootlegs

SOCIAL

  • Weezer Links

Weezer Mailing List

Music

Loading…

© 2014   Created by Weezer.

Badges  |  Report an Issue  |  Terms of Service

Offline

Live Video