Yesterday when I booted into my Windows partition I was greeted with a windows update. after the update, I went to check on my forums and while attempting to load the forum index page I am greeted with,

 

this is something that avg is coming up with apparently. The odd thing is my wife didn't let windows update. Clicking the link for more information only leads to an avg page telling people to type in the name of the threat. You will note there is no threat name other than the message.

My question then would be, did someone infect my icyphoenix driven forums and my wifes computer is not dedecting the threats? of is this a screwup with the windows updates? This is occurring at all of my forums. This is serious. I may not have a lot of traffic to these forums yet, but with people being greeted with this, I never will.  

http://afreecountry.com/forum/index.php
http://adjustersonly.net/forum/index.php
http://concealedpistol.org/
http://hatewalmart.com/
http://www.mexicansgohome.com/

looks like an Windows upscrew.

that happend to mi once. what i did was a restauration of windows to before last update. that fixed mi prob.

windows screws up a lot latetly. espacialy with Vista.


UPDATE.

try to get in contact with your hoster.

theres a serios problem on your sites.

thing is it happens on all of them.


it says there a hints of JS/redirector virus

maybee your hosting has got a virus

____________
Out of Order

spydie wrote: [View Post]

try to get in contact with your hoster.

theres a serios problem on your sites.

thing is it happens on all of them.


it says there a hints of JS/redirector virus

maybee your hosting has got a virus

i think it is more likely that one happend to you. Try that one, it will more likely, even if your server is a VPS.

its a JS/redirector trojan says avast.

and that one isn´t in my system

____________
Out of Order

I appreciate the suggestions. I will contact the web host service provider to see if there is a trogan there somewhere.

I have a problem with restoring windows to an earlier point. The reason being, if most people let windows update and go to one of my forums, they will see this warning and most likely never return. Hopefully it is something that the hosting provider can handle. I will update with any news.

I think that restoring to an earlier point might do the trick, but I can't find out. When I restore to an earlier point, windows resets that configuration to automatically update and when I reboot, that what it does. So every time I restore to an earlier point, windows over rides my decision. Windows really sucks. I prefer Linux, but nobody writes insurance adjusting software for linux.

NOTE: This message only appears when entering the forums powered by IcyPhoenix. It does not appear when going anywhere else on the sites that have more to them than IcyPhoenix.

Did you get a response back from your hosting provider?

____________
| Icy Phoenix ColorizeIt! |
Bipolar Disorder - Not good for you and definitely not good for everyone else.

Chaotic wrote: [View Post]

Did you get a response back from your hosting provider?

No. I have not contacted them yet since this only happens when entering one of the forums. It does not occur when entering anywhere else such as any of the 100 pages of aFreeCountry.com.

It must have something to do with the Windows update, because my wife did not upgrade and she does not get this message.  She just logged in to one of the forums without any problems. It seems to me that if there was a problem with the site itself, she would be having an issue even without updating windows. We both use AVG free and that does get upgraded whenever there is an upgrade.

What seems odd to me is why I do not get the message when coming to this forum. Is this forum not power by IcyPhonix? If it is, why would I not get the message? Also, all of the forums have not been upgraded to the latest version of Icy, yet I get the message at all of the forums. ( I think my hair grew grayer today. )

you can try one thing.

download SuperAntiSpyware and make a systemcheck with it.

that helped me out of trouble a few times.

it6 can be that theres a trojan in your system and your antivir doesn´t detect it.

its just a sugestion

____________
Out of Order

Was anyone able to find a fix for this? I have had the exact same AVG message appear, 5 gallerys affected, all using Coppermine, and 1 store using osCommerce.

Appreciate any further guidance on this.

Lee

simplewebs,

Just a few questions.  Are you using Icy Phoenix?  It sounds like you are having a little bit of a different problem as something like this is only affecting your Coppermine gallery sites, which is not supported here.

If your issue is with Coppermine galleries, you'll need to contact them for support.  If you are having trouble with Icy Phoenix, we'll be more than happy to help, but please start a new topic!

Thanks

____________
| Icy Phoenix ColorizeIt! |
Bipolar Disorder - Not good for you and definitely not good for everyone else.

Hello Chaotic,
I have found the problem, applies directly to the person who started this thread, as on 2 different php systems I run, I was receiving the exact same error message as the image shown on this thread.

The problem is an update to AVG8 on 13 Feb, roll the computer back to 13 Feb before the update, and the galleries will be visible again.  I am now using PC Tools Free Antivirus.

Thought this might help at least a few people who may have encountered the same problem.

Lee

That is the problem I am having. When I attempt to restore the computer to Feb 13th, it automatically updates. I will just uninstall AVG8 to see if that fixes the problem and report back.


UPDATE: Ok, I uninstalled AVG8 and the problem went away. I cannot say the problem is resolved yet as I do not know that AVG was functioning correctly.

I thought today that it may be caused by some affiliate advertising links on the site. I will not know for sure until I remove the links and re-install AVG8 to see if the problem returns. It will be a few days before I can get this done. More to come.

The exploit is in the version of the PHP codes that the content management systems (CMS) was written in. The codes are old and easily exploited by bots. It have nothing to do with your OS or anti-virus software.

This is also possible if your host is running a very old version of PHP on your webserver as well. Some hosters believe that you shouldn't need to upgrade if it's running properly. So, their servers get hacked when a just-as-old version of any CMS is installed on it.

The solution is to install the latest version of you CMS in a new folder on your server. Then Dump the database of the current CMS and insert the data only into the newly installed CMS. PLEASE note that this may not work if your CMS is very much older than the latest version. I'm certain though that you can find help on your CMS's website.

I am using whatever version of the CMS is used in Icyphoenix version 1.2.0.27. When I go to the ACP, icyphoenix is report there are no upgrades available for my version of icyphoenix.  

My info.php script is report version 5.2.5 for the php version.

I got an email from google stating they are now reporting my site to anyone who clicks on a link in search reults as a dangerous site. This is only occurring in the icyphoenix subdirectories.  This is getting very troubling.

I sent an email to to hosting service. Hopefully they will have some insight.