# Infected site?



## RabidAlien (Jan 21, 2011)

Tried logging in this afternoon after work, and Firefox gave me a nasty message saying that ww2aircraft was infected. Turned off the "Block Reported Attack Sites" option in FF (Tools-Options-Security) so I could post this, I'll be turning it back on and running a full virus scan here in a few, but I was wondering, is anyone else getting similar messages? I figger its from some of the ads that are running, as a first guess.

Frikkin viruses......I hate them, and their little programmers, too.


----------



## Matt308 (Jan 21, 2011)

We have no internal indications (for what that is worth). Will keep an eye out for other symptoms. Thanks for the head up. In the future, please use the post icons or forum issues threads for a more definitive response. Otherwise we just have to rely upon the Mods coming across one of many posts that we have to peruse.

Your diligence is appreciated.


----------



## RabidAlien (Jan 21, 2011)

No prob, and will do! I tried to post in the "News" forum, but it said I didn't have adequate rights. I didn't think my jokes were THAT bad!!!

I'm still thinkin its just some of those ads triggering the warnings, 3 in the last 90 days. Guess I'll have to keep that setting turned off for now, I'm not planning on ditching the forums for 90 days to reset the thing!


----------



## Aaron Brooks Wolters (Jan 22, 2011)

I got the same notice RA and have been having some trouble with the site freezing up. I unplugged the cable line and let the computer settle down and plugged it back in and was able to upload my photos. This has happened twice now and it does not happen on other sites. The report that I opened after I got the notice said that there was a trojan1 virus. I did save the report so if it is needed I can get it to the mods or admins.


----------



## Marcel (Jan 22, 2011)

We have a treat going in the problems section.


----------



## Lucky13 (Jan 22, 2011)

RabidAlien said:


> Guess I'll have to keep that setting turned off for now, _I'm not planning on ditching the forums for 90 days_ to reset the thing!



D*mmit!


----------



## Thorlifter (Jan 22, 2011)

Admins, I got the same message in FireFox. 


_What is the current listing status for ww2aircraft.net?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 3 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 203 pages we tested on the site over the past 90 days, 114 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2011-01-21, and the last time suspicious content was found on this site was on 2011-01-21.

Malicious software includes 1 trojan(s). Successful infection resulted in an average of 1 new process(es) on the target machine.

Malicious software is hosted on 2 domain(s), including sccvaxzv.co.cc/, nfjcpady.co.cc/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including sccvaxzv.co.cc/.

This site was hosted on 1 network(s) including AS19318 (NJIIX).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, ww2aircraft.net did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:

* Return to the previous page.
* If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center._


----------



## Gnomey (Jan 22, 2011)

It is/was a problem with one of the ads more than likely. We are working on fixing it, in the meantime there isn't any immediate threat so everything should be running fine. Just a question of getting the 'clean' report from Google.


----------



## RabidAlien (Jan 22, 2011)

Sweet! Thanks, Gnomey, looks like y'all're all over this one!


----------



## Wurger (Jan 22, 2011)

Yep...


----------



## Thorlifter (Jan 22, 2011)

Thanks guys. I knew ya'll would be all over it!


----------



## Aaron Brooks Wolters (Jan 22, 2011)

Thanks guys!!!!!


----------



## mikewint (Jan 22, 2011)

I read this too in the problems section. In Google this is listed as a suspicious site. I ran a comprehensive Norton scan yesterday and again today and Norton finds no problems in my computer in any case


----------



## Lucky13 (Jan 22, 2011)

Always do comprehensive Norton 360 scan every night, and tick the box for turning it off when done...other than that, no problems to report.


----------



## Wurger (Jan 22, 2011)

Jan, have you been warned by your net browser when accessing the site? Today - of course.


----------



## N4521U (Jan 22, 2011)

I have been warned today as well...... blocked from entering on Firefox. By the by, where did the Viagra thread come from???????? I had to turn my blocked sites off to get onto the forum.


----------



## BikerBabe (Jan 22, 2011)

Same problem here, I use Chrome.


----------



## mikewint (Jan 23, 2011)

nothing from explorer and Norton 360 and all scans are clean


----------



## Lucky13 (Jan 23, 2011)

Not been warned, but I scan my computer every night, when I turn it off.....


----------



## mikewint (Jan 24, 2011)

For the first time this AM Firefox, at work, blocked this site, had to change security settings


----------



## Lucky13 (Jan 25, 2011)

Google is still blocking.....


----------



## Wurger (Jan 25, 2011)

Yep...


----------



## mikewint (Jan 25, 2011)

Methinks this is a tempest in a teapot


----------



## TimEwers (Jan 28, 2011)

I tried to do some searching for info on b17's in the PTO some of the links were for this web site, but I could not get in because of that stupid message. so just giving a heads up fire fox anyway is still acting up even tho I disabled that sight is unsafe message.


----------



## seesul (Jan 28, 2011)

TimEwers said:


> I tried to do some searching for info on b17's in the PTO some of the links were for this web site, but I could not get in because of that stupid message. so just giving a heads up fire fox anyway is still acting up even tho I disabled that sight is unsafe message.



I got the same problem but in Firefox only. IE works fine.
Anyone else with such an issue?


----------



## Airframes (Jan 28, 2011)

Can't get in via Google, but can with Yahoo if the 'Accept Risk' box is checked.


----------



## seesul (Jan 28, 2011)

Hi Terry, with Opera, IE of Firefox?
IE works fine for me but I hate IE...


----------



## mikewint (Jan 28, 2011)

I just unchecked Firefoxes little block box. Don't go to that many sites at work 'cause they block just about everything. At home every scan I've done with Norton 360 has come up clean so, personally I've ceased to worry about it


----------



## DerAdlerIstGelandet (Jan 28, 2011)

The problem is being worked on guys. Please have some patience.


----------



## Aaron Brooks Wolters (Jan 28, 2011)

Thank you Adler!


----------



## Trebor (Jan 29, 2011)

I am relieved to hear that the problem is being worked on. I have Firefox, and never got this before...there has to be a virus.


----------



## DerAdlerIstGelandet (Jan 29, 2011)

The site itself is not infected with a virus. It is an advertisement link or something of that nature.

As long as you don't click on advertisements, and you have your antivirus and spamware set up, you do not have any problems.


----------



## Trebor (Jan 29, 2011)

aye. I never click on advertisements anyways. so no problem there. it's just irritating having to click "ignore this warning" every time I go to another page on this site.


----------



## DerAdlerIstGelandet (Jan 29, 2011)

Yes it is very annoying. David is working the updates necessary and on fixing the problem.

The site could be down for a few hours because of this.


----------



## seesul (Jan 29, 2011)

Thx guys. I got here thru IE.


----------



## B-17engineer (Jan 29, 2011)

Does anyone know how to fix it on Safari? I got it on my PC but my Mac has the 'ignore warning' for every page.


----------



## Marcel (Jan 29, 2011)

B-17engineer said:


> Does anyone know how to fix it on Safari? I got it on my PC but my Mac has the 'ignore warning' for every page.



I think Chrome is there for OSX as well. Maybe you could install that? It only warns you once.


----------



## B-17engineer (Jan 29, 2011)

Ohh good idea, will try that. Thanks!


----------



## wheelsup_cavu (Jan 29, 2011)

I saw the google warning the other day when I ran a search and this site popped up as one of the links. It gave me the the same google infected site warning that was posted earlier in this thread. Looking forward to seeing Google giving the site a clean bill of health again soon.


Wheels


----------



## alejandro_ (Feb 1, 2011)

> I saw the google warning the other day when I ran a search and this site popped up as one of the links. It gave me the the same google infected site warning that was posted earlier in this thread. Looking forward to seeing Google giving the site a clean bill of health again soon.



x2 I have had the same issue when trying to access the site in the last few days.


----------



## FlexiBull (Feb 6, 2011)

This is beginning to spoil my enjoyment of this site. When oh when will firefox/Google give the site a clean bill of health. 

I have been unable to post a message using Firefox, every new page/post takes me straight to the red screen of death! I have had to resort to IE to type this message.

This BTW is now my log on screen under Firefox, it's lost most of the structure.


----------



## DerAdlerIstGelandet (Feb 7, 2011)

The funny thing is that a lot of the ads that Google is reporting are coming from google. So in that sense Google is the attacking site!


----------



## Lucky13 (Feb 7, 2011)

It's a true pain in the tailpipe!


----------



## Marcel (Feb 7, 2011)

FlexiBull said:


> This is beginning to spoil my enjoyment of this site. When oh when will firefox/Google give the site a clean bill of health.
> 
> I have been unable to post a message using Firefox, every new page/post takes me straight to the red screen of death! I have had to resort to IE to type this message.
> 
> This BTW is now my log on screen under Firefox, it's lost most of the structure.



You can turn of the "report attack sites" in the preferences of FF. Then you can use the site like before.


----------



## seesul (Feb 11, 2011)

What´s going on? Any news? I just loged in thru hated IE but Firefox still takes it as an infected site...strange...


----------



## DerAdlerIstGelandet (Feb 11, 2011)

David is still working on it guys. 

I am sorry that this is taking so long. We thank you for your patience and hopefully this will all be fixed soon.


----------



## Marcel (Feb 12, 2011)

Google is slow. I'm still waiting for my band's website to pop up in the search engine, but still no luck. It'll probably take a month or so.

BTW guys, download the portable app of Chrome. You don't need to install, just unzip and go.It will only give you a warning an then display the forum correctly. You wil have the warning every time you open a tab with the forum, but as long as you stay in one tab, browsing the forum it'll work great. And Chrome is much faster then FF, too. You can get it here:
http://portableapps.com/apps/internet/google_chrome_portable


----------



## Trebor (Feb 12, 2011)

I followed the instructions and turned off the "reported attack sites" box and I'm viewing the site like normal. like Adler said as long as I don't click on any ads, I'll be fine


----------



## Lucky13 (Feb 13, 2011)

I've never clicked on any ads here or anywhere else...still, you have that nagging thought in the back of the head....thanks to the Google warning.


----------



## mikewint (Feb 13, 2011)

I continue to perform a comprehensive scan with Norton 360 and Counter-Spy every night and have yet to come up with anything more than tracking cookies which could come from anywhere. Personally this is a non-problem in my estimation


----------



## DerAdlerIstGelandet (Feb 13, 2011)

It is a matter of getting Google to remove us.


----------



## RabidAlien (Feb 13, 2011)

mikewint said:


> I continue to perform a comprehensive scan with Norton 360 and Counter-Spy every night and have yet to come up with anything more than tracking cookies which could come from anywhere. Personally this is a non-problem in my estimation



Agreed. Got home from church to be greeted by two waggy beagles, an indifferent toddler (wanted pretzels not hugs), and Microsoft Security Essentials telling me about an adware cookie that it was beating about the head and shoulders with a baseball bat, and what would I like to do with it? Infected cookie now sleeps with da' fishies, but as you said, it could have come from anywhere. If this entire site was as badly infected as Google keeps screaming (<shakes fist>Darn them!</shakes fist>), my computer would be full of viruses/trojans/worms, because I typically keep FF open with at least three tabs, one of which is ww2aircraft.net....and, knowing me, I typically forget to close FF when I walk away from the 'pooter. So, to make a short story long and boring......just get a good AV program, keep it up to date, and don't use Internet Explorer (notice which browser has neglected to inform anyone that there may be a problem afoot?).


----------



## Aaron Brooks Wolters (Feb 13, 2011)

My computer was infected by the Trojan that Google said was here but I was able to get rid of it rather easily.


----------



## Marcel (Feb 13, 2011)

I don't get trojans, I use Linux8)


----------



## spicmart (Feb 17, 2011)

Hello,

I don't know where to post this, so I do it here. My browser still shows ww2aircraft.net as an attacking website (malware). I had to disable the securtity option to log in, but I am not sure what to to. Maybe someone of you can help me?

regards


----------



## DerAdlerIstGelandet (Feb 17, 2011)

spicmart said:


> Hello,
> 
> I don't know where to post this, so I do it here. My browser still shows ww2aircraft.net as an attacking website (malware). I had to disable the securtity option to log in, but I am not sure what to to. Maybe someone of you can help me?
> 
> regards



The issue lies in the advertisements on the site. We are currently working on getting the site removed from the attack warning.


----------



## RabidAlien (Feb 17, 2011)

Which browser do you use? If you use Firefox, click on Tools-Options-Security, and uncheck the block that says "Block reported attack sites". You'll have full and normal access to the site again.


----------



## muggs (Feb 18, 2011)

Yes but this will also allow legit spam/malware sites to open in your browser.


----------



## Wurger (Feb 18, 2011)

muggs said:


> Yes but this will also allow legit spam/malware sites to open in your browser.



It is not sure. It seems that the main problem has been caused by the advertisement that was provided just by the Google. So , if you don't click any of these adverts here all will be fine. Also if you have the accessing scaner of your anti-vir, there shouldn't be any trouble as well.


----------



## muggs (Feb 18, 2011)

I'm not referring to this site Wurger, the problem here is clearly the ads, but if one would let's say open a link from an spam email which asks him to change his paypal login on a bogus server, by unchecking that option he will receive no warning.


----------



## Gnomey (Feb 18, 2011)

Yeah but you have to be pretty stupid to do that...

Besides, I am still enjoying farming all the banking details of the users of this site anyway...


----------



## DerAdlerIstGelandet (Feb 18, 2011)

muggs said:


> I'm not referring to this site Wurger, the problem here is clearly the ads, but if one would let's say open a link from an spam email which asks him to change his paypal login on a bogus server, by unchecking that option he will receive no warning.



Until this problem is solved, just don't click on any advertisements or open any spam emails or threads that were opened by spambots. 

Also make sure that your anti virus software is working and updated as well as your anti spyware software.

You do those things and you should fine.

Again hopefully we will get this resolved as quickly as possible.


----------



## mikewint (Feb 18, 2011)

Exactly, no matter where you go on the internet the bad guys are going to try to get you. I received an email a few months back from CHASE BANK (My bank) the email looked like a legit Chase email, logo, address, phone no. all correct. The email stated that my credit card was over drawn and I needed to forward a payment immediately. All they needed was my name, address, phone no., and credit card number. Needless to say Chase knew nothing about it but how many would have supplied that info without thinking or checking.
So, I come here several times per day, do a scan every night and have yet to find a problem anywhere on my computer. It's a non-problem except for the impression it is going to give to potential joiners of this forum


----------



## seesul (Feb 20, 2011)

Wurger said:


> It is not sure. It seems that the main problem has been caused by the advertisement that was provided just by the Google. So , if you don't click any of these adverts here all will be fine. Also if you have the accessing scaner of your anti-vir, there shouldn't be any trouble as well.


Hi Wojtek, I´ve never klicked on adds and still have this ****ing report.


----------



## DerAdlerIstGelandet (Feb 20, 2011)

seesul said:


> Hi Wojtek, I´ve never klicked on adds and still have this ****ing report.



You do not have to click on them. It is the fact that the ads are here and you have the opportunity to click on them.


----------



## GrauGeist (Feb 21, 2011)

Gnomey said:


> Yeah but you have to be pretty stupid to do that...
> 
> Besides, I am still enjoying farming all the banking details of the users of this site anyway...


Aww man...I don't use online banking...

Want me to send ya' cash instead?


----------



## RabidAlien (Feb 21, 2011)

GrauGeist said:


> Aww man...I don't use online banking...
> 
> Want me to send ya' cash instead?



Ooooooooooooh....sounds like the dreaded "Amish Virus"......'please delete the contents of your hard drive and mail the contents of your bank account(s) to the address below...'


----------



## Wurger (Feb 21, 2011)

seesul said:


> Hi Wojtek, I´ve never klicked on adds and still have this ****ing report.



Ahoj Romku,

Unfortunately appearing of the warning isn't up to us but to Google.


----------



## Gnomey (Feb 21, 2011)

GrauGeist said:


> Aww man...I don't use online banking...
> 
> Want me to send ya' cash instead?



Please do. I will send a PM of my details for you to deliver the cash to 8)

Alternatively a cheque made out to "His Royal Highness of Nigeria" is also appreciated. In return there is a chance that the large amount of money that has recently come into my possession and I need to remove from the country could be yours, only need your details and the transfer could be made.


----------



## mikewint (Feb 21, 2011)

Gnomy, yea, but that's not near as much fun as hacking in and posting their balance to your swiss account


----------



## RabidAlien (Feb 26, 2011)

Just checked, the site update has not affected Google's opinion of us in the least. One could always hope, though...


----------



## horseUSA (Feb 27, 2011)

fixed now!


----------



## DerAdlerIstGelandet (Feb 27, 2011)

Everything seems to be back up and running.


----------



## RabidAlien (Feb 27, 2011)

Unfortunately, I still get the message using FireFox.


----------



## DerAdlerIstGelandet (Feb 27, 2011)

RabidAlien said:


> Unfortunately, I still get the message using FireFox.


 
Really, I don't. I went to my settings and removed it from the list and I no longer get the warning.


----------



## horseUSA (Feb 27, 2011)

Response I have from google:


> Unfortunately, Google has discovered harmful code on your site. Google users will see a warning page when they attempt to visit pages within this site.
> 
> *Status of the latest badware review for this site: A review for this site has finished. The site was found clean. The badware warnings from web search are being removed. Please note that it can take some time for this change to propagate.*



So it is clean, but might take a day for the all clear signal to properly propagate.


----------



## Aaron Brooks Wolters (Feb 27, 2011)

Thank you Horse!


----------



## RabidAlien (Feb 27, 2011)

Up in the News thread, Horse posted a reply he got from Google, giving the site a clean bill of health. Google said it may take some time to get the updated status propagated out to all the servers. No worries, I'll keep testing it. It'll trickle down to my level of the gutter eventually.


----------



## parsifal (Mar 1, 2011)

Better late than never. I have not been able to get access to the site at all for over a month now. I use google to access, and google listed the site as suspicious for an eternity (it seems). Hope things are okay now


----------



## Wayne Little (Mar 2, 2011)

While i have had no problem at home, could not get on at work....well today got back on at work!


----------



## DerAdlerIstGelandet (Mar 2, 2011)

I can't get on at work either. That is because once the Army decides something is bad, then it stays bad.


----------



## Erich (Mar 2, 2011)

feel strongly that is all about V-bulletin, we are fighting the same crap statements via World War II Forums forums


----------



## Ruud (Mar 2, 2011)

Nice to have that warning gone. More at ease while surfing here.


----------



## RabidAlien (Mar 4, 2011)

Oddly enough, Firefox is STILL telling me its infected. Gonna check to see if there's a new version of FF out (I know my work computers have prompted for updates recently, I don't think my home PC has), maybe that'll help.

Yep. That did the trick. If you're still having probs with Firefox telling you the site's got ebola or the plague or something, check your version (Help-->About Mozilla Firefox). The most current version (non-Beta) is 3.6.15. If your version is lower than that (I had 3.6.10), go to www.mozilla.com and download the update. With a cable connection, download and install took a whoppin minute. Maybe less. And that solved my issues!


----------



## Aaron Brooks Wolters (Mar 4, 2011)

I just got a notice for a new update for FireFox not 30 seconds ago. Will give it a try.


----------

