vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   This Site My Harm Your Computer (https://vborg.vbsupport.ru/showthread.php?t=246869)

creative-friend 07-19-2010 08:56 AM
This Site My Harm Your Computer
 
Hey

I Am Getting This Error When I Am Opening My Site

Can Anyone Help Me With This

How Can I Get Rid Of This

This Site My Harm Your Computer

Zylantex 07-19-2010 10:34 AM
If you want help you must meet us half way.

What is the name of the site?

BirdOPrey5 07-19-2010 02:47 PM
There are two main possibilities here... 1 is your site was hacked to add malicious code to your files... another is that an ad your showing has malicious code... If there is ad-blocking software for your browser use it and see if you still get the error.

creative-friend 07-20-2010 07:41 AM
My Site NAme Is Www.Pakistanipoint.com

@birdOprey5

can u please explain abit more...how can i get rid of it??

James Birkett 07-20-2010 10:33 AM
http://safebrowsing.clients.google.c...hrome&hl=en-GB

Quote:
What is the current listing status for pakistanipoint.com?
Site is listed as suspicious - visiting this website may harm your computer.

Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.

What happened when Google visited this site?
Of the 234 pages that we tested on the site over the past 90 days, 215 page(s) resulted in malicious software being downloaded and installed without user consent. The last time that Google visited this site was on 2010-07-20, and the last time that suspicious content was found on this site was on 2010-07-20.
Malicious software includes 25 trojan(s). Successful infection resulted in an average of 1 new process(es) on the target machine.

Malicious software is hosted on 1 domain(s), including 372kzsds7661.com/.

This site was hosted on 1 network(s) including AS16245 (NGDC).

Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, pakistanipoint.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.

How did this happen?
In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

BirdOPrey5 07-20-2010 10:37 AM
From Google Chrome:

Quote:
Safe Browsing
Diagnostic page for pakistanipoint.com

What is the current listing status for pakistanipoint.com?
Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.

What happened when Google visited this site?
Of the 234 pages we tested on the site over the past 90 days, 215 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-07-20, and the last time suspicious content was found on this site was on 2010-07-20.
Malicious software includes 25 trojan(s). Successful infection resulted in an average of 1 new process(es) on the target machine.

Malicious software is hosted on 1 domain(s), including 372kzsds7661.com/.

This site was hosted on 1 network(s) including AS16245 (NGDC).

Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, pakistanipoint.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.

How did this happen?
In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:
Return to the previous page.
If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.
Visit the site using Chrome then click on the link to Google Webmaster Tools and see what more info it can give you... it looks like your site was probably hacked- if this is the case you'll need to clean it or re-upload all files and restore the database to a time before you were hacked. I can't give any further help on this. If you're on a shared host you may want to inform them and see if they can help.

creative-friend 07-26-2010 07:40 AM
Quote:
Originally Posted by BirdOPrey5 (Post 2071946)
From Google Chrome:



Visit the site using Chrome then click on the link to Google Webmaster Tools and see what more info it can give you... it looks like your site was probably hacked- if this is the case you'll need to clean it or re-upload all files and restore the database to a time before you were hacked. I can't give any further help on this. If you're on a shared host you may want to inform them and see if they can help.
Well yeah im on shared host and i asked them they told me that i need to download all my files scan them and upload them again in FTP

is this the right way??shall i do this??

BirdOPrey5 07-26-2010 12:45 PM
I don't know that a virus scanner for PC's will find code inserted into php files... I'd suggest simply re-uploading the original php files from whatever version you are using so you know they are clean.

Michael.A 07-26-2010 04:47 PM
open your index php copy ever thing and make a post with it here...

a faster way to fix this is to update all ur vb files...

Q. how many admin you have on ur site with ftp and with out?

creative-friend 07-27-2010 11:11 AM
Quote:
Originally Posted by BirdOPrey5 (Post 2074731)
I don't know that a virus scanner for PC's will find code inserted into php files... I'd suggest simply re-uploading the original php files from whatever version you are using so you know they are clean.

you mean all the php files??every single php file??

--------------- Added [DATE]1280232815[/DATE] at [TIME]1280232815[/TIME] ---------------

Quote:
Originally Posted by MAD--DOG (Post 2074835)
open your index php copy ever thing and make a post with it here...

a faster way to fix this is to update all ur vb files...

Q. how many admin you have on ur site with ftp and with out?
on site we are two admins but on ftp its only me......

i will post the code as soon as possible....

BirdOPrey5 07-27-2010 01:57 PM
Yes, every single php file - it''s not that hard, you don't need to do 1 by 1, you use FTP to 'over-write all' and just wait for them all to go up.

creative-friend 07-29-2010 07:12 AM
I Have Just Updated My Forum To Latest Version But I Am Still Getting That Error...

Speysider 07-29-2010 09:10 AM
Check that you don't have any non-vBulletin related files on your server. This is only ones inside your public_html folder.

Xencored 07-29-2010 09:58 AM
Do what MAD--DOG said


Quote:
Originally Posted by MAD--DOG (Post 2074835)
open your index php copy ever thing and make a post with it here...

creative-friend 07-29-2010 03:04 PM
HEre You GO

Quote:
<?php
/*================================================= =====================*\
|| ################################################## ################## ||
|| # vBulletin 3.8.5 - Licence Number VBFA13027F
|| # ---------------------------------------------------------------- # ||
|| # Copyright ?2000-2010 Jelsoft Enterprises Ltd. All Rights Reserved. ||
|| # This file may not be redistributed in whole or significant part. # ||
|| # ---------------- VBULLETIN IS NOT FREE SOFTWARE ---------------- # ||
|| # http://www.vbulletin.com | http://www.vbulletin.com/license.html # ||
|| ################################################## ################## ||
\*================================================ ======================*/

// ####################### SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE & ~8192);

// #################### DEFINE IMPORTANT CONSTANTS #######################
define('THIS_SCRIPT', 'index');
define('CSRF_PROTECTION', true);
define('CSRF_SKIP_LIST', '');

// ################### PRE-CACHE TEMPLATES AND DATA ######################
// get special phrase groups
$phrasegroups = array('holiday');

// get special data templates from the datastore
$specialtemplates = array(
'userstats',
'birthdaycache',
'maxloggedin',
'iconcache',
'eventcache',
'mailqueue',
);

// pre-cache templates used by all actions
$globaltemplates = array(
'ad_forumhome_afterforums',
'FORUMHOME',
'forumhome_event',
'forumhome_forumbit_level1_nopost',
'forumhome_forumbit_level1_post',
'forumhome_forumbit_level2_nopost',
'forumhome_forumbit_level2_post',
'forumhome_lastpostby',
'forumhome_loggedinuser',
'forumhome_moderator',
'forumhome_subforumbit_nopost',
'forumhome_subforumbit_post',
'forumhome_subforumseparator_nopost',
'forumhome_subforumseparator_post',
'forumhome_markread_script',
'forumhome_birthdaybit'
);


$eventcount++;
}

$iterations++;
$gettime += 86400;
}
}
}
}
}

=>& $vbulletin->userinfo['usergroupid'],
'displaygroupid' =>& $vbulletin->userinfo['displaygroupid'],
'infractiongroupid' =>& $vbulletin->userinfo['infractiongroupid'],
)
);
}
else
{
$userinfos = array();
}
$inforum = array();

while ($loggedin = $db->fetch_array($forumusers))
{
$userid = $loggedin['userid'];
if (!$userid)
{ // Guest
$numberguest++;
if (!$loggedin['badlocation'])
{
$inforum["$loggedin[inforum]"]++;
}
}
else if (empty($userinfos["$userid"]) OR ($userinfos["$userid"]['lastactivity'] < $loggedin['lastactivity']))
{
$userinfos["$userid"] = $loggedin;
}
}

if (!$vbulletin->userinfo['userid'] AND $numberguest == 0)
{
$numberguest++;
}

foreach ($userinfos AS $userid => $loggedin)
{
$numberregistered++;
if ($userid != $vbulletin->userinfo['userid'] AND !$loggedin['badlocation'])
{
$inforum["$loggedin[inforum]"]++;
}
fetch_musername($loggedin);

($hook = vBulletinHook::fetch_hook('forumhome_loggedinuser' )) ? eval($hook) : false;

if (fetch_online_status($loggedin))
{
$numbervisible++;
$show['comma_leader'] = ($activeusers != '');
eval('$activeusers .= "' . fetch_template('forumhome_loggedinuser') . '";');
}
}

// memory saving
unset($userinfos, $loggedin);

$db->free_result($forumusers);

$totalonline = $numberregistered + $numberguest;
$numberinvisible = $numberregistered - $numbervisible;

// ### MAX LOGGEDIN USERS ################################
if (intval($vbulletin->maxloggedin['maxonline']) <= $totalonline)
{
$vbulletin->maxloggedin['maxonline'] = $totalonline;
$vbulletin->maxloggedin['maxonlinedate'] = TIMENOW;
build_datastore('maxloggedin', serialize($vbulletin->maxloggedin), 1);
}

$recordusers = vb_number_format($vbulletin->maxloggedin['maxonline']);
$recorddate = vbdate($vbulletin->options['dateformat'], $vbulletin->maxloggedin['maxonlinedate'], true);
$recordtime = vbdate($vbulletin->options['timeformat'], $vbulletin->maxloggedin['maxonlinedate']);

$show['loggedinusers'] = true;
}
else
{
$show['loggedinusers'] = false;
}

creative-friend 07-29-2010 03:06 PM
......

Quote:
// ### GET FORUMS & MODERATOR iCACHES ########################
cache_ordered_forums(1, 1);
if ($vbulletin->options['showmoderatorcolumn'])
{
cache_moderators();
}
else if ($vbulletin->userinfo['userid'])
{
cache_moderators($vbulletin->userinfo['userid']);
}

// define max depth for forums display based on $vbulletin->options[forumhomedepth]
define('MAXFORUMDEPTH', $vbulletin->options['forumhomedepth']);

$forumbits = construct_forum_bit($forumid);
eval('$forumhome_markread_script = "' . fetch_template('forumhome_markread_script') . '";');

// ### BOARD STATISTICS #################################################

// get total threads & posts from the forumcache
$totalthreads = 0;
$totalposts = 0;
if (is_array($vbulletin->forumcache))
{
foreach ($vbulletin->forumcache AS $forum)
{
$totalthreads += $forum['threadcount'];
$totalposts += $forum['replycount'];
}
}
$totalthreads = vb_number_format($totalthreads);
$totalposts = vb_number_format($totalposts);

// get total members and newest member from template
$numbermembers = vb_number_format($vbulletin->userstats['numbermembers']);
$newusername = $vbulletin->userstats['newusername'];
$newuserid = $vbulletin->userstats['newuserid'];
$activemembers = vb_number_format($vbulletin->userstats['activemembers']);
$show['activemembers'] = ($vbulletin->options['activememberdays'] > 0 AND ($vbulletin->options['activememberoptions'] & 2)) ? true : false;

eval('$ad_location[\'ad_forumhome_afterforums\'] = "' . fetch_template('ad_forumhome_afterforums') . '";');

// ### ALL DONE! SPIT OUT THE HTML AND LET'S GET OUTTA HERE... ###
($hook = vBulletinHook::fetch_hook('forumhome_complete')) ? eval($hook) : false;

eval('$navbar = "' . fetch_template('navbar') . '";');
eval('print_output("' . fetch_template('FORUMHOME') . '");');

/*================================================= =====================*\
|| ################################################## ##################
|| # Downloaded: 02:20, Thu Jul 29th 2010
|| # CVS: $RCSfile$ - $Revision: 31381 $
|| ################################################## ##################
\*================================================ ======================*/
?>

BirdOPrey5 07-29-2010 03:40 PM
OK Your file looks clean, also you may want to edit your first post and take out a lot of stuff from the middle, you're technically not supposed to post entire files, although I realized you were asked to.

creative-friend 07-29-2010 03:54 PM
If My File is clean then what is wrong??tell me please

BirdOPrey5 07-29-2010 07:47 PM
Well there's 2 possible places for viruses and other malicious code to be, the files and the database. If you've already re-uploaded all the original files (and I don't know that you have) and you still have the problem then the issue must be in the database. There are two places to check in the database- templates and plugins, A template or a plugin was added or altered. You can go back to the default template and see if you still have the problem in which case you need to check the plugins.


All times are GMT. The time now is 03:18 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01130 seconds
  • Memory Usage 1,805KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (8)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (19)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete