Bstuff appears to be infected with a Trojan...

Announce an event, topic or get together that might affect everyone
User avatar
DTMAce
Registered User
Posts: 3510
Joined: Thu Sep 25, 2008 7:03 pm
Location: Michigan EUP
Contact:

Bstuff appears to be infected with a Trojan...

Post by DTMAce »

Yep.

Here is the screen shot:

Image

Seems to be attaching to the jscript files all over the site. My last visit to edit my post about it resulted in over 50 infection attempts while using FireFox. IE also is affected.

Hopefully I am wrong, but it seems others are getting the same thing. I just hope it gets fixed. 2 different computers here does it.


94' Z26 Project - 95' Base Project - Custom LED Light Conversions!
Chosen Proposal Submission & Committee Member for Beretta Fest 2012 in Traverse City Michigan

Image
Image
User avatar
DTMAce
Registered User
Posts: 3510
Joined: Thu Sep 25, 2008 7:03 pm
Location: Michigan EUP
Contact:

Re: Bstuff appears to be infected with a Trojan...

Post by DTMAce »

More information:

This is a txt filewith a scan report from my laptop of the various infection locations its detecting....

Here is a quote of some of what it is detecting:
5/11/2010 9:05:50 PM http://www.bstuff.com/jscripts/ips_ipsclass.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:05:50 PM http://www.bstuff.com/jscripts/ipb_global.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:05:50 PM http://www.bstuff.com/cache/lang_cache/ ... ascript.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:05:50 PM http://www.bstuff.com/style_images/1/fo ... nu_html.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:05:50 PM http://www.bstuff.com/jscripts/ips_menu.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:05:50 PM http://www.bstuff.com/jscripts/ips_xmlhttprequest.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:05:51 PM http://www.bstuff.com/jscripts/dom-drag.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:05:51 PM http://www.bstuff.com/jscripts/ipb_glob ... nhanced.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:05:51 PM http://www.bstuff.com/style_images/1/fo ... nu_html.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:05:52 PM http://www.bstuff.com/cache/lang_cache/ ... ascript.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:05:52 PM http://www.bstuff.com/jscripts/ipb_forum.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:05:52 PM http://www.bstuff.com/jscripts/ips_xmlhttprequest.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:05:53 PM http://www.bstuff.com/jscripts/ipb_glob ... nhanced.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:05:53 PM http://www.bstuff.com/jscripts/dom-drag.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:05:55 PM http://www.bstuff.com/jscripts/ipb_forum.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:13 PM http://bstuff.com/jscripts/ips_xmlhttprequest.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:13 PM http://bstuff.com/style_images/1/folder ... nu_html.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:13 PM http://bstuff.com/cache/lang_cache/en/l ... ascript.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:13 PM http://bstuff.com/jscripts/ips_menu.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:14 PM http://bstuff.com/jscripts/ips_ipsclass.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:14 PM http://bstuff.com/jscripts/dom-drag.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:16 PM http://bstuff.com/jscripts/ipb_global.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:17 PM http://bstuff.com/jscripts/ipb_global_xmlenhanced.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:17 PM http://bstuff.com/jscripts/ips_menu.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:17 PM http://bstuff.com/jscripts/ipb_forum.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:17 PM http://bstuff.com/style_images/1/folder ... nu_html.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:17 PM http://bstuff.com/cache/lang_cache/en/l ... ascript.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:18 PM http://bstuff.com/jscripts/ips_xmlhttprequest.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:19 PM http://bstuff.com/jscripts/ipb_global_xmlenhanced.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:20 PM http://bstuff.com/jscripts/dom-drag.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:20 PM http://bstuff.com/jscripts/ipb_forum.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:50 PM http://bstuff.com/jscripts/ips_xmlhttprequest.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:50 PM http://bstuff.com/cache/lang_cache/en/l ... ascript.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:50 PM http://bstuff.com/jscripts/ipb_global_xmlenhanced.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:51 PM http://bstuff.com/jscripts/ipb_topic.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:51 PM http://bstuff.com/jscripts/ips_text_editor_lite.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:52 PM http://bstuff.com/jscripts/ipb_global.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:52 PM http://bstuff.com/style_images/1/folder ... nu_html.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:53 PM http://bstuff.com/jscripts/ips_ipsclass.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:06:54 PM http://bstuff.com/jscripts/ipb_global.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:07:01 PM http://bstuff.com/jscripts/ips_menu.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:07:02 PM http://bstuff.com/style_images/1/folder ... nu_html.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:07:02 PM http://bstuff.com/cache/lang_cache/en/l ... ascript.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:07:03 PM http://bstuff.com/jscripts/ips_xmlhttprequest.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:07:04 PM http://bstuff.com/jscripts/ipb_global_xmlenhanced.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:07:11 PM http://bstuff.com/jscripts/dom-drag.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:07:12 PM http://bstuff.com/jscripts/ipb_topic.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:07:13 PM http://bstuff.com/jscripts/ips_text_editor_lite.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:39 PM http://www.bstuff.com/jscripts/ipb_global.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:39 PM http://www.bstuff.com/jscripts/ips_xmlhttprequest.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:39 PM http://www.bstuff.com/cache/lang_cache/ ... ascript.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:39 PM http://www.bstuff.com/style_images/1/fo ... nu_html.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:39 PM http://www.bstuff.com/jscripts/ipb_glob ... nhanced.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:39 PM http://www.bstuff.com/jscripts/dom-drag.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:39 PM http://www.bstuff.com/jscripts/ipb_global.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:39 PM http://www.bstuff.com/jscripts/ipb_forum.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:42 PM http://www.bstuff.com/jscripts/ips_ipsclass.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:42 PM http://www.bstuff.com/jscripts/ips_menu.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:42 PM http://www.bstuff.com/jscripts/ipb_global.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:45 PM http://www.bstuff.com/jscripts/ips_menu.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:46 PM http://www.bstuff.com/style_images/1/fo ... nu_html.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:46 PM http://www.bstuff.com/cache/lang_cache/ ... ascript.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:46 PM http://www.bstuff.com/jscripts/ips_xmlhttprequest.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:47 PM http://www.bstuff.com/jscripts/ipb_glob ... nhanced.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:47 PM http://www.bstuff.com/jscripts/dom-drag.js [L] JS:Illredir-BL [Trj] (0)
5/11/2010 9:22:48 PM http://www.bstuff.com/jscripts/ipb_forum.js [L] JS:Illredir-BL [Trj] (0)
No idea what is going on, but something is....


94' Z26 Project - 95' Base Project - Custom LED Light Conversions!
Chosen Proposal Submission & Committee Member for Beretta Fest 2012 in Traverse City Michigan

Image
Image
User avatar
3X00-Modified
Administrator
Posts: 10912
Joined: Thu Jul 05, 2007 9:18 am
Location: Brooklyn CT

Re: Bstuff appears to be infected with a Trojan...

Post by 3X00-Modified »

Great... I guess I wont go get the PM I have waiting then.


Mr.Pink
Supreme Unit
Sleepy Goodness
"Beretta Guy"
User avatar
DTMAce
Registered User
Posts: 3510
Joined: Thu Sep 25, 2008 7:03 pm
Location: Michigan EUP
Contact:

Re: Bstuff appears to be infected with a Trojan...

Post by DTMAce »

Well it seems to me that I can get on, just keep getting pop ups. So I assume that for now I am being protected, but I'm not going there for much till this is fixed... :S


94' Z26 Project - 95' Base Project - Custom LED Light Conversions!
Chosen Proposal Submission & Committee Member for Beretta Fest 2012 in Traverse City Michigan

Image
Image
User avatar
NMBeretta
Registered User
Posts: 329
Joined: Wed Jun 17, 2009 11:09 am
Location: Roswell, NM

Re: Bstuff appears to be infected with a Trojan...

Post by NMBeretta »

This sucks! How do we fix it?


90 Chevy Beretta GT/GTZ V6 3.1
98 GMC Sierra SLE Vortec V8 5.0
01 Honda Acorrd EX 2.2
http://www.beretta.net/forum/download/f ... ew&id=1088
User avatar
Asylum
Registered User
Posts: 3050
Joined: Wed Mar 31, 2004 9:36 am
Location: Hamilton, Ontario, Canada
Contact:

Re: Bstuff appears to be infected with a Trojan...

Post by Asylum »

I just tried and Norton won't let me near it! LOL


Eric

Asylum Motorsports
"Where we're not happy 'til YOU'RE not happy!






'91 California Quad (Gone with just a bit of "Seller's Remorse".)
'92 3500 GT gone and not really missed. It was fun. Documented 13.47 N/A.
User avatar
99GaGT3X00
Registered User
Posts: 804
Joined: Tue Jan 11, 2005 1:56 pm
Location: North Brookfield,MA
Contact:

Re: Bstuff appears to be infected with a Trojan...

Post by 99GaGT3X00 »

i got that crap too. my anti-virus picked it up and wouldn't even load the page.


Image
3400/3500 Hybrid
227/233@.050 .515.515 lift 112LSA
15.232@88.85mph on stock 3400

99 Grand Am GT------03 Subaru Outback H6
User avatar
3X00-Modified
Administrator
Posts: 10912
Joined: Thu Jul 05, 2007 9:18 am
Location: Brooklyn CT

Re: Bstuff appears to be infected with a Trojan...

Post by 3X00-Modified »

NMBeretta wrote:This sucks! How do we fix it?
LOL, that's going to be the hard part... First you need to get in touch with your Admin... who seems to hardly be on, and then find out where the site is hosted and find a way to clean the database up, or the server its hosted on.

Luckily here Will OWNS the server this board is on so its exclusive to him and he has full access to it, and he is a bit more active that bstuffs admin.


Mr.Pink
Supreme Unit
Sleepy Goodness
"Beretta Guy"
User avatar
DTMAce
Registered User
Posts: 3510
Joined: Thu Sep 25, 2008 7:03 pm
Location: Michigan EUP
Contact:

Re: Bstuff appears to be infected with a Trojan...

Post by DTMAce »

At least it should drive a few more members over here for awhile... :P

heheh

Anyways. Here is the odd part. My ole lady's computer was flagging the site with Avast in IE, but not FF. My laptop was flagging it on both IE and FF and my desktop at the office here is only flagging it on IE, not FF. Odd. I run the same anti-virus program on all my machines these days, as they seem to do the job. Maybe the FF on hers and this one aren't as new as the one on the laptop... Hmmmm Still, the site is infected, as I'm not the only one seeing it.


94' Z26 Project - 95' Base Project - Custom LED Light Conversions!
Chosen Proposal Submission & Committee Member for Beretta Fest 2012 in Traverse City Michigan

Image
Image
User avatar
woody90gtz
Registered User
Posts: 4698
Joined: Thu Jul 11, 2002 8:45 pm
Location: Walton, NY
Contact:

Re: Bstuff appears to be infected with a Trojan...

Post by woody90gtz »

I've gotten no flags in FF on my two machines...


91 "SS" - WOT 3400/5spd - 13.29@101.6 - World's fastest N/A FWD Beretta
96 "T56" LS/6spd/8.8 RWD swap - 13.45@104.7 lol
GEARHEAD dezign youtube
User avatar
3X00-Modified
Administrator
Posts: 10912
Joined: Thu Jul 05, 2007 9:18 am
Location: Brooklyn CT

Re: Bstuff appears to be infected with a Trojan...

Post by 3X00-Modified »

Yeah but what are you running for anti-virus Woody? Ace's flags are not from firefox, they are flags from his anti-virus program catching firefox trying to run something.

I wonder if the FF version your using doesn't not support the Java version the virus is trying to use to run.


Mr.Pink
Supreme Unit
Sleepy Goodness
"Beretta Guy"
User avatar
Barry
Global Moderator
Posts: 1871
Joined: Fri Feb 29, 2008 8:11 pm
Location: Hatfield Pa

Re: Bstuff appears to be infected with a Trojan...

Post by Barry »

I have no protection and knock on wood my computer works well for now...

I might get the herps


User avatar
woody90gtz
Registered User
Posts: 4698
Joined: Thu Jul 11, 2002 8:45 pm
Location: Walton, NY
Contact:

Re: Bstuff appears to be infected with a Trojan...

Post by woody90gtz »

Yeah, I have AV. I just meant I have gotten no AV warnings while surfing bstuff with FF.


91 "SS" - WOT 3400/5spd - 13.29@101.6 - World's fastest N/A FWD Beretta
96 "T56" LS/6spd/8.8 RWD swap - 13.45@104.7 lol
GEARHEAD dezign youtube
User avatar
Rodville
Registered User
Posts: 472
Joined: Tue Mar 09, 2004 8:06 am
Location: Davie, FL 33325
Contact:

Re: Bstuff appears to be infected with a Trojan...

Post by Rodville »

I get the same Trojan warnings.


User avatar
99GaGT3X00
Registered User
Posts: 804
Joined: Tue Jan 11, 2005 1:56 pm
Location: North Brookfield,MA
Contact:

Re: Bstuff appears to be infected with a Trojan...

Post by 99GaGT3X00 »

Barry wrote:I have no protection and knock on wood my computer works well for now...

I might get the herps
raw doggin it much. :lol:

woody my flag wasn't from firefox which is what i was using at the time, it was from AVG the virus scanner i have installed on the computer.


Image
3400/3500 Hybrid
227/233@.050 .515.515 lift 112LSA
15.232@88.85mph on stock 3400

99 Grand Am GT------03 Subaru Outback H6
Locked