Security Alert On This Forum

All things not relating to the other forums.
Post Reply
User avatar
Garrycol
Australia
Posts: 423
Joined: Sat Oct 06, 2012 6:49 am
Location: Canberra Australia

Security Alert On This Forum

Post by Garrycol »

Hi - I cannot find an Admin section so will post here.

Over the past two days, whenever I open this forum - and no other forum or websites - I get security alerts from my anti-virus software which later says it found two suspicious files and they have been quarantined.

This is the first alert I get followed by some others.
Security Alert.jpg
Security Alert.jpg (177.31 KiB) Viewed 3832 times
As I said - only on this forum.

Anyone else have similar issues.

Garry
1973 Haflinger AP700
1977 Landrover FC 101
2007 Range Rover Sport TDV6
1971 Jaguar Series 3 E-Type Conv
1957 Landrover 88" Station Wagon
1957 Landrover 88"
User avatar
VinceAtReal4x4s
Admin
United States of America
Posts: 2035
Joined: Mon Apr 12, 2004 10:36 pm
Location: Ca. or lost in South West USA
Contact:

Re: Security Alert On This Forum

Post by VinceAtReal4x4s »

Never heard of that one.
"For those who risk, life has a flavor the protected shall never enjoy"

Your donation makes this site possible!

Image
User avatar
Garrycol
Australia
Posts: 423
Joined: Sat Oct 06, 2012 6:49 am
Location: Canberra Australia

Re: Security Alert On This Forum

Post by Garrycol »

Just came back and in to look at posts and the alerts popped straight up - same as above initially and second alert says "Real Time Protection detected 3 suspicious patterns. We moved the files to quarantine".

As I said on when this forum is accessed.

I will clear cookies etc for the forum and see if that changes anything.

Garry
1973 Haflinger AP700
1977 Landrover FC 101
2007 Range Rover Sport TDV6
1971 Jaguar Series 3 E-Type Conv
1957 Landrover 88" Station Wagon
1957 Landrover 88"
User avatar
BobbyD
United States of America
Posts: 120
Joined: Thu Oct 01, 2009 12:06 am
Location: Carlsbad, CA

Re: Security Alert On This Forum

Post by BobbyD »

@ Garry,
What are the names of the quarantined files?

Thank you,
Robert
1971 710K S
N2PNZ
User avatar
rmel
United States of America
Posts: 1395
Joined: Sun Sep 25, 2011 12:19 pm
Location: Woodside, CA
Contact:

Re: Security Alert On This Forum

Post by rmel »

Anti virus packages will write a log file Of any suspicious scan entry. That file should give you a good idea of what is triggering this quarantine action.


Sent from my iPhone using Tapatalk
Puller: 71' 710K 2.7L EFI aka Mozo
Follower: Sankey MK 3, 3/4 Tonne
Rescue Pinz: 73' 712MK

Driver: Ron // KO0Q
User avatar
Garrycol
Australia
Posts: 423
Joined: Sat Oct 06, 2012 6:49 am
Location: Canberra Australia

Re: Security Alert On This Forum

Post by Garrycol »

BobbyD wrote:@ Garry,
What are the names of the quarantined files?

Thank you,
Robert
Hi Robert - is as per the screen shot above.

I have cleared history, logged out, removed cookies, removed the forum from my system and did a disk cleanup via two separate systems.

On reinstalling the forum and logging in, I get the same security alerts - as indicated it is only this site and only started a couple of days ago.

System is otherwise OK and does not seem to be infected with anything - after the file/s have been quarantined all is OK with no alerts until I come back to the forum next time when the same security alert process plays out again.

Thanks

Garry
1973 Haflinger AP700
1977 Landrover FC 101
2007 Range Rover Sport TDV6
1971 Jaguar Series 3 E-Type Conv
1957 Landrover 88" Station Wagon
1957 Landrover 88"
User avatar
TechMOGogy
Canada
Posts: 2831
Joined: Wed Feb 01, 2012 11:39 am
Location: Ontario, Canada

Re: Security Alert On This Forum

Post by TechMOGogy »

I get no errors and have tried from home and work computers.
At work I run local, firewall and 3rd party scanners so it should pick up anything suspicious.
I just ran 2 free online web scanning services and both came up clean.
Perhaps false positives from your AV/Malware software?
Dan
521A4532-CB22-4502-A2AC-D0D2A7F547F2.jpeg
521A4532-CB22-4502-A2AC-D0D2A7F547F2.jpeg (387.72 KiB) Viewed 3729 times
FC9C8F02-2915-47BE-A464-ED1DFC14E9EE.jpeg
FC9C8F02-2915-47BE-A464-ED1DFC14E9EE.jpeg (104.4 KiB) Viewed 3729 times
72 Pathfinder | 75 710M 2.7i | 96 350GDT Worker
User avatar
BobbyD
United States of America
Posts: 120
Joined: Thu Oct 01, 2009 12:06 am
Location: Carlsbad, CA

Re: Security Alert On This Forum

Post by BobbyD »

I believe it is a semi false positive. A common tracking pixel called s.thebrighttag.com is in the site pages. That tag is owned by Signal. A real affiliate tracking marketing company. BUT now there is a malware in the wild of the same name made by the bad guys... not Signal. So, there is more than one virus checker that is confused... intentionally. Deep sigh.

Robert
1971 710K S
N2PNZ
User avatar
Garrycol
Australia
Posts: 423
Joined: Sat Oct 06, 2012 6:49 am
Location: Canberra Australia

Re: Security Alert On This Forum

Post by Garrycol »

Thanks for the responses - I think the issue is along the lines of confused anti virus software do some files that are similar something a bit nasty.

After the files are quarantined the system goes quiet and seems happy until the forum is opened next time - I guess something I have to live with. I will uninstall the anti virus software and reinstal and see what happens.

Thanks

Garry
1973 Haflinger AP700
1977 Landrover FC 101
2007 Range Rover Sport TDV6
1971 Jaguar Series 3 E-Type Conv
1957 Landrover 88" Station Wagon
1957 Landrover 88"
User avatar
Garrycol
Australia
Posts: 423
Joined: Sat Oct 06, 2012 6:49 am
Location: Canberra Australia

Re: Security Alert On This Forum

Post by Garrycol »

I have changed anti-virus software and not having any issues.

Thanks to all who commented.

Cheers

Garry
1973 Haflinger AP700
1977 Landrover FC 101
2007 Range Rover Sport TDV6
1971 Jaguar Series 3 E-Type Conv
1957 Landrover 88" Station Wagon
1957 Landrover 88"
Post Reply