Jump to content
Banner by ~ Ice Princess Silky

Antivirus disapproves of Beyond Equestria

Drakkon

By Drakkon, Retired Staff

 Share
Go to solution Solved by Jeric,

Recommended Posts

Drakkon

Drakkon 362

Hi,

I tried clicking the 'Beyond Equestria' (http://mlpforums.com/forum/5-beyond-equestria/) category and my anti-virus went haywire, warning me of a site that begins with "mentol" (obviously not going to link) being malicious. I do not know if this is some kind of client-side malware that's appended it on that specific page by some unknown criteria, but I'd just like to ask if anyone (with an antivirus, I use Avast myself) is experiencing similar issues. I tried opening that same page with Internet Explorer and similarly I cannot access it due to my anti-virus, so it's highly unlikely to be a malicious plugin or addon. I've also not encountered this, needless to say, on any other site or page.

Disabling JavaScript as well as my web shield, I accessed Beyond Equestria and couldn't find any mention in the HTML of this website. It's entirely possible to "spoof" the website by attempting to access it from within an embedded script and then send a request to a dynamic or otherwise encoded url, but I'd just like to check if this isn't some kind of virus on my end. I could PM anyone who asks for the website and url that popped up. Though I come here very cynically, since it's very unlikely to be on the end of mlpforums just because of how difficult it is to embed something on a specific category forum in IPB without resorting to embedded HTML in subforum descriptions / board rules. Which I couldn't find anything like that in.

 

Scanner report:

12/23/2014 6:40:57 AM    http://mlpforums.com/forum/5-beyond-equestria/|>{gzip} [L] HTML:Script-inf (0)
12/23/2014 6:40:57 AM    http://mentol[...].com/?8L3=86Y&n5t=Wdkk7&6PuxAN=5K6n&EO_Xbs=Z9G6&HdDT=NfYdv&eFA9=Z1H2M&wcl0=V5_3&SKL=u1MPcP [L] URL:Mal (0)
12/23/2014 6:42:08 AM    http://mentol[...].com/ [L] URL:Mal (0)
12/23/2014 6:42:09 AM    http://www.mentol[...].com/ [L] URL:Mal (0)
12/23/2014 6:49:21 AM    http://mentol[...].com/ [L] URL:Mal (0)
12/23/2014 6:49:21 AM    http://www.mentol[...].com/ [L] URL:Mal (0)
12/23/2014 6:49:24 AM    http://www.mentol[...].com/ [L] URL:Mal (0)

 

Edit, since I can't reply: Searched the website on google... what do you know! First result is mlpforums, it looks like the problem was solved but perhaps not all of your caches have been reset? That would seem odd though, since as a category page it's actually quite frequently recached. Perhaps it's being served from a different pool.

 

After a restart of my computer I can access that category again, but I'm pretty sure it's being my antivirus reset its personal cache. If I get it again I'll edit this post.

 

  • Brohoof 2
Link to comment
Share on other sites
Drakkon

Drakkon 362

  • Author
(edited)

12/25/2014 5:23:22 AM    http://mlpforums.com/topic/57780-who-is-the-luckiestunluckiest-mane-6-pony/|>{gzip} [L] HTML:Script-inf (0)

12/25/2014 5:23:22 AM    http://mentol...com/?u6jIo_=cb12ty1HeMfu&aWkOf2=j5YdGcXO61Q4vcI&FIpm=4In5Htc3m9Hx75y&CUe=s4_9GI0se6Oc7 [L] URL:Mal (0)

 

 

Yeah, it's very rare, seems to happen one in... well, maybe hundreds of page views, but definitely isn't a bad ad cache. Viewed this thread fine before that. It really wouldn't be a problem if Avast didn't basically block my access to the url until my computer's next restart.

Edited by Inactive User
  • Brohoof 2
Link to comment
Share on other sites
Jeric

Jeric 46,835

Hm. We had this come up last month and found the culprit and had avast clear it. I'll ping Lavo again on this. This was not a rogue ad last time. 

  • Brohoof 2
Link to comment
Share on other sites
Jeric

Jeric 46,835

  • Solution

I can actually utter these words ...

 

Princess Celestia fixed this. :)

 

Seriously though, Lavo and the Dev team have resolved the issue. As with all alerts like these we take them seriously. Open a thread here or a support ticket if you receive an alert from your security program or utility of choice. Closing this out

  • Brohoof 1
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...