Main Menu |
Most Favorited Images |
Recently Uploaded Images |
Most Liked Images |
Top Reviewers |
cockalatte |
646 |
MoneyManMatt |
490 |
Still Looking |
399 |
samcruz |
399 |
Jon Bon |
396 |
Harley Diablo |
377 |
honest_abe |
362 |
DFW_Ladies_Man |
313 |
Chung Tran |
288 |
lupegarland |
287 |
nicemusic |
285 |
You&Me |
281 |
Starscream66 |
280 |
George Spelvin |
265 |
sharkman29 |
255 |
|
Top Posters |
DallasRain | 70796 | biomed1 | 63334 | Yssup Rider | 61040 | gman44 | 53297 | LexusLover | 51038 | offshoredrilling | 48679 | WTF | 48267 | pyramider | 46370 | bambino | 42781 | CryptKicker | 37223 | The_Waco_Kid | 37144 | Mokoa | 36496 | Chung Tran | 36100 | Still Looking | 35944 | Mojojo | 33117 |
|
|
02-06-2010, 08:41 AM
|
#1
|
Gaining Momentum
Join Date: Jan 15, 2010
Location: Maumelle, AR
Posts: 53
|
Malware Threat in the Blond_Lilly ad
Looks like the Malware Threat that I have been seeing is also in the pictures on the Blond_Lilly ad. Her web site does not work either.
|
|
Quote
| 1 user liked this post
|
02-06-2010, 08:52 PM
|
#2
|
Pending Age Verification
User ID: 3424
Join Date: Dec 30, 2009
Location: East Coast
Posts: 1,945
My ECCIE Reviews
|
Web site is working fine actually--has been all day. And there's nothing "in" the pictures on my ad--no embedded links or anything. What exactly are you referring to?
|
|
Quote
| 1 user liked this post
|
02-07-2010, 09:09 AM
|
#3
|
Permanently retired
Join Date: Dec 31, 2009
Location: St. Louis, MO
Posts: 7,518
|
Not trying to be a white knight here... As a geek, I do run a number of anti-malware programs, including a couple that will give me real-time notification of any malware trying to play dirty with my machine.
That being said, I've never seen either of them go off when I've either read Lily's ads or visited her website, and scans I've run with my other (non-real-time) anti-malware and antivirus software have come up negative (and I did those scans several days to a week or so after either reading her ad or visiting her website). I'd need to know a little more about what's setting off the original poster's alarms before I could express an intelligent opinion on what's going on.
Cheers,
bcg
|
|
Quote
| 1 user liked this post
|
02-07-2010, 04:19 PM
|
#4
|
Gaining Momentum
Join Date: Jan 15, 2010
Location: Maumelle, AR
Posts: 53
|
This is the error that is showing when I attempt to respond to this message
16:16:26 IP-BLOCK 85.17.184.2
The error is being logged in the Malwarebyte's anti-malware log file.
Therefore, I believe the issue has to be with BlondLilly's picture or the ECCIE advertising banner in the upper right hand corner. Since, I don't think it would be the ECCIE advertising banner, I would tend to take that BlondLilly's picture is the culprit.
|
|
Quote
| 1 user liked this post
|
02-07-2010, 04:39 PM
|
#5
|
Permanently retired
Join Date: Dec 31, 2009
Location: St. Louis, MO
Posts: 7,518
|
Quote:
Originally Posted by niceguy4u2010
This is the error that is showing when I attempt to respond to this message
16:16:26 IP-BLOCK 85.17.184.2
The error is being logged in the Malwarebyte's anti-malware log file.
Therefore, I believe the issue has to be with BlondLilly's picture or the ECCIE advertising banner in the upper right hand corner. Since, I don't think it would be the ECCIE advertising banner, I would tend to take that BlondLilly's picture is the culprit.
|
Interesting.
I would suspect the ad banner, myself. I'm not aware of many (if any) pictures that harbor malware, whereas a fair number of ad servers have been compromised and feed malware to people who visit sites served by the ad server.
FWIW, the IP address referenced in your log entry resolves to a domain called escortsite.com, not to ECCIE (which has an IP address of 174.123.112.146, according to a quick NSLOOKUP). I'm still suspecting another vector other than ECCIE or the picture.
ETA: OTOH, a quick NSLOOKUP on blondlily.com resolves to the escortsite.com IP address (which means her page is hosted there, most likely). Ok; if Lily's linking to her picture on her website at escortsite.com, that might be the vector that your program is complaining about. Lily may need to confer with her host server admin as well. You may be onto something.
Best to refer this to the mods or site admin to look into the issue.
Cheers,
bcg
|
|
Quote
| 1 user liked this post
|
02-07-2010, 04:49 PM
|
#6
|
Gaining Momentum
Join Date: Jan 15, 2010
Location: Maumelle, AR
Posts: 53
|
Thanks for the information.
|
|
Quote
| 1 user liked this post
|
02-07-2010, 07:30 PM
|
#7
|
Pending Age Verification
User ID: 3424
Join Date: Dec 30, 2009
Location: East Coast
Posts: 1,945
My ECCIE Reviews
|
My pics aren't linked to anything. And I use the same host as most other escort websites do. Am I missing something? Has someone's computer been damaged or something due to something I put up?
|
|
Quote
| 1 user liked this post
|
02-07-2010, 07:50 PM
|
#8
|
Permanently retired
Join Date: Dec 31, 2009
Location: St. Louis, MO
Posts: 7,518
|
Quote:
Originally Posted by Blond_Lily
My pics aren't linked to anything. And I use the same host as most other escort websites do. Am I missing something? Has someone's computer been damaged or something due to something I put up?
|
Someone's malware detector is logging some sort of issue with the IP address your host has been assigned.
I've not noticed any such problem with either your pictures or your website. More than that I can't say.
If I were in your shoes I'd notify the escortsite.com site admins that someone's installation of Malwarebytes Anti-Malware is logging an issue coming from their IP address (I hope that the ECCIE mods are watching this thread and can tell the appropriate people here that there's some issue that may be affecting banner ads which point to escortsite.com websites). Since so many other escorts use escortsite.com it's not at all clear (IMHO) that it's your site alone which is setting off his copy of Anti-Malware; it could be associated with another escort's site or with a banner ad which points to another site hosted there.
FWIW, I've visited your site several times and it's never set off my malware detectors, and I'm not aware of any claims that anyone has actually been infected with anything either through here or via a visit to your site.
Cheers,
bcg
|
|
Quote
| 1 user liked this post
|
02-07-2010, 09:18 PM
|
#9
|
Account Disabled
Join Date: Dec 31, 2009
Location: Little Rock
Posts: 352
|
I have not noticed any problems at Lilys site. I will say this,when I registered at escort-site,I assume the host,somehow picked up an old user name,I had registered under on another escorts website,I don't know how long ago. Somehow,it had detected the old account from my email address.It seemed odd,but that was some time ago, and I have not noticed any problems with my computer. Is it possible that whatever it is,sorry to be so non tech,that found my old account ,or something of that nature could be what the anti-Malware is detecting?
|
|
Quote
| 1 user liked this post
|
02-08-2010, 02:47 AM
|
#10
|
Pending Age Verification
User ID: 3424
Join Date: Dec 30, 2009
Location: East Coast
Posts: 1,945
My ECCIE Reviews
|
Any time you register for an escort-site website, you must use the same username and password that you used with the one you previously registered with. I hate that feature of it, but all the membership are put into the same pool.
|
|
Quote
| 1 user liked this post
|
02-08-2010, 04:12 PM
|
#11
|
Gaining Momentum
Join Date: Jan 15, 2010
Location: Maumelle, AR
Posts: 53
|
I have placed the information into the Malwarebyte false positive forum for review. An earlier email to Malwarebyte requested the information be placed onto their false positive forum.
|
|
Quote
| 1 user liked this post
|
02-08-2010, 04:18 PM
|
#12
|
Account Disabled
User ID: 3164
Join Date: Dec 29, 2009
Location: little rock ark
Posts: 154
My ECCIE Reviews
|
Thats interesting. Luckily I have never did have a problem when I was using the escortsite but you never know with the interenet. Keep us posted us guys so we can all learn how to avoid it...You are right Lily but maybe the site will change it if enough providers suggest and or complain about it
|
|
Quote
| 1 user liked this post
|
02-08-2010, 04:26 PM
|
#13
|
Thank God it's Firday!
Join Date: Dec 12, 2009
Location: Austin, TX
Posts: 2,698
|
Quote:
Originally Posted by niceguy4u2010
This is the error that is showing when I attempt to respond to this message
16:16:26 IP-BLOCK 85.17.184.2
The error is being logged in the Malwarebyte's anti-malware log file.
Therefore, I believe the issue has to be with BlondLilly's picture or the ECCIE advertising banner in the upper right hand corner. Since, I don't think it would be the ECCIE advertising banner, I would tend to take that BlondLilly's picture is the culprit.
|
I think this means that malwarebytes has 85.17.184.2 flagged as an IP address that contains malware. 85.17.184.2 appears to be a webserver address that contains many web sites. If one of those web sites had malware on it at some time, malwarebytes may have flagged this as a bad IP.
If this is what happened, malwarebytes is doing what it's supposed to do. 85.17.184.2 had malware on it. Even if there was nothing wrong on blondlilly's site, there was something bad on 85.17.184.2. There are over 100 web sites at that address.
http://www.robtex.com/ip/85.17.184.2.html
|
|
Quote
| 1 user liked this post
|
02-08-2010, 04:41 PM
|
#14
|
Permanently retired
Join Date: Dec 31, 2009
Location: St. Louis, MO
Posts: 7,518
|
That makes a lot o'sense. Gracias.
Cheers,
bcg
|
|
Quote
| 1 user liked this post
|
02-09-2010, 07:56 AM
|
#15
|
Gaining Momentum
Join Date: Jan 15, 2010
Location: Maumelle, AR
Posts: 53
|
To be clear, they're not blocked due to content, they're only blocked due to malicious activity on the site that provides the hosting of services.
Once malicious activity is removed, the block will also be removed.
--------------------
Tom Mercado
Malwarebytes Customer Support
|
|
Quote
| 1 user liked this post
|
|
AMPReviews.net |
Find Ladies |
Hot Women |
|