Welcome to ECCIE, become a part of the fastest growing adult community. Take a minute & sign up!

Welcome to ECCIE - Sign up today!

Become a part of one of the fastest growing adult communities online. We have something for you, whether you’re a male member seeking out new friends or a new lady on the scene looking to take advantage of our many opportunities to network, make new friends, or connect with people. Join today & take part in lively discussions, take advantage of all the great features that attract hundreds of new daily members!

Go Premium

Go Back   ECCIE Worldwide > Other US Hotspots > Arkansas > The Sandbox
test
The Sandbox The Sandbox is a collection of off-topic discussions. Humorous threads, Sports talk, and a wide variety of other topics can be found here. If it's NOT an adult-themed topic, then it belongs here

Most Favorited Images
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
Most Liked Images
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
  • Thumb
Top Reviewers
cockalatte 646
MoneyManMatt 490
Still Looking 399
samcruz 399
Jon Bon 396
Harley Diablo 377
honest_abe 362
DFW_Ladies_Man 313
Chung Tran 288
lupegarland 287
nicemusic 285
You&Me 281
Starscream66 280
George Spelvin 265
sharkman29 255
Top Posters
DallasRain70796
biomed163334
Yssup Rider61040
gman4453297
LexusLover51038
offshoredrilling48679
WTF48267
pyramider46370
bambino42781
CryptKicker37223
The_Waco_Kid37144
Mokoa36496
Chung Tran36100
Still Looking35944
Mojojo33117

Reply
 
Thread Tools
Old 02-06-2010, 08:41 AM   #1
niceguy4u2010
Gaining Momentum
 
niceguy4u2010's Avatar
 
Join Date: Jan 15, 2010
Location: Maumelle, AR
Posts: 53
Encounters: 3
Default Malware Threat in the Blond_Lilly ad

Looks like the Malware Threat that I have been seeing is also in the pictures on the Blond_Lilly ad. Her web site does not work either.
niceguy4u2010 is offline   Quote
Old 02-06-2010, 08:52 PM   #2
Lily Blair
Pending Age Verification
 
User ID: 3424
Join Date: Dec 30, 2009
Location: East Coast
Posts: 1,945
My ECCIE Reviews
Default

Web site is working fine actually--has been all day. And there's nothing "in" the pictures on my ad--no embedded links or anything. What exactly are you referring to?
Lily Blair is offline   Quote
Old 02-07-2010, 09:09 AM   #3
bluffcityguy
Permanently retired
 
bluffcityguy's Avatar
 
Join Date: Dec 31, 2009
Location: St. Louis, MO
Posts: 7,518
Encounters: 25
Default

Not trying to be a white knight here... As a geek, I do run a number of anti-malware programs, including a couple that will give me real-time notification of any malware trying to play dirty with my machine.

That being said, I've never seen either of them go off when I've either read Lily's ads or visited her website, and scans I've run with my other (non-real-time) anti-malware and antivirus software have come up negative (and I did those scans several days to a week or so after either reading her ad or visiting her website). I'd need to know a little more about what's setting off the original poster's alarms before I could express an intelligent opinion on what's going on.

Cheers,

bcg
bluffcityguy is offline   Quote
Old 02-07-2010, 04:19 PM   #4
niceguy4u2010
Gaining Momentum
 
niceguy4u2010's Avatar
 
Join Date: Jan 15, 2010
Location: Maumelle, AR
Posts: 53
Encounters: 3
Default

This is the error that is showing when I attempt to respond to this message

16:16:26 IP-BLOCK 85.17.184.2

The error is being logged in the Malwarebyte's anti-malware log file.

Therefore, I believe the issue has to be with BlondLilly's picture or the ECCIE advertising banner in the upper right hand corner. Since, I don't think it would be the ECCIE advertising banner, I would tend to take that BlondLilly's picture is the culprit.
niceguy4u2010 is offline   Quote
Old 02-07-2010, 04:39 PM   #5
bluffcityguy
Permanently retired
 
bluffcityguy's Avatar
 
Join Date: Dec 31, 2009
Location: St. Louis, MO
Posts: 7,518
Encounters: 25
Default

Quote:
Originally Posted by niceguy4u2010 View Post
This is the error that is showing when I attempt to respond to this message

16:16:26 IP-BLOCK 85.17.184.2

The error is being logged in the Malwarebyte's anti-malware log file.

Therefore, I believe the issue has to be with BlondLilly's picture or the ECCIE advertising banner in the upper right hand corner. Since, I don't think it would be the ECCIE advertising banner, I would tend to take that BlondLilly's picture is the culprit.
Interesting.

I would suspect the ad banner, myself. I'm not aware of many (if any) pictures that harbor malware, whereas a fair number of ad servers have been compromised and feed malware to people who visit sites served by the ad server.

FWIW, the IP address referenced in your log entry resolves to a domain called escortsite.com, not to ECCIE (which has an IP address of 174.123.112.146, according to a quick NSLOOKUP). I'm still suspecting another vector other than ECCIE or the picture.

ETA: OTOH, a quick NSLOOKUP on blondlily.com resolves to the escortsite.com IP address (which means her page is hosted there, most likely). Ok; if Lily's linking to her picture on her website at escortsite.com, that might be the vector that your program is complaining about. Lily may need to confer with her host server admin as well. You may be onto something.

Best to refer this to the mods or site admin to look into the issue.

Cheers,

bcg
bluffcityguy is offline   Quote
Old 02-07-2010, 04:49 PM   #6
niceguy4u2010
Gaining Momentum
 
niceguy4u2010's Avatar
 
Join Date: Jan 15, 2010
Location: Maumelle, AR
Posts: 53
Encounters: 3
Default

Thanks for the information.
niceguy4u2010 is offline   Quote
Old 02-07-2010, 07:30 PM   #7
Lily Blair
Pending Age Verification
 
User ID: 3424
Join Date: Dec 30, 2009
Location: East Coast
Posts: 1,945
My ECCIE Reviews
Default

My pics aren't linked to anything. And I use the same host as most other escort websites do. Am I missing something? Has someone's computer been damaged or something due to something I put up?
Lily Blair is offline   Quote
Old 02-07-2010, 07:50 PM   #8
bluffcityguy
Permanently retired
 
bluffcityguy's Avatar
 
Join Date: Dec 31, 2009
Location: St. Louis, MO
Posts: 7,518
Encounters: 25
Default

Quote:
Originally Posted by Blond_Lily View Post
My pics aren't linked to anything. And I use the same host as most other escort websites do. Am I missing something? Has someone's computer been damaged or something due to something I put up?
Someone's malware detector is logging some sort of issue with the IP address your host has been assigned.

I've not noticed any such problem with either your pictures or your website. More than that I can't say.

If I were in your shoes I'd notify the escortsite.com site admins that someone's installation of Malwarebytes Anti-Malware is logging an issue coming from their IP address (I hope that the ECCIE mods are watching this thread and can tell the appropriate people here that there's some issue that may be affecting banner ads which point to escortsite.com websites). Since so many other escorts use escortsite.com it's not at all clear (IMHO) that it's your site alone which is setting off his copy of Anti-Malware; it could be associated with another escort's site or with a banner ad which points to another site hosted there.

FWIW, I've visited your site several times and it's never set off my malware detectors, and I'm not aware of any claims that anyone has actually been infected with anything either through here or via a visit to your site.

Cheers,

bcg
bluffcityguy is offline   Quote
Old 02-07-2010, 09:18 PM   #9
Guest022210
Account Disabled
 
Guest022210's Avatar
 
Join Date: Dec 31, 2009
Location: Little Rock
Posts: 352
Encounters: 4
Default

I have not noticed any problems at Lilys site. I will say this,when I registered at escort-site,I assume the host,somehow picked up an old user name,I had registered under on another escorts website,I don't know how long ago. Somehow,it had detected the old account from my email address.It seemed odd,but that was some time ago, and I have not noticed any problems with my computer. Is it possible that whatever it is,sorry to be so non tech,that found my old account ,or something of that nature could be what the anti-Malware is detecting?
Guest022210 is offline   Quote
Old 02-08-2010, 02:47 AM   #10
Lily Blair
Pending Age Verification
 
User ID: 3424
Join Date: Dec 30, 2009
Location: East Coast
Posts: 1,945
My ECCIE Reviews
Default

Any time you register for an escort-site website, you must use the same username and password that you used with the one you previously registered with. I hate that feature of it, but all the membership are put into the same pool.
Lily Blair is offline   Quote
Old 02-08-2010, 04:12 PM   #11
niceguy4u2010
Gaining Momentum
 
niceguy4u2010's Avatar
 
Join Date: Jan 15, 2010
Location: Maumelle, AR
Posts: 53
Encounters: 3
Default

I have placed the information into the Malwarebyte false positive forum for review. An earlier email to Malwarebyte requested the information be placed onto their false positive forum.
niceguy4u2010 is offline   Quote
Old 02-08-2010, 04:18 PM   #12
kittendd
Account Disabled
 
User ID: 3164
Join Date: Dec 29, 2009
Location: little rock ark
Posts: 154
My ECCIE Reviews
Default

Thats interesting. Luckily I have never did have a problem when I was using the escortsite but you never know with the interenet. Keep us posted us guys so we can all learn how to avoid it...You are right Lily but maybe the site will change it if enough providers suggest and or complain about it
kittendd is offline   Quote
Old 02-08-2010, 04:26 PM   #13
GneissGuy
Thank God it's Firday!
 
GneissGuy's Avatar
 
Join Date: Dec 12, 2009
Location: Austin, TX
Posts: 2,698
Encounters: 12
Default

Quote:
Originally Posted by niceguy4u2010 View Post
This is the error that is showing when I attempt to respond to this message

16:16:26 IP-BLOCK 85.17.184.2

The error is being logged in the Malwarebyte's anti-malware log file.

Therefore, I believe the issue has to be with BlondLilly's picture or the ECCIE advertising banner in the upper right hand corner. Since, I don't think it would be the ECCIE advertising banner, I would tend to take that BlondLilly's picture is the culprit.
I think this means that malwarebytes has 85.17.184.2 flagged as an IP address that contains malware. 85.17.184.2 appears to be a webserver address that contains many web sites. If one of those web sites had malware on it at some time, malwarebytes may have flagged this as a bad IP.

If this is what happened, malwarebytes is doing what it's supposed to do. 85.17.184.2 had malware on it. Even if there was nothing wrong on blondlilly's site, there was something bad on 85.17.184.2. There are over 100 web sites at that address.

http://www.robtex.com/ip/85.17.184.2.html
GneissGuy is offline   Quote
Old 02-08-2010, 04:41 PM   #14
bluffcityguy
Permanently retired
 
bluffcityguy's Avatar
 
Join Date: Dec 31, 2009
Location: St. Louis, MO
Posts: 7,518
Encounters: 25
Default

That makes a lot o'sense. Gracias.

Cheers,

bcg
bluffcityguy is offline   Quote
Old 02-09-2010, 07:56 AM   #15
niceguy4u2010
Gaining Momentum
 
niceguy4u2010's Avatar
 
Join Date: Jan 15, 2010
Location: Maumelle, AR
Posts: 53
Encounters: 3
Default

To be clear, they're not blocked due to content, they're only blocked due to malicious activity on the site that provides the hosting of services.

Once malicious activity is removed, the block will also be removed.


--------------------

Tom Mercado
Malwarebytes Customer Support
niceguy4u2010 is offline   Quote
Reply



Similar Threads
Thread Thread Starter Forum Replies Last Post
Malware Threat with advertising banners niceguy4u2010 Technical Questions 2 02-08-2010 10:37 PM
Malware FYI 6ULDV8 Coed Discussions 16 02-02-2010 07:20 AM
Malware Threat niceguy4u2010 The Sandbox 1 02-01-2010 05:40 PM

AMPReviews.net
Find Ladies
Hot Women

Powered by vBulletin®
Copyright © 2009 - 2016, ECCIE Worldwide, All Rights Reserved