oak1971
Regular Member
I got hit again while on this forum. AGV stopped it....I hope.
I got hit again while on this forum. AGV stopped it....I hope.
My Malwarebytes real-time scanner stopped and flagged the IP in the log above a few times last week while I was on this forum.
NetRange: 178.0.0.0 - 178.255.255.255
CIDR: 178.0.0.0/8
OriginAS:
NetName: 178-RIPE
NetHandle: NET-178-0-0-0-1
Parent:
NetType: Allocated to RIPE NCC
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Comment: the RIPE database at http://www.ripe.net/whois
RegDate: 2009-01-30
Updated: 2009-05-18
Ref: http://whois.arin.net/rest/net/NET-178-0-0-0-1
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2011-09-24
Ref: http://whois.arin.net/rest/org/RIPE
ReferralServer: whois://whois.ripe.net:43
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: hostmaster@ripe.net
OrgTechRef: http://whois.arin.net/rest/poc/RNO29-ARIN
OrgAbuseHandle: RNO29-ARIN
OrgAbuseName: RIPE NCC Operations
OrgAbusePhone: +31 20 535 4444
OrgAbuseEmail: hostmaster@ripe.net
OrgAbuseRef: http://whois.arin.net/rest/poc/RNO29-ARIN
What do the logs say?
OK.
That IP address has nothing to do with this forum. You are infected by something.
That is a Netherland based IP.
In addition, that IP address is on at least 3 black lists, once again, no relation to opencarry.org.
No, I'm not infected. When I read your comment, I updated both AVG and Malwarebytes and sent both on a hunt. Results: nothing.
I disagree about "no relation" to opencarry.org.
1. I got the flags while on OCDO, repeatedly, while having no other tabs or browsers open, and while not having visited any other websites during the browser session.
2. Lots of others are having problems.
I would really like to hear from John or Mike about what is going on. I've PMd John twice. No word for a week or so now. You'd think somebody, somewhere, either John, Mike, or the host server admins would say something definitive. Even a "we're working on it" would be better than silence.
3. Never, never in the history of OCDO has this happened--this being multiple reports from forum users of security alarms going off.
While it may not be John's forum software, I see no reason to exclude the ads or something on the forum's host server. All of which are related to OCDO, while not being OCDO directly.