Virus Warning

It looks as though this site may have been the victim of a virus attack yesterday, 11th November. A number of users have reported a trojan horse attack on their PC's while on the site.

The virus concerned is MHTMLRedir.Exploit and you can find information on it here (http://securityresponse.symantec.com/avcenter/venc/data/mhtmlredir.exploit.html).

Depending on what version of Windows and Browser you are using, you may also be prompted to install a "Content Access Plugin". You should definately not install this.

It looks as though the virus may have been on the web server and not part of this site so I am not considering closing the site at the moment.

If you visited the site yesterday, please do a full system virus scan on your PC and make sure your anti-virus software is up to date. Please also keep your browser up to date with any security patches.

Please report any further instances of this, or any other viruses to me as soon as possible.

Thanks

Update:

As of now, 12:00 GMT 12th November, the threat is still current.

Let me stress that if your anti-virus software and browser are up to date, the exploit will be stopped providing that you do not install anything from this site.

The issue is currently under investigation and if it cannot be resolved by the end of the day, the board will be closed until it is.

Do you think it is related to this member?Those warez sites are usually plagued with spyware and viruses.Speculation I know but could be a possibilty.
spam member (http://cadtutor.net/forum/viewtopic.php?t=2040)

No, I don't think that's the case. This threat doesn't appear to have anything to do with the forum itself. It looks as though one of the webservers hosting the site is to blame.

The result of installing the "plugin" is that your default homepage will be changed. The exe appears to come from a porn site - no surprise there.

Let me just reiterate: you do not need any special plugin to view this site, so if you are prompted to do so, just say no.

The worrying point is that if you are using Internet Explorer and you haven't installed any security patches since before April this year, the download may be installed without you knowing.

Please check that your browser software is up to date. This only affects IE. If you're using Firefox or some other browser, you will see the download prompt and you can safely say no.

Yes, I saw this late last night on my home computer. Pop-ups from hell! I also wondered where it was coming from.

Update:

I've just had the "all clear" from my web host. Don't have all the details yet but the threat has now been removed.

You and webserving hosts :) .Lets hope this one works out OK.Thanks for the quick response and advice over the virus.

Getting your webhost right is a reall nightmare for any website owner. I am pretty confident that the current host will work out fine. I am impressed with the improved speed and my feeling is that the timeslip problem we suffered a few weeks ago and this recent virus problem are essentially teething troubles. I have to say that they've been pretty quick to sort things out once it has been pointed out but we'll have to keep our eye on things for a while.