When I click on my P/U Makers Shortcut, I get a redirect to an Add Site.
Never got that before.
I just ran all my SuperantiSpyware, and after deleting the cookies it shows to be clean.
This Forum Site is about to get to be more Trouble than it's worth.
Earlier it was asking to run a Scandisk.exe when I clicked on my Shortcut.
GeeZus H. What is going On?
T

Redirecting web searches is one of the spam scammers favorite tricks.
They are also trying to steal your account numbers and passwords.
If you are using a free antivirus that you downloaded from the internet, it's substandard.
Use only a real professional all in one antivirus. Norton, Kalpersky, Panda, are highly rated.
Do not load multiple security programs, that are mismatched. They can conflict and cause all sorts of issues.
There are a huge number of fake antiviruses, offered on the internet for free. Don't fall for it.
Clearing your cookies: not all cookies will be deleted. There are "permanent" cookies that have to be deleted manually.
On line scans: most of them are fake. They are designed to trick you. What is really happening is that you computer is being scanned for info that can be stolen and used to steal from you. Again, don't fall for it.
"Free" video games and other "free" applications: DO NOT. Don't be an idiot.

And Last, the "fix it" program. Claims to "speed up" your computer, "sweep" spyware, "clean" the computer registry, "fix" problems. A fool and his money are soon parted, there is a sucker born every minute. Don't be the sucker.
If the software is not signed by microsoft, think again.

I Partially agree with all you said, but why are we only getting it when we try to access this site?
It is here and No where else, that I go.
Don't turn this around and act Like it's my Fault.
Tboy or Someone needs to Fix this Crap!
I'm not an Idiot, Are You.?
I don't Like Your Asinine Language, There is no Reason, or Call for it Here.
T

I said: "don't be an idiot."
I never said: "you are an idiot."
Read more carefully, and don't assume.

And so, you loaded free security into your computer, and now you wonder why you are infected? Guess why.

1. Obtain a professional antivirus, not the free kind. Panda can be had on Amazon for $10. Kalpersky for $35, etc...
2. Delete all existing security add-ons that you installed FIRST.
3. Install the real antivirus.
4.Registrar the antivirus, update the antivirus on the manufacturer's website.
5. Scan entire computer.
BINGO, now you may not be infected anymore.

However, there are certain infections that require wiping the entire drive and starting over from scratch. If you have been using "free" security" this might be the way to roll.

As far as MEF server being infected, there are several good security systems, at about $100 a year. But we don't know if the problem is really in the MEF server. That's not our responsibility.
If the problem is there, I trust the person who supervises will take care of it. I have no doubt in this person.

The worst: double trojan CiA virus. It stops you from reformatting the drive. Takes over control of existing antivirus and security. Most antivirus is incapable of stopping it.....Bulk Erase the hard drive, if you can, or buy another hard drive.
I mean this is a bad one.

I'm Not infected, You need to read more careful.
The site is apparently infected, and it keeps coming up with this stuff every few months.
I was merely asking the question what was going on, then you jumped in with all this stuff everyone needs, or has to do.
I don't currently need to do anything on this end. If you think it needs to be done you do it.
I was just talking about the MEF Issue.
So Preach to the MEF not me.
T

Just got a warning again that a trojan horse was blocked when I accessed the site, and that's using Mozilla with an adblocker. So something weird is going on.

I'm with JoeM. something is definitely on the site.

FWIW: what I've found here

I use AdblockPlus in a very paranoid way, so I regularly open pages I visit often and preventively block any addresses which have the string "ads" in their name, among others.
And whatever looks like it does not belong here *at all*.
Here I found (still here but blocked by me):
>>>http://gamessilver.in/in.cgi?walter<<< PLEASE DO *NOT* CLICK HERE !!!!!!!!!!!!
Since "games" anything does not belong here, I googled it.
The page which talks about this malware is:
javascript - Remove Malware from Website - Stack Overflow
which *should* be clickable, it explains what that malware does and explains how to get rid of it.
Might be useful.
In case you don´t dare to click that page (I wouldn't be surprised), some of what it says is:
>>>>>>>>>>>>>>>>>>>>> cut and paste >>>>>>>>>>>>>
My website, 3dsforums.com, has been marked as an attack site for containing malware. According to Google Webmaster Tools, this is the suspected code that has been injected onto every page:
yada yada yada yada (don´t dare to paste it here)
.................
As such, I have two questions:

Is this actually the offending code?

And how do I remove it?

I can't seem to find it via the templates in vBulletin, or through phpmyadmin, so I'm lost as to what I should do.

Thanks for any help.
........................

That completely depends on the code. Check all of your source files. (and check file timestamps)
................................
It looks suspicious (who would obfuscate that?), so I would assume that yes, it's the problem, and you should remove it.

Edit: Now that the malicious site is back up, I can analyze the rest: it appears to add an iframe:
yada yada yada yada
Kind of strange to be appending it to the head.

The in.cgi script appears to redirect to Google if the User-Agent is not very exploitable. Otherwise, it redirects to another malicious website.
.............................

Thanks for the help. I'm upgrading to the latest version of vBulletin to overwrite all the files, and hopefully that knocks out the malware. I'm not really sure where the code is, unfortunately. –
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Might help.

Microsoft Security Essentials just snagged this cutey as I accessed MEF tonight.

I just did that last week, but for good measure I just now replaced all the files with fresh copies. That won't help if malware is coming in through some of the ads, though. What would help is if I could see the html source code of any page that triggers a warning, or screen shots of the ads that are displayed when a warning occurs. I've been looking things over for any sign of a recurrence of problems I've found before, but haven't seen anything suspicious yet.

I haven't seen any problems since I started using Adblock Plus.

Do you have anti-virus software on the server?

I'm not getting any warnings either by coming here directly, or through Google. I wonder why some people are and others are not? Might have something to do with caches in proxy servers used by internet providers. I'm also using OpenDNS, so I don't know if that matters.

Hey tboy, as long as we have you here, what happened to the Wiki? It's a blank page now.

I use that too, but still got the warning yesterday.

I think the ads are targeted, likely to geographical location. So some will get the warning and some won't.
I have adblock plus and haven't seen any problem.

On my Mac I haven't seen any sign of problems, but on my new PC laptop I have been hit about 6 times with some sort of trojan virus that Windows blocks and removes.

If I enter from Google, sometimes I get a full screen message that tells me that I need to turn off adblocker in order to enter the site. It pretty much tries to take control of my computer and that is when I get the Virus warning from Windows, asking if I want to open such and such a file. It also warns me that it is a virus of some sort, and I just hit the remove button.

But there are other times entering from Google that I get to the main forum with no problems at all.