Procol Harum

the Pale

PH on stage | PH on record | PH in print | BtP features | What's new | Interact with BtP | For sale | Site search | Home

A solution for the BtP spamscam virus

At last, an end to all those PC problems

Recent messages on the Beanstalk, and mails to the webmasters, have indicated problems on BtP. Problems have included: intrusive pop-ups when accessing the website and virus warnings when accessing BtP, digest mode turning into non-digest mode on the Beanstalk, and unavailability of corrective facility.

The BtP team has gone through numerous efforts to solve this, because we want happy 'customers'. At first the problems seemed to be part of the recent BtP server move. Now it turns out that the server move is part of the solution for the problem, and here is what happened and how to remedy this problem for now and the future.

What happened?
Apparently the old server was hacked by some unknown person, and this person attached a redirecting virus to several of the 4000+ pages on BtP. Doing so he/she also got access to the Beanstalk subscribers' list and the server logs where visitor information was stored. The effect of this is that this criminal individual can now send viruses and spam to anybody visiting BtP, provided his/her name is among those identities stolen during the break-in. This is also used to install spyware code on the PCs involved. Unfortunately, since this harm has already happened, staying away from BtP will not help.

The solution
The good news are that the server move has made it possible to block this unwanted invasion of our PCs. The reason is that during the server move, all BtP files were downloaded to Jens's PC and scanned and repaired for viruses and spyware. A total of 1,379 infections was identified and destroyed!

The new BtP server have been updated with clean files, and is completely safe to access. But since the old domain name ( is used for the new server, the old infections will be activated when the new BtP server is accessed: unless it is cleansed by a firewall cross reference called Latent Unmasked Rejection Test (LURT). To activate this you need to register yourself in the LURT database, and the software on the new BtP server will automatically block any attempt to break in through the firewalls. This blocking is permanent and transparent to you, but since1,379 files were infected (and you may have accessed several of these) the process is not completely sealed until all the files that you did access during the infected period have been accessed.

What to do

Sorry for any inconvenience, but at least we are glad that we were able to find a solution and cure to the problems caused.

Shine on!
Jens + Roland

PH on stage | PH on record | PH in print | BtP features | What's new | Interact with BtP | For sale | Site search | Home