0
jceman

Popups and Trojans

By jceman, in Error and Bug Reports

Recommended Posts

jceman    1

jceman
The attached report came from Avast AV software while accessing the forums tonight -- the affected connection from the offending ad has been blocked and now I have to repeatedly refresh until it rotates out or I only get blank areas in the center of the page. (Head, foot and side banners still display).

This was accompanied by a pop-up of a purported people finder.

This is unacceptable.

Faster horses, younger women, older whiskey, more money.

Why do they call it "Tourist Season" if we can't shoot them?

Share this post

Link to post
Share on other sites

Squeak    17

Squeak
i had a JS/exploited shell.gen Trojan from this site, it was cleaned by my AV software every time i opened Dizzy.
it also stopped any of the forum tables from appearing. I enabled add blocker and the Coors add disappeared and everything else returned to normal
You are not now, nor will you ever be, good enough to not die in this sport (Sparky)
My Life ROCKS!
How's yours doing?

Share this post

Link to post
Share on other sites

Amazon    7

Amazon
Yup the Coors add.. anytime the fjeking.com came up it caused anything on the forums window to lock. a repeated refresh would usually cause it finally to load.

It gave me a popup wanting to install and I shut it down.

I have now turned off the My Stuff and it got rid of the popups over there.... and everything is loading as it is supposed to.

Share this post

Link to post
Share on other sites

j_ung    0

j_ung
Ok, all ads should now be gone, or they will be in a few minutes. I do not know what happened, but I will post back Monday sometime with a complete explanation and a plan to make sure it never happens again. First guess -- and this is just from what I'v been told -- is that the network from which those ads come was compromised.

I posted in the BF thread earlier from my phone, but I was not in a good reception area and it was problematic, to say the least. ddt has been working tirelessly all day from the west coast since around 7 am his time and we've finally managed to get with the Gossamer folks.

I'm going to direct traffic from that thread here.

Share this post

Link to post
Share on other sites

j_ung    0

j_ung
I'm getting reports on Rockclimbing.com that the following works for what the rogue ad leaves behind (if your own anti-viral didn't stop it). The trojan may be called Extra Antivir. Click below and scroll down just a bit. If that looks familiar to you, follow the instructions.

http://www.bleepingcomputer.com/malware-removal/remove-extra-antivir

Share this post

Link to post
Share on other sites

ltdiver    3

ltdiver
Quote

The Bonfire thread:

http://www.dropzone.com/cgi-bin/forum/gforum.cgi?do=post_lock;redo=post_view_flat;so=ASC;sb=post_latest_reply;root_id=3421639;post=3421883;



Hey, that link has been deleted. I'd like to read what others have experienced with this.

My Mac was slow, but not compromised. Seems that Mac's using Safari weren't affected?

ltdiver

Don't tell me the sky's the limit when there are footprints on the moon

Share this post

Link to post
Share on other sites

j_ung    0

j_ung
Quote

Quote

The Bonfire thread:

http://www.dropzone.com/cgi-bin/forum/gforum.cgi?do=post_lock;redo=post_view_flat;so=ASC;sb=post_latest_reply;root_id=3421639;post=3421883;



Hey, that link has been deleted. I'd like to read what others have experienced with this.

My Mac was slow, but not compromised. Seems that Mac's using Safari weren't affected?

ltdiver



No, it's still there. I locked it to keep the discussion contained in a single thread. There's a little info from users on Rockclimbing.com, too:

http://www.rockclimbing.com/cgi-bin/forum/gforum.cgi?post=2037976;

Share this post

Link to post
Share on other sites

ltdiver    3

ltdiver
Quote

Quote

Quote

The Bonfire thread:

http://www.dropzone.com/cgi-bin/forum/gforum.cgi?do=post_lock;redo=post_view_flat;so=ASC;sb=post_latest_reply;root_id=3421639;post=3421883;



Hey, that link has been deleted. I'd like to read what others have experienced with this.

My Mac was slow, but not compromised. Seems that Mac's using Safari weren't affected?

ltdiver



No, it's still there. I locked it to keep the discussion contained in a single thread. There's a little info from users on Rockclimbing.com, too:

http://www.rockclimbing.com/cgi-bin/forum/gforum.cgi?post=2037976;



May be there for you, but not for me.

ltdiver

Don't tell me the sky's the limit when there are footprints on the moon

Share this post

Link to post
Share on other sites

SuFantasma    0

SuFantasma
Quote

Quote

Quote

The Bonfire thread:

http://www.dropzone.com/cgi-bin/forum/gforum.cgi?do=post_lock;redo=post_view_flat;so=ASC;sb=post_latest_reply;root_id=3421639;post=3421883;



Hey, that link has been deleted. I'd like to read what others have experienced with this.

My Mac was slow, but not compromised. Seems that Mac's using Safari weren't affected?

ltdiver



No, it's still there. I locked it to keep the discussion contained in a single thread. There's a little info from users on Rockclimbing.com, too:

http://www.rockclimbing.com/cgi-bin/forum/gforum.cgi?post=2037976;



Thanks! Unfortunately, it's part of doing business in the Internet... thanks for working with us ... and thanks for a great website !
Y yo, pa' vivir con miedo, prefiero morir sonriendo, con el recuerdo vivo".
- Ruben Blades, "Adan Garcia"

Share this post

Link to post
Share on other sites

j_ung    0

j_ung
Quote

Quote

Quote

Thanks to everyone for figuring this out so quickly!

And, just one more reason not to drink COORS LIGHT.



Before today, I didn't think my opinion of Coors Light could be any lower. Those were the days.



I don't think you can blame this on Coors Light.



No, I certainly can't. I can blame myself, and that's about it.

Share this post

Link to post
Share on other sites

porpoishead    8

porpoishead

one of my machines went for the ride..i was running firefox 3 but the ad blocker wasn't setup correctly

it ended up with the extra-anti virus and 2 gay porn desktop icons

the extra-anti virus looked like a windows boot up screen appearing like windows was rebooting and recommending you install the fake anti-virus for a fee kept doing the fake reboot every 5 minutes then it kept prompting error tabs from the task bar as if it were your windows security to get you to reconnect to the web to download and scan with the AGV anti-virus.

the real antivirus program is AVG so I recognized it as fake right away..also during the fake windows reboots it would never prompt me to type my user password. so I figured it wasn't really windows.

the gay porn desktop icons were a fucked up twist to the virus. they were read only so I couldnt figure out where they came from. i would delete them and they would pop back up within seconds. had me laughing my ass off.

machine is clean now all updates and patches..

crazy stuff...

:D

coors light rocks!!! no love lost for the john waynes

if you want a friend feed any animal
Perry Farrell

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
0
Go To Topic Listing