Discussion Topic |
|
This thread has been locked |
| Messages 1 - 56 of total 56 in this topic |
survival
Big Wall climber
Terrapin Station
|
|
|
Topic Author's Original Post - Jan 3, 2014 - 02:05pm PT
|
Every time I click on SuperT lately, I get a Malware alert?
WTF?
Anyone else experiencing anything like this?
|
|
Reilly
Mountain climber
The Other Monrovia- CA
|
|
I got it once yesterday but after closing the window when I re-opened it
Kaspersky was happy, or as happy as he ever is.
|
|
happiegrrrl
Trad climber
www.climbaddictdesigns.com
|
|
No, haven't had any.
|
|
TrundleBum
Trad climber
Las Vegas
|
|
Ditch Window$...
ditch attributing a 1/3 of your resources to protection.
Surfing the net on Window$ is like going to the 'Chicken Ranch' with out a rain coat !
|
|
Reilly
Mountain climber
The Other Monrovia- CA
|
|
Very helpful answers but Survival isn't looking for one-liners.
|
|
SteveW
Trad climber
The state of confusion
|
|
I'm getting them too, Bruce.
(I think my computer got a virus early this
week and haven't been able to get rid of it yet).
|
|
Reilly
Mountain climber
The Other Monrovia- CA
|
|
Well, it doesn't appear to be unfounded or a coincidence.
|
|
survival
Big Wall climber
Terrapin Station
|
|
|
Topic Author's Reply - Jan 3, 2014 - 03:18pm PT
|
I'm using Mozilla Firefox, with Avast security. It has always performed well for a freebee. It was actually recommended by a tech guy.
I've been happy with Firefox and Avast both.
|
|
Reilly
Mountain climber
The Other Monrovia- CA
|
|
I think the risk is pretty low that it's a legitimate problem.
I agree. I also think I've narrowed the suspected ads down to hair transplants and Depends.
|
|
survival
Big Wall climber
Terrapin Station
|
|
|
Topic Author's Reply - Jan 3, 2014 - 03:38pm PT
|
Thanks guys. It's def. not happening every time now. Only once today.
Weird.
|
|
nature
climber
Boulder, CO
|
|
There are a couple of possibilities. I've been dealing with some Malware warnings at work recently. Some of the sites we developed were listed by google as hacked. We had to do a fair amount of clean up.
We use ad server software called OpenX. It was vulnerable to sql injection. The Taco runs their Ads through DFP (aka doubleclick). I doubt that's infected.
I suppose it's odd that it only happens sometimes. Does it happen on the home page or just certain threads?
When I was dealing with Malware on my sites I found that Chrome would report the Malware but Safari, Firefox, Opera would not.
I guess that's a long winded way of saying I have no f'ing clue.
|
|
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
I'm using Mozilla Firefox, with Avast security. It has always performed well for a freebee. It was actually recommended by a tech guy.
I've been happy with Firefox and Avast both.
^^exactly my set-up and I've received no warnings.
|
|
nature
climber
Boulder, CO
|
|
plus if you run FF you have the added ability of being able to grease people ;)
|
|
Fritz
Trad climber
Choss Creek, ID
|
|
Survival: OK! I was in Boise today on business and during my 1:30PM (Mountain-Time) Lunch, I connected to the ST forum on my Verizon Internet connection (secured).
I just had time to note your thread title before my Norton 360 antivirus program kicked me off the site.
ST login has been OK since then.
My seldom used notebook has Windows 7 and Internet Explorer 9, and was up to date on antivirus.
I had not been looking at anything evil online, for many months with the notebook.
Here is what Norton 360 had to say about the nature of the evil. I have erased my own computer information from the screenshot (duh).
Does this help?
|
|
MisterE
climber
|
|
I am running FF and Avast on Windows as well, and I also got a single warning.
|
|
zBrown
Ice climber
Brujo de La Playa
|
|
using WIN/7 and Commodo, I got some unusual DNS errors yesterday. They were not on SuperT, but they went away today. No ST probs.
|
|
Fritz
Trad climber
Choss Creek, ID
|
|
bump for the morning computer problem-solver crowd.
|
|
Eric Beck
Sport climber
Bishop, California
|
|
Receiving warning using avast and IE.
|
|
Fritz
Trad climber
Choss Creek, ID
|
|
Thanks Dave: I just got hit with another alert as soon as I clicked on the forum front page.
Different computer today, running Windows Vista, IE9, and Norton 360 anti-evil program.
Here's today's screenshot with my personal info erased.
|
|
Roger Brown
climber
Oceano, California
|
|
Yea,
I keep getting it also. Just on Supertopo, I think. My account is so old it is AOL, like my e-mail. Maybe I got it from an e-mail. Supertopo and my e-mail are the only AOL things I have. I usually check e-mail first but today I did Supertopo first. No big deal, Norton seems to have things under control. I'm not too computer smart:-)
|
|
Dr.Sprock
Boulder climber
I'm James Brown, Bi-atch!
|
|
could be that somebody has a pic in their avatar that is being hosted by a site that triggers the warning, probably LEB
|
|
kunlun_shan
Mountain climber
SF, CA
|
|
Fritz, here's a lookup of the IP address shown in your 2nd Norton info post. Does not look good, that this is coming from Russia. As mentioned upthread, the attack is probably coming from a compromised ad.
You could also check the location of msn.exe and try determine if the file is legitimate, or if its a trojan, etc. (http://www.file.net/process/msn.exe.html);
inetnum: 5.199.175.160 - 5.199.175.183
netname: LoyaltyServers-net
descr: VPS’s
country: RU
admin-c: AG-RU
tech-c: AG-RU
status: ASSIGNED PA
mnt-by: DUOMENUCENTRAS-MNT
source: RIPE # Filtered
person: Alexey Govoruhin
address: Russian Federation, Tula, New str., 74, 456321
phone: +79226542278
abuse-mailbox: loyaltyservers@gmail.com
nic-hdl: AG-RU
mnt-by: DUOMENUCENTRAS-MNT
source: RIPE # Filtered
|
|
Fritz
Trad climber
Choss Creek, ID
|
|
kunlun! Thanks for the legwork.
MSN.EXE is legit on my computers. I did put an email into ChrisMac to alert him to this thread.
|
|
Fritz
Trad climber
Choss Creek, ID
|
|
I did another ST login-----and kick-off this afternoon, from my anti-internet evil program.
Per previous posts: Those logging into the ST forum, without anti-virus software, may be downloading internet evil.
This warning only happened twice today, out of multiple ST logins, but those of you not getting this warning, or a similar one are: "whistling in the dark on ST."
Per warnings upthread.
|
|
Reilly
Mountain climber
The Other Monrovia- CA
|
|
I logged on from me Mum's puter and it said sumpin about a trojan. I closed the tab and tried again and got no warning. Maybe the AV figures one warning should suffice?
|
|
froodish
Social climber
Portland, Oregon
|
|
I logged on from me Mum's puter and it said sumpin about a trojan. I closed the tab and tried again and got no warning. Maybe the AV figures one warning should suffice?
More likely that the ad that triggered it (as noted above, a compromised ad seems the most likely candidate) wasn't present on the next load.
Might be useful to see a screenshot (or even better, the rendered HTML source) of the page when this gets triggered. Might be able to identify the offending ad from that.
|
|
Fritz
Trad climber
Choss Creek, ID
|
|
I have not got a warning yet today from my anti-evil program, when visiting ST, but per the screenshots I posted yesterday & what kunlun_shan found: the ULR that is on my screenshots was Malware.
Here's my last screenshot:
And here's what the Virus Total website had to say about the ULR in the screenshot.
|
|
Salamanizer
Trad climber
The land of Fruits & Nuts!
|
|
I picked up a Trojan virus and some kind of adware as soon as I clicked on the main page this morning. My Kaspersky internet security didn't alert me and I only noticed when I got a fake pop-up telling me my computer is infected and I need to click on this fake ad right away to get rid of it. Did something similar the other day but noticed it right away.
A quick scan took care of it.
If you're not having any problems, maybe you should update and run a scan just for the hell of it and see if something pops up.
|
|
survival
Big Wall climber
Terrapin Station
|
|
|
Topic Author's Reply - Jan 5, 2014 - 10:17pm PT
|
I just got another one coming to supertopo.
This is all it gives me for info, without "upgrading"
THANKS FOR THE DON'T CLICK IT WARNING!!
|
|
survival
Big Wall climber
Terrapin Station
|
|
|
Topic Author's Reply - Jan 6, 2014 - 02:32pm PT
|
Are Fritz and I the only ones that have notified CMac?
The squeaky wheel gets the grease you know!
Didn't get it this morning BTW. Maybe it's been officially dealt with?
|
|
Brandon-
climber
The Granite State.
|
|
I'd say get a Mac and your problems would disappear, but if everyone got one the d-bags would start targeting Macs and then I'd have a problem.
Good luck! :)
|
|
survival
Big Wall climber
Terrapin Station
|
|
|
Topic Author's Reply - Jan 6, 2014 - 02:55pm PT
|
Yeah, then the world would be run by McD-Mac-Exx-Wal-TargetHaliburton, is that what you want????
:0)
|
|
WhiskeyToast
Social climber
Hawaii
|
|
I got it this morning and once last week. The associated URL for the fake alert was:
webantivirussupport.pl
Vipre Internet Security didn't pick up anything. I went into Taskmanager and closed the web page. Then I ran a scan with Malewarebytes, which found nothing.
Greg
|
|
survival
Big Wall climber
Terrapin Station
|
|
|
Topic Author's Reply - Jan 10, 2014 - 01:17pm PT
|
Just got another one!!
Myself and at least one other member have brought this directly to CMac's attention.
Anybody else?
Surely we shouldn't just ignore this, even if our filters are catching it?
Cmac?
|
|
WhiskeyToast
Social climber
Hawaii
|
|
|
Jan 10, 2014 - 02:25pm PT
|
I am still getting them once a day. Just got it a few minutes ago.
|
|
SteveW
Trad climber
The state of confusion
|
|
|
Jan 10, 2014 - 04:41pm PT
|
I'm still getting the message, and in addition to it a weird spaceship
game flies across my computer, sort of superimposed over the
screen (website), shooting little thingies . . .
I know my computer is clean because I just had Avast Tech support clean
my system up. . . so there's 'something out there,' as Mulder would
say. . .
Only happens when I use Firefox, not Internet Explorer or Google Chrome.
|
|
Abend
Social climber
|
|
|
Jan 13, 2014 - 01:22pm PT
|
I got it when I opened ST today.
Requested URL:
http ://akam.iqpolo.info/g.php?
s=RIWpQb/nRKAA1KhbwADbVqudwt/zG4ssdMeNsxC4KQ==
Categorized as:
Malicious Sources/Malnets
|
|
Jaybro
Social climber
Wolf City, Wyoming
|
|
|
Jan 13, 2014 - 01:32pm PT
|
A windoze phenomena?
|
|
survival
Big Wall climber
Terrapin Station
|
|
|
Topic Author's Reply - Jan 13, 2014 - 03:35pm PT
|
New thread directly to CMac coming up. This is still happening to people....
Should we ignore it?
|
|
Fritz
Trad climber
Choss Creek, ID
|
|
|
Jan 29, 2014 - 09:36pm PT
|
A few weeks ago, my Norton360 Antivirus was giving me a major warning nearly every-time I logged into ST with my Microsoft Windows Vista &/or Windows 7 computers with Windows Explorer 9.
After avoiding ST for a couple weeks, I crept back for a ST-fix, visited a few more times, and had no warnings until today.
My Windows Vista computer locked up two out of two attempts to log in around 4:30 Pacific, and Norton 360 warned me of a new virus attack, while the screen showed this image.
As most of us know: do not ever click on the OK if you get this warning, as you have just agreed to the evil program owning your computer.
My Windows 7 computer with IE Explorer 11 did not have the virus problem, but just like the previous malware problem, it probably is not present all the time, and I was later able to log in without a problem with the Windows Vista computer.
Kind of a pisser to have your fav blog-site infected with evil.
|
|
jstan
climber
|
|
|
Jan 29, 2014 - 09:42pm PT
|
Kind of a pisser to have your fav blog-site infected with evil.
Obvious. Just get a used............................. for ST.
|
|
happiegrrrl
Trad climber
www.climbaddictdesigns.com
|
|
|
Jan 29, 2014 - 10:10pm PT
|
"...to prevent the system breakage."
I guess that must be techie talk....
I'm not having any problems with ST pages, nor any others. Wonder what is causing some people to have problems seemingly specific to this site.
|
|
McHale's Navy
Trad climber
From Panorama City, CA
|
|
|
Jan 29, 2014 - 10:13pm PT
|
I got that stuff today too! I turned ST off and back on and it went away. It happened going onto the Jardine thread in the early afternoon.
|
|
Fritz
Trad climber
Choss Creek, ID
|
|
|
Jan 29, 2014 - 10:19pm PT
|
Kunlun_shan: Thanks for the offer/link of Malware Bytes.
My Norton 360 is blocking the attacks and warning me, but I have not been having any recent problems with Malware attacks elsewhere else on the internet.
There is a problem here on ST. Malware is likely infecting folks that log on here without good antivirus protection.
|
|
kunlun_shan
Mountain climber
SF, CA
|
|
|
Jan 29, 2014 - 11:12pm PT
|
Fritz, is your computer completely up-to-date? Windows, Flash, etc.
Do a scan with this browser plugin and see:
https://browsercheck.qualys.com/
I'd try NOT using Internet Explorer at all, and run the latest version of Firefox or Chrome instead.
|
|
zBrown
Ice climber
Brujo de la Playa
|
|
|
Jan 30, 2014 - 10:41am PT
|
I'm seeing this too.
Google "MS Security Essentials" virus removal. There are a number of solutions.
So far I've only seen it on The Flames page. Maybe something is embedded in an image file.
Will update later.
Later.
Just went back to The Flames with no problem. I'm gonna run a scan on my computer.
My scan found nothing on my computer, but I'm still seeing this stuff on the ST, several different threads.
|
|
Fritz
Trad climber
Choss Creek, ID
|
|
|
Jan 30, 2014 - 04:47pm PT
|
After checking out the fix Kunlun_shan recommended: Do a scan with this browser plugin and see:
https://browsercheck.qualys.com/
I followed his advice. Browsercheck stated that I needed to update various Adobe programs & Java.
Still getting this warning on my Windows Vista with IE9 computer, everytime I log in to ST, but Norton360 is blocking it and alerting me to evil.
My cheap Notebook with Windows 7 & IE Explorer 11 also got updated, and is not receiving the evil on entry to ST----so far.
|
|
zBrown
Ice climber
Brujo de la Playa
|
|
|
Jan 30, 2014 - 05:23pm PT
|
I see problems using I.E.9 and Win 7. They do not show up with Mozilla.
|
|
Anne-Marie Rizzi
climber
|
|
For several days, I kept getting a bogus MS Essentials alert when trying to open the forum. The SuperTopo site loaded ok, but not the forum. (I was fortunately wise enough not to follow the links of the bogus alert.) Installed MalwareBytes and that didn't nab it for a few days. Then MWB finally started blocking it.
Hate to think this site, where I lurk from time to time, is compromised.
Windows 7, IE 11, running McAfee LiveSafe.
AM
|
|
zBrown
Ice climber
Brujo de la Playa
|
|
I did not see this problem anywhere other than the ST forum. As of today it has not been seen on either of the computers I use.
|
|
survival
Big Wall climber
Terrapin Station
|
|
|
Topic Author's Reply - Feb 11, 2014 - 11:37am PT
|
Doesn't CMac have a tech dude that can attack this somehow?
At least two of us have sent him personal notes about this.
I got no response to mine, not even a "hello, we're working on it!"
|
|
Fritz
Trad climber
Choss Creek, ID
|
|
|
Feb 11, 2014 - 02:30pm PT
|
Per suggestions on this thread: I updated the Adobe & Java programs on my computers, scanned my Norton 360 protected computers with Malwarebytes (which found nothing of consequence), and avoided using my older laptop with Windows Vista, since I was still getting hit every time I logged into ST or the forum.
My similarly cleaned up Notebook, running windows 7 & a newer Internet Explorer browser was not getting hit when I logged in.
After a week or so, I tried again yesterday with the older computer and haven't had any problems ------yet-----logging in.
Maybe that updating advice paid off. or not?
|
|
| Messages 1 - 56 of total 56 in this topic |
|
SuperTopo on the Web
|
Let us know!