Surfing while not logged in has a rogue trojan advert

Havent been here in years but I load the page and get hit with a multitude of trojan virus popups with exe files trying to be installed to my temporary internet folder.

Don't browse this forum if you aren't logged in. What a joke.

Please Register or Log in to view the hidden image!

 

Log in or Sign up to hide all adverts.

That's interesting for my anti virus never has alerted me of any type of problems from this site itself, so just use this site only and don't click on the links if you are that afraid. If you have a virus protection software running on your PC then you should also be protected from anything as well. So then you really shouldn't be worried about a virus what so ever and anyone else shouldn't be either.

 

Log in or Sign up to hide all adverts.

Adblocker

Please Register or Log in to view the hidden image!

 

Log in or Sign up to hide all adverts.

Moved to Site Feedback.

 

If I had to guess, I would say that your anti-virus is actually malware. This site is completely legitimate (well, maybe not the conversation

Please Register or Log in to view the hidden image!

) but unless you have been clicking the adds that should not happen.

 

To pay for bandwidth costs, Sciforums has decided to go to an "ad supported" format.
You can still participate at all the wonderful discussion here. However, as an added feature, you will occasionally be presented with targeted advertising based on you web surfing habits. Just like the rest of us, you probably have a very keen interest in Nike shoes and cellular phones at discounted prices.
These ads are quite harmless, and only take up a tiny insignificant moment of your time. Just be sure to enter a valid credit card when presented with the products that you like.

 

So James, if you were posting in this thread why didn't you tell the OP that the use of FUCK was inappropriate?

Particularly since as a thread title, it's displayed on the opening SciForums page?

It was just a few days ago that you used your OFFICIAL status to warn me against using vulgarity:

If you can't be impartial James, maybe you shouldn't be a moderator.

Arthur

 

Unfortunately Advertisement sites are often hit by rogue entries, this is because various blackhat's see that these adverts are viewed by hundreds of thousands if not millions of browsers. Getting trojan attempts here isn't as much of a feature as attacks that managed to infiltrate The Times Online newspaper a couple of years back, I only bring it up to point out that even a site that you'd likely see more reputable than a backwater forum can indeed suffer the same problems due to "Third-Party" inclusions.

Incidentally since the end of May, European Union passed various laws in regards to websites identifying to the user what Cookies, Trackers and Information is being collected and stored about the user. It's a slow process with implementation but obviously this site is going to have tracking cookies set by the adbrite.com servers for the advertisement and utilises Google statistic tracking.

A change that should be implemented to the site is the information about the tracking cookies on sign-up, along with a notice on the subject of which cookies are being used. (I'll see if I can draft something up shortly)

As for how to deal with any rogue elements, I would suggest the following:

If you are using a windows PC, download: Spybot (Search and Destroy) Portable
You can install it to a USB stick or run it from a folder on your main drive, I use the portable because you are less likely to pick up one of the rogue versions.

Start the program and use the "Immunize" feature, this will lock out certain rogue domains, applets, add-ons etc from installing to your computer (and likely block certain advertisers domains from resolving)

After you've done this you'll find you won't have the problems here or anywhere else online in regards to those rogue advertisements.

 

Thanks for pointing it out, the Thread title has now been changed. (As it should in all profanity cases) This doesn't necessarily mean that a person has to be warned, just told that it will be changed should it contain profanity and told not to do it again.

It's only when the poster doesn't pay attention to that fact and continues to post profane thread titles to cause a nuisance that Warning's should be administered.

Hopefully that seems logical, if not fair.

 

A better breakdown of site cookies etc:

Tracking Cookie from: http://www.google-analytics.com
=====================================
This tracks demographic but anonymous user information for the access to the website. It identifies which pages are the most viewed, which search strings got people to that page from the google search engine, as well as some generalised location data.

This of course means while the demographic data is present to an administrator of the google-analytics account, Google also uses the demographic data to identify various things about their own services. (It was initially used with the Advertisment provider to "tailor" advertisements to the demographics of the users of the site)

While not logged in Tracking Cookies and potentially more from: http:/adbrite.com
=================================================
These advertisements are placed into frames. The reason adbrite.com uses the frames method is because advertisements are not necessarily static images, they are potentially animated and can utilise many different techniques to pull off this, from using Adobe's Flash, to using Javascript. In either case it is up to Adbrite to make sure that the advertisements do not contain rogue code, to either undermine the integratity of the website or attempt to cause damages to a users computer. (Trojans are seen as damaging)

If you should find yourself infected, then please understand this was not an attack done by sciforums, and likely not one purposely done by adbrite, however any concerns or complaints should be raised directly with Adbrite.com since the service they provide is suppose to contain security measures to prevent such attacks.

Cookie from Sciforums.com
==================
This cookie is just a session cookie, it's used to help identify which user online is you just so you can access your profile and use a username. You can safely delete this cookie when not on the website, however you will have to recreate the cookie the next time you login otherwise you likely won't be able to login.

 

I tried what Fire said. He is 100% correct. When you are not logged online, various ads make attempts to install programs. Norton antivirus picked up:

* Browser security alteration attempts.
* Keyloggers (yes plural).

This is rather disturbing actually. Anonymous viewing of sciforums might result in anything from adware intrusion to identity theft.

 

If I were just passing through and I ran into any problems I'd probably not want to stay here for long. Perhaps that's why not many lurkers stick around for long.:shrug:

 

I think it's because nobody gives a flying fuck.

 

If your anti-virus stuff is not all the way up to date, to the very day not just the week, the malware now emerging from this forum for whatever reason (it usually hits my system just after login, not before) is pretty significant - that Ukrainian or Romanian thing that titles itself by year ("XP 2012" was the title last time it hit my firewall) will take your Internet access down, disable all your spyware etc, and require hours to clean out of your system.

 

I don't understand. I've logged into the site from multiple computers, with multiple web browsers, and from multiple locations and I have never experienced this.

To the people who are seeing this are you using Windows XP still, because I have had no issues with Windows 7 on this site. Also, are you using updated versions of your web browser (I.E. new firefox or IE 8/9). Because if your not up to date you may also be more vulnerable.

I would guess that the people who are seeing this are using something old (browser, antivirus, OS) that is more vulnerable, where as most of us are up to date (hence the mods not having a 1000 complaints, which there would be).

Another possibility is that it is a specific ad on a low rotation and that's why it's intermittent. Hard to say without screen shots.

 

The reason is due to the 4th - 8th words in your statement. This issue only occurs if you DON'T log into the site (i.e. view it anonymously).

 

Actually, I usually browse for quite a bit before I log in, and then log back out and browse again (especially since it auto-logs you off after a short time). Still haven't had the problem.

The question still stands to those that have the issue, are you using an older version of your web browser or Windows XP?

 

I am personally using IE 8 and Windows 7.

 

Is your Norton a new version as well?