I’d really like to NOT be attacked by Malware when visiting this site. Is that really too much to ask for?
Was yesterday when clicked on this forum.
Was just now when I opened a thread in this forum.
I have no other windows or programs open.
If you are a paying member not seeing ads, the likelihood is that you were infected somewhere else, even days or weeks ago. Malware has become very sneaky in disguising where the infection came from; it doesn’t always pop up on the site that is the true source of the infection.
No, it was a pop-up from my AV saying it blocked an attack. But as I was not signed in at the time, it was likely from an ad.
I had it happen several times last week and alerted a moderator about it. Since then, I switched from Firefox to Chrome and have had no more problems.
This may be a coincidence, but my computer crashed while I was visiting the SDMB Saturday morning. It was locked up big time due to a virus. Took ALL day Sunday to save the computer. I have some basic virus details if any mods are interested. I really don’t visit virusy sites or have friends that send my virusy stuff. Heck, I’ve been in the net from almost day one and didn’t even bother with anti-virus stuff until well past the year 2002 (and had zero problems). And even once I got anti-virus software it rarely complains about anything. Also, the SDMB is probably the most virusy of few places on the web I do visit. So I am highly inclined to think the SDMB was the source. Not that I am much upset with the SDMB. These things happen. Just wanted to let you guys know as well. Oh, and damn Norton and Vista anti-virus were more a pain than the damn virus.
We would like more information, please. Send to me TubaDiva @ aol . com.
Also we need anyone who has anything like this to report back to us with what you were looking at, the ad that was on the page (if indeed there was an ad), your operating system, etc.
We need as much information as you can tell us. If possible, a screen shot of the ad or any messages you see, that’s also very helpful.
Occasionally there are rogue ads that creep in – we are victims and so is the ad broker – we want to eliminate those ads as much as possible.
I have found Malwarebytes to be really useful. Even the free version.
I picked up a virus here last Wednesday. I didn’t report it because I knew my version of XP needed several updates. It’s possible that I picked up the virus elsewhere and that it was merely activated by SDMB ads, but I don’t believe that to be the case.
Long story short, I had to re-install XP and did make sure that I had all of the security updates. Today my up-to-date install of avast blocked a virus from here. I don’t know which page triggered the problem because I had multiple tabs open, but they were all pages from SDMB.
I’m using Firefox 6.0.2. I went the Ad Block route 
. As a non-paying user I had been reluctant to do so, but I don’t want to have to re-install XP and all my other programs again.
Can you elaborate about what exactly happened?
I just signed out and clicked around for about 20 minutes while watching a movie.
Got hit only once. The lower ad was U Promise by SallieMae.
Tuba,
Do you all post the results of your findings if you do figure out if a virus has been infecting users from this site?
Also, what kind (if any) guarantee do you have from the ad broker that they don’t give you virused ads. I would think that would be one of the reasons you’d chose one ad broker over another.
Within the last month, I Google image searched a celebrity that someone had mentioned whom I had never heard of. I clicked an image and Avast told me that it had blocked a virus. Flash forward to last Wednesday. I had only the SDMB open but had several tabs opened to different pages when Avast notified me that it had blocked a rootkit from being installed. I immediately brought up task manager and saw a process that I had never seen running. I believe it was HSW.exe but I’m not sure. It was some three letter exe. The process wasn’t actually clocking any CPU time, and I immediately killed it and ran a complete scan using Avast. After several passes of Avast, each pass finding some offending malware, I got a clean scan. When I went to run Office I found out that my registry had been screwed up. EXEs weren’t associated properly. I found a registry fix that enabled exes to execute, but found several other registry problems. Since my XP install had several updates that I had postponed and I had had the earlier brush with a virus,although it was suspicious that only SDMB was open when the attack occurred I figured it was possible that I had been infected earlier and that some ad had merely triggered the virus to action. So I decided not to post of my issue in ATMB and that my best course of action would be to reload windows.
This morning, with several tabs opened only to SDMB, Avast notified me that it had blocked malware from installing. I have a completely up to date install of XP, the most current version of Avast, and the latest virus definitions. I don’t think my Firefox is the most current because I installed from a backup and haven’t updated. But before I installed the Firefox backup I did scan the setup program for viruses. I’m pretty sure that the offending process was launched from a SDMB ad.
Has anybody had much trouble with malware infecting Linux system, from SDMB or elsewhere?
I’ve mentioned repeatedly in several posts that I run with JavaScript DISabled almost all the time, except when I know I’ll need it, and in general this greatly IMproves by browsing experience. I have a strong hunch this includes a great reduction in my exposure to malware.
What’s the point of coming if SDMB can’t be safe? I mean, really? Do you ever tell us when you find things or do you just hope we don’t notice?
I’m sorry people have had problems. To get to the bottom of this we need details. Malware reports should include the following:
-
Tell us specifically what happened, not just “I got hit by malware.” For example: (a) my antivirus software notified me it had blocked an attack and gave me the following report (and then post the report); (b) I got a popup saying [whatever]; © my system locked up and the screen turned blue, etc. It’s especially helpful for us to know the name of the suspected piece of malware, foobar.exe or what have you.
-
Time/date of occurrence, your geographic location, and browser/operating system you are using.
-
Whether you were looking at an SDMB page or a column archive page. These are hosted on different servers and see different ads.
-
If possible, provide a screen shot of the page you were on when the incident occurred. With WinXP this can be done with Alt-PrintScreen and with Win7 you can use the Snipping Tool. If you can’t do this, please describe any ads or popups that were visible.
If you get hit more than once, are at least moderately tech savvy, spend a lot of time on our site, and are willing to run bug tracker software in the background, we’d be grateful if you did so - this has proven to be an effective way to identify the source of rogue software. I’m thinking I might organize the SD Dept. of Defense for this purpose. Let me know if interested.
I use linux for almost all of my internet stuff these days. It’s a “throwaway box” meaning that I don’t keep anything important on it, and if it does get hit with malware of some type I can just wipe the disk and re-install and be back up and running with a very minimal amount of effort on my part.
I’ve never had a problem with it though. Even with linux, I run adblock plus and noscript on it. Linux is a LOT safer than windows, but it’s not 100 percent immune to all of the nasties out there (the same thing can be said of Macs also).
The folks that run the SDMB choose to use certain ad providers, and those ad providers have a long history of serving up malware here. They could make the board safe very easily. Just remove the ads. But then there wouldn’t be an SDMB. Ed and the others here have made it very clear that not only do they intend to keep the ads, but they also intend to keep using the same ad providers. As long as they do that, it is pretty much guaranteed that there will be continuing malware problems around here. We as members can’t control what Ed and the others do (and I do have some sympathy for them - they do need to make money somehow). If you want to be safe, the only thing under your control is the ads. Handle the ads and you will greatly reduce the risk of coming here.
Coming here as a guest on a windows system without a good anti-virus, ad blocker, and script blocker probably isn’t a very wise thing to do though.
This probably isn’t a workable option, but maybe someone can improve on it.
Do the advertisers or the ad agents claim that ads are highly time critical? IOW, If one were to park ads someplace for a few days before unleashing them on the forum, would anyone be upset?
Obviously the advertisers providing malware would be, but I don’t see it making a huge difference to the ones who are legit.
Could someone explain “script blocker” please?
It’s a type of browser add-on that blocks websites from running Java or Flash on your computer. I think “NoScript” is one of the most popular:
OK, thanks. 
Well it will erase them from Google if they spider and see one, or does Google not do that anymore?