Kaspersky (security software) report when browsing site.

I am in a small town in NW Oregon, Dallas is the name of my cat. I will report all notifications Norton shows me while viewing the SDMB and post what the notifications say. I hope I can help.

I haven’t received any new warnings since this thread died out a few days after Christmas so perhaps the ad providers took some action.

Thanks. Checking all the URLs given above with McAfee SiteAdvisor, I get a green light for all the named sites, but a security warning for two of the three IP numbers, so you may be right that someone is spoofing legitimate sites.

I just got one last night. I was on SDMB (and nothing else), don’t remember what page, picked up by Kaspersky. The report says:

HEUR.Trojan.Script.Generic
Object: http://www.eleganor.com/ gertrudame/86453892495682907

It’s identified as a virus. I got it last night at 10:19:45 pm eastern; I’m in the New York area. Using Firefox 9.0.1, hadn’t put AdBlock on yet. It freaked me the fuck out, I wasn’t expecting something like that from a well-known site like this.

Have reported this. Will advise of any developments.

I’m happy to report that one of our ad providers, Rubicon, has succeeded in tracing the rogue ad above with the help of the Fiddler log provided by AnalogSignal. There were six hops all told, several of which happened off stage and so did not show up in the log, although AnalogSignal got the gist. The campaign has been halted and the party that let it through (a seemingly reputable digital media agency one hop down from Rubicon) has been notified. Our thanks to AnalogSignal for his assistance. We are continuing to pursue reports of other attacks and will advise of developments.

Mildly interesting thing I noticed:
I was just googling around for something and rubiconproject.com came up in the search result, the site is marked red (bad) for WOT (Web Of Trust).

This is the description of that rating: “Very poor reputation. This site is dangerous. We recommend using a website with a better reputation.”

Methinks we need to show some appreciation to AnalogSignal somehow. Maybe comp him a membership?

What’s telling you this? It’s coming up green in both McAfee and Norton for me, as one would expect, since this is the company’s main corporate website.

Absolutely. In fact I thought we did that when we helped us a year ago. Be that as it may, I think we’ll award him a custom title, too.

I use firefox and WOT, when I google and rubiconproject.com appears in the list, the main site and all sub-pages have WOT’s red circle next to them.

This is a link to their scorecard, but it’s not exactly the same as what appears in google. In a google list you just get the red circle, don’t know how their algorithm arrives at red if all categories aren’t red

Note: see comments section for things people have run into on that site

Let him choose it, or make it a contest?

I vote for badass MoFo ad killer. YMMV.

MyWOT is crowd sourced, a controversial method of site evaluation. As I say, rubiconproject.com comes up green on Norton and McAfee.

Well, we have the SDSAB, so I was thinking of SDDOD, for Straight Dope Dept. of Defense. But we’ll leave it to him. We comped him on basic membership last time. I think next time I’ll have to send him a mug.

I went with the title “Ne’er-do-well.” I may change it if I come up with a better idea.

“Ne’er-do-well, most of the time”