Pano,
I've got that message too. Started today, didn't have it yesterday.
I have been using the "free" avast for over 10 years, I run it on every computer I own personally and build for others. Avast has recently begun advising an option to upgrade their standard Anti-Virus software. However,
I have NEVER had them try to "spoof" or "Scam" me into buying anything!
This is NOT a gimmick from Avast.
It is Malware. Start by running Malwarebytes.
Ron
I run AVG free version and got no warnings. No symptoms either.
I have Adblock Plus loaded. Do I need another?
It doesn't show up as a file using locate32 with nothing hidden. Also did a full Avast scan of it's reported location in the user folder with no discovery. It looks like it's redirecting to the Google cloud itself. They may have caught it already and broken whatever link was embedded.
So far Avast seems to be the only thing flagging it. I get no warnings and Malwarebytes found nothing.
Jason is working on the problem. Let's see what he finds. Malware is sneaky!
Jason is working on the problem. Let's see what he finds. Malware is sneaky!
Don't know anything about Adblock, but it likely accomplishes about the same thing as the hosts file, hopefully with some additional features.
Agreed, It started just after this mornings auto definition update. It might be an Avast mistake.
It's not reported as a virus on the mac, just freezes the home page with a "stopped" warning on the Firefox bottom status bar. As I said, turning off Javascript stops it. Every other page seems fine.
This is the segment that is red flagged in the Java history. Maybe you programmers can sniff something out.
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
</script>
<script type="text/javascript" src="/openx/www/delivery/spcjs.php,qid=1,avbm=1,asection=128.pagespeed.ce.UtrDUgdFRR.js"></script>
GET http://www.cloud-jscript.com/gate.php
<script type="text/javascript" src="//files.diyaudio.com/min/g=vb7"></script>
<link rel="alternate" type="application/rss+xml" title="diyAudio RSS Feed" href="external.php?type=RSS2"/>
<link rel="alternate" type="application/rss+xml" title="diyAudio - Analog Line Level - RSS Feed" href="external.php?type=RSS2&forumids=128"/>
<script type="text/javascript" src="//files.diyaudio.com/forums/clientscript/tcattd_imageresizer.js,qv=1.2.7.pagespeed.ce.zxE64V_ceQ.js"></script>
<script type="text/javascript">
<!--
var tcimgrResizeMsg = 'Click the image to open in full size.';
var tcimgrWidthMax = 400;
var tcimgrWidthSizeTo = 400;
var tcimgrHeightMax = 600;
var tcimgrHeightSizeTo = 600;
var tcimgrWidthSizeToSigs = 400;
var tcimgrHeightSizeToSigs = 100;
YAHOO.util.Event.onDOMReady(tcattdImageResize);
//-->
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
</script>
<script type="text/javascript" src="/openx/www/delivery/spcjs.php,qid=1,avbm=1,asection=128.pagespeed.ce.UtrDUgdFRR.js"></script>
GET http://www.cloud-jscript.com/gate.php
<script type="text/javascript" src="//files.diyaudio.com/min/g=vb7"></script>
<link rel="alternate" type="application/rss+xml" title="diyAudio RSS Feed" href="external.php?type=RSS2"/>
<link rel="alternate" type="application/rss+xml" title="diyAudio - Analog Line Level - RSS Feed" href="external.php?type=RSS2&forumids=128"/>
<script type="text/javascript" src="//files.diyaudio.com/forums/clientscript/tcattd_imageresizer.js,qv=1.2.7.pagespeed.ce.zxE64V_ceQ.js"></script>
<script type="text/javascript">
<!--
var tcimgrResizeMsg = 'Click the image to open in full size.';
var tcimgrWidthMax = 400;
var tcimgrWidthSizeTo = 400;
var tcimgrHeightMax = 600;
var tcimgrHeightSizeTo = 600;
var tcimgrWidthSizeToSigs = 400;
var tcimgrHeightSizeToSigs = 100;
YAHOO.util.Event.onDOMReady(tcattdImageResize);
//-->
For Chrome the path is Tools - Settings - Show advanced settings - Privacy - Content settings - Java Script - Do Not Allow....... tic box. - OK.
Looks like the same problem lots of other forums have encountered in the last few days (Eg: 1) where malicious code was inserted into a template. I traced it to happening approximately 6 hours ago. There are a number of possible ways that it could have happened, and we've taken steps to ensure it won't happen again, including upgrading to the latest patch level of vBulletin (we weren't on the latest patch).
The code has been identified, removed and things should be fine for now. We are continuing our diagnostics and forensics.
The code has been identified, removed and things should be fine for now. We are continuing our diagnostics and forensics.
Hi,
I am glad that was found I have had all kinds of pointer errors,Driving me krazier that I was ,lol. Now on to better things,lol
Thanks for fixing it !!!!!!!!!!!!!!!
I got frustrated and added google chrome and dumped firefox,Io orbit malware ,free version too, found all the bad files I think it was 5 of them ,
I am glad that was found I have had all kinds of pointer errors,Driving me krazier that I was ,lol. Now on to better things,lol
Thanks for fixing it !!!!!!!!!!!!!!!
I got frustrated and added google chrome and dumped firefox,Io orbit malware ,free version too, found all the bad files I think it was 5 of them ,
Last edited:
- Status
- Not open for further replies.