Sarte opened this issue on Oct 12, 2004 ยท 19 posts
Sarte posted Tue, 12 October 2004 at 4:06 PM
Now, before anyone panics, I need you to read this carefully. There is one dead link in there which leads to a page which downloads a drive-by installer which installed several malicious files on my PC. Needless to say, I'm incensed that this link hasn't been removed. I'll try to locate the exact link that did this to my computer in just a bit...
Message edited on: 10/12/2004 16:09
Do the impossible, see the invisible
ROW ROW FIGHT THE POWER
Touch the untouchable, break the unbreakable
ROW ROW FIGHT THE POWER
rowan_crisp posted Tue, 12 October 2004 at 4:12 PM
Oh, lovely. Thanks for the heads up. RC
Sarte posted Tue, 12 October 2004 at 4:14 PM
The Download button led to a page with a pure white background, with a single advertisement in the left hand corner of the screen. My computer gave me a message that it had finished installing something I hadn't downloaded, and I couldn't start I.E. again. This is very disconcerting, and I'm going to be a lot more wary around here. The link was somewhere towards the back of "props" and had an image which refused to load(red x).
Do the impossible, see the invisible
ROW ROW FIGHT THE POWER
Touch the untouchable, break the unbreakable
ROW ROW FIGHT THE POWER
KarenJ posted Tue, 12 October 2004 at 4:22 PM
Hi Sarte, I'm very sorry this has happened to you. This is probably where a member no longer owns their original domain name, and someone else - someone unscrupulous - has bought that domain and redirected it to their page, complete with nasty spyware/malware/what have you. If you can locate the file please IM me the name of it immediately and I will ensure the link is removed. Can you remember any more details about it - had you been searching for a particular prop?
"you are terrifying
and strange and beautiful
something not everyone knows how to love." - Warsan
Shire
pakled posted Tue, 12 October 2004 at 6:09 PM
yup..seen that in my travels..go get Ad Aware SE, Spybot, Hijack This! (love that name), all free, and depending on your comfort level, very handy. If I was to go with one, I'd try Ad Aware (lavasoft, do a search on the 2 together; I think there's actually 2 lavasofts..;) it's cleaned up some really nasty things on my PC as well..
I wish I'd said that.. The Staircase Wit
anahl nathrak uth vas betude doth yel dyenvey..;)
Svigor posted Tue, 12 October 2004 at 6:58 PM
Yeah, try Spybot, and advanced mode check the boxes that lock out arseholes from changing your settings. Getting a new browser that isn't as full of holes as Swiss cheese might help too (Mozilla/Firefox for example).
Shadowdancer posted Tue, 12 October 2004 at 8:08 PM
Do what I do, run AdAware, Spybot & Spyware Blaster - all freebies.
igohigh posted Tue, 12 October 2004 at 8:08 PM
I think I saw the same one, last night or early this morning. It loaded a pure white page with no tool bars. I use all the stuff pakled states above and noticed the odd page Before it fully opened and shot it down and moved on....sorry, I didn't take note of the post either.
Many times (not always) you can get an early 'warning' that somthing may be up if you hear a Double browser click. I don't think all systems will sound it and those who know how sometimes turn the 'clicker' off, I like to hear those clicks for if it clicks but I didn't then my trigger finger jumps into action...just in case ;p ALSO take note: Microsoft just realsed about 22 updates today (Tuesday 12th) and many are "critical updates" plugging several security holes.
Message edited on: 10/12/2004 20:10
Bobbie_Boucher posted Tue, 12 October 2004 at 8:22 PM
It might be nice to tell us which item brought up the problem, so we could avoid it?!
Sarte posted Tue, 12 October 2004 at 9:28 PM
It's too late now, as I've no desire to have my system clogged with spyware again. I also don't want to risk playing russian roulette with a family computer. The best thing to do to avoid these files is to update and set your activex controls to "high." Either that or change your browser.
Do the impossible, see the invisible
ROW ROW FIGHT THE POWER
Touch the untouchable, break the unbreakable
ROW ROW FIGHT THE POWER
Lyrra posted Tue, 12 October 2004 at 9:37 PM
I suggest firefox, adaware, mcaffees and zonealarm. Between the four you get very good system security. Surfing the web with internet explorer is risky at best... its got security holes you drive a fleet of trucks through.
Sarte posted Tue, 12 October 2004 at 9:45 PM
No kidding...which is why I write this current message on Firefox.
Do the impossible, see the invisible
ROW ROW FIGHT THE POWER
Touch the untouchable, break the unbreakable
ROW ROW FIGHT THE POWER
Svigor posted Tue, 12 October 2004 at 10:20 PM
The thing is, Mozilla & co. probably have quite a few holes as well...but since only 1% or so of all surfers use them, nobody cares to find them all out. Automatic pop-up blocking, tabbed browsing, extensions, themes... the only thing "wrong" with Mozilla browsers (other than a very slight learning curve for backups etc.) is that they're actually standards-compliant so every so often pages written with Microsoft's non-standards-compliant code in mind don't display properly. I just wish Web authors would catch a clue and stop writing in "Microsoft HTML." You'd think more people would refuse to put up with MS's crap just on general principles.
MungoPark posted Wed, 13 October 2004 at 1:35 AM
Last sunday, I encountered something strange in freestuff, which now makes sense to me. Unfortunately I cant recall the link but it was in the Poser props section - after clicking on a download link, my computer tried to open a non-standard port and make a connection - I denied this - is it possible that the freestuff is full of them ?
KarenJ posted Wed, 13 October 2004 at 7:05 AM
"is it possible that the freestuff is full of them ?" I wouldn't have thought so, otherwise I think we would be seeing a lot more posts, IMs and emails from people who had also experienced this. It sounds to me like it's either one file which both of you happened to choose, or possibly a group of files all from the same user, with a now-defunct domain. Until we receive a report of a specific item or group of items, there's not going to be much we can do here. That said, I will randomly check some download links in the Poser Props section later today, but with the huge amount of files in there, I don't have much hope of getting a result with this method, I'm afraid.
"you are terrifying
and strange and beautiful
something not everyone knows how to love." - Warsan
Shire
artnik posted Wed, 13 October 2004 at 2:33 PM
I think I have a malware or undetectable spyware problem too. This was also from an unknown site on the web. I've tried all my usual remedies, but it still is eluding me.I have a Virus protector, two spyware programs and Zone alarm all active. Nothing shows up. Any ideas on how to track it down? I've used all available tools I have!
KarenJ posted Wed, 13 October 2004 at 4:17 PM
Attached Link: http://computercops.biz/forums.html
The "HijackThis" forum at the attached link is very helpful for getting rid of malware. They helped me out recently when I got infected, one probably the first ocassion this year that I opened IE *rolls eyes*"you are terrifying
and strange and beautiful
something not everyone knows how to love." - Warsan
Shire
alexic posted Fri, 12 August 2005 at 12:36 AM
Just got a serious malware attack on a (free) posable props site, too bad the navigation here won't let me identify the site. (an option to go to the last visited page would help) I just restored my registry (twice) and I think it's gone. Meanwhile I lost my site history and am looking for them again . But when I run into this site again, who should I report it to? I don't want these people on here, they're evil.
AntoniaTiger posted Fri, 12 August 2005 at 1:20 AM
There is a steady trickle of disappearing Poser sites, often leading to links which provide adverts for domain-name selling/hosting sites. The way things work, it likely isn't worth clicking on a freestuff link here which doesn't show a graphic thumbnail. At best, the site's hit a download limit.