Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Oct 5, 2012 9:29:37 GMT
Viewing the forum today I keep getting the message'do you want to open or save jload.js from pixel.adsafe protected.com.
Has anyone any idea what this is,everytime I cancelled it,it re-appeared.
|
|
|
|
Post by trt on Oct 5, 2012 9:46:12 GMT
ooh. That's a javascript file. Hm... I'm not getting that error, but I switched to the Iron browser some weeks ago over concerns for a zero day bug in Java.
|
|
mrfs42
71E25683904T 172E6538094T
Big Hair Day
Posts: 5,922
|
Post by mrfs42 on Oct 5, 2012 10:25:55 GMT
It's a curious one, and not limited to this forum.
How up-to-date is your installation of Java?
If you don't use Java disable the plug in the browser.
Make sure too that your anti-malware (SuperAntispyware, Malwarebytes and CCleaner) have run recently.
|
|
|
|
Post by trt on Oct 5, 2012 11:16:16 GMT
Yes. It might well be a botched attempt to load the java exploit via a served ad. The bad stuff comes through one of the adverts which are pulled in from another server, so for a web site provider not only does YOUR server have to be hardened against attacks, you are relying on any advert serving server admins to have done their job too. The internet is a nasty place.
|
|
castlebar
Planners use hindsight, not foresight
Posts: 1,316
|
Post by castlebar on Oct 5, 2012 11:53:51 GMT
I cannot repeat enough times, some ads are actually spoof ads.
Just pressing the little red box to delete them is what unloads the virus/malware, then it can be in there for a couple of weeks before it send stuff to everyone who you've ever sent e~mails to, with junk spam and all sorts of rubbish.
Be particularly careful of what appear to be flashing banner ads telling you that you have won an iphone or free business cards. They are designed to look like genuine ads, rather like the ones that pretend tobe from the HMRC telling you thatyou have a tax refund due to you. Best ignore the ad altogether or swich off and sign in again.
|
|
|
|
Post by trt on Oct 5, 2012 11:59:02 GMT
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Oct 5, 2012 12:12:59 GMT
Wow !.Now I am confused but many thanks for the replies.
I have allowed all the recent Java updates but had a message along the lines of 'you already have the latest version installed.
Ran a complete virus scan this morning and nothing found (Macafee) and will run registry etc cleaner this aft,dont do that too often as it deletes all my passwords that I have difficulty remembering.There is another rail forum with a similar thread going but I've not had a problem there.Again,many thanks for the replies.
|
|
|
|
Post by trt on Oct 5, 2012 12:23:21 GMT
It's probably not you, it's probably a botched attempt to infect other machines by way of an ad appearing on these pages. Everyone gets different ads at different times, you see, so it's not likely to be a problem everyone will experience.
|
|
mrfs42
71E25683904T 172E6538094T
Big Hair Day
Posts: 5,922
|
Post by mrfs42 on Oct 5, 2012 12:37:30 GMT
Ran a complete virus scan this morning and nothing found (Macafee) Not the best AV by a long chalk - Avast! is the current best of the free crop. Worth looking at a malware program too (as mentioned upthread). Secunia will scan and patch most potential security exploits. Please note that the Forum Staff do not condone the use of Adblocking Software as it is against the Proboards terms of service. |
|
|
|
Post by chrisvandenkieboom on Oct 5, 2012 12:47:04 GMT
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Oct 5, 2012 13:17:43 GMT
Downloaded secunia and found nothing so will just put this down to a failed attempt by unknown.Regarding ad blocking software,I has been explained to me in another thread that basically,no ads=no DD ,so the ads stay.
|
|
|
|
Post by trt on Oct 5, 2012 13:56:24 GMT
Not the best AV by a long chalk - Avast! is the current best of the free crop. Hmm... I use both Comodo and Microsoft Security Essentials simultaneously now. I know it flies in the face of conventional wisdom, but it works and it's detected potential infections that have knobbled other machines armed with McAfee, Avast, Symantec etc. Please note that the Forum Staff do not condone the use of Adblocking Software as it is against the Proboards terms of service. Oh yes. Sorry, forget that one...  Does that T&C apply to Ghostery which blocks tracking cookies? Also, you can set AdBlock to allow Ads when visiting certain sites, so if you are going to use it, whitelist DD, OK?! |
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Oct 5, 2012 14:08:21 GMT
Downloaded and scanned,this exposed a major prob with a programme I'd forgotten was on here (errorwiz) which I have deleted and many other things like Google freezing have dissapeared with it.Many thanks !. |
|
Colin
Advisor
My preserved fire engine!
Posts: 11,348
|
Post by Colin on Oct 5, 2012 15:09:45 GMT
Oh yes. Sorry, forget that one... Does that T&C apply to Ghostery which blocks tracking cookies? Also, you can set AdBlock to allow Ads when visiting certain sites, so if you are going to use it, whitelist DD, OK?! We cannot control what you choose to do on your PC. Whether or not Proboards know what you're doing is something we can't answer. Bottom line though is that using advert blocking software is against the terms of service [which we all agreed to when we created our accounts] - as such we must be seen to discourage any discussion to the contrary. I hope that clarifies things  |
|
|
|
Post by angelislington on Oct 7, 2012 11:53:59 GMT
...will run registry etc cleaner this aft,dont do that too often as it deletes all my passwords that I have difficulty remembering. You may find KeePass useful as a repository for all your passwords. One master password is needed. You can also set it to generate passwords, which means you can have super-secure passwords for things like Facebook, email and Banking. And when your AV software deletes all remembered passwords, you can just copy & paste them back in, from KeePass. |
|
Phil
In memoriam
RIP 23-Oct-2018
Posts: 9,473
|
Post by Phil on Oct 8, 2012 6:35:11 GMT
Whether or not Proboards know what you're doing is something we can't answer. There is at least one site I visit (a free ebook site) that will not let you view the catalogue, log in or download stuff unless adblocking software is switched off. It just sends you to a full new page with just that message on it. So yes, if Proboards want to find out (on an individual member basis) they can. Whether they bother is another matter; those particular T&C are there to satisfy the advertisers rather than the forum admins |
|
|
|
Post by andypurk on Oct 8, 2012 9:39:53 GMT
Whether or not Proboards know what you're doing is something we can't answer. Whether they bother is another matter; those particular T&C are there to satisfy the advertisers rather than the forum admins It is probably not as simple as that as advertisers pay per view as well as per click. So if you have an adblocker, which means the advert won't be downloaded and displayed, Proboards won't get any money. |
|
|
|
Post by chrisvandenkieboom on Oct 8, 2012 12:42:18 GMT
Whether or not Proboards know what you're doing is something we can't answer. There is at least one site I visit (a free ebook site) that will not let you view the catalogue, log in or download stuff unless adblocking software is switched off. It just sends you to a full new page with just that message on it. So yes, if Proboards want to find out (on an individual member basis) they can. Whether they bother is another matter; those particular T&C are there to satisfy the advertisers rather than the forum admins Except that anti-adblock also isn't flawless. You wouldn't like suddenly banning 50% of your userbase due to an error... People tend to suddenly move towards another service when that happens.... |
|
|
|
Post by metrider on Oct 20, 2012 19:59:45 GMT
Some confusion over technicalities in the first few posts, so to clear them up.......
".js" is a JavaScript (or more correctly an "ECMAScript") file. It is NOT related to the Java language and runtimes as distributed by Oracle (and formerly Sun). Javascipt and Java re two ENTIRELY different things.
JavaScript (in the context of this query) is BUILT INTO browsers. Whilst there may well be security holes in it they should be patched with browser updates. Without JavaScript, the modern consumer web browsing would be practically unusable. It is used for many small automations on web pages.
".js" files can also be used outside of browsers to automate Windows based systems. Microsoft have also used the name jscript for this use of this technology).
Hence .js files can be a legitimate part of a webpage, an attempt execute an exploit in a browser, or an attempt to execute malicious code outside of the browser.
Java, is a separate language that needs to be download from Oracle. A few sites use it for more complex web applications (games or web consoles for hardware are common uses). Most of the internet will function without it. Java has continually been beset by serious security issues and my recommendation would be that if you have it installed. Assess if you REALLY need it and uninstall it if you can without serious impact to your needs. If you DO have it installed be VERY careful to keep it up to date. Jave does ingrate with browsers through plugins, but is NOT part of the browser.
In answer to magnicon's OP... It does sound like either a poorly coded advert, or a malicious advert.
The "pixel" part of the offending site name suggests that they are trying to use a small one pixel image as a carrier for their tracking cookies or malicious code. My comments are:
1) set your browser to reject "third Party" cookie (ie those not originating from the site you are actively browsing).
2) if you are using IE and have concerns about a particular site or domain, you can add it to IE's "restricted-sites" security zone. This will severely limit what Active content originating from that site can run/do. The may be other ways of blocking such malfunctioning sites in different browsers (being careful to phrase that in a way that does not advocate the use of ad blocking sw).
3) Use a reputable AV package that scans web content. I'll not get it discussion on this point, but I do feel that certain paid AV offering are better than the free ones. In addition occasional scans with Malwarebytes are good....
4) A Fourth possibility is that somehow you have configured your browser to handle ".js" files in a non standard way. But if this were the case, I expect that you'd see many more issues than just the particular case you mentioned.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Oct 21, 2012 9:51:23 GMT
Thanks for that,I was brought up in an age where the nearest thing to a computer was on 'The man from U.N.C.L.E.' or 'Fireball XL5',calculators were about by the time I went to college but we were not allowed them as there was nowhere to plug them in so had to settle for a slide rule.
Consequently if anything starts to go wrong with this thing I get into a panic (look for an earlier thread where I was seemingly being pursued around the internet by a roll of Screwfix anti-slip tape),I really do appreciate all the replies,these are far more helpful than asking computer bods who speak a different language to us.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Oct 21, 2012 10:52:27 GMT
This isn't the first discussion I've seen suggesting that hidden nasties are sometimes included on adverts that appear here (and I fully appreciate that the adverts are part of proboards and not within the control of DD admins / mods)
It strikes me that if Proboards are going to prohibit the use of ad-blocking software, then they ought to have considerably higher standards about the advertising they allow.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Oct 21, 2012 16:50:45 GMT
It strikes me that if Proboards are going to prohibit the use of ad-blocking software, then they ought to have considerably higher standards about the advertising they allow. They don't have any control over it either - they use third-party ad network. |
|
castlebar
Planners use hindsight, not foresight
Posts: 1,316
|
Post by castlebar on Oct 22, 2012 8:43:50 GMT
@ puddytat
There was another nasty on here yesterday. It was attached to a youtube vid somebody posted in all innocence. Again, it was the pulsating "you have won an iphone" ad. NEVER delete this as the virus is also in the 'delete' button. As has been said, proboards have no control over this.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on Oct 22, 2012 17:05:59 GMT
Realistically, the only way this is going to be sorted out is if/when the forum changes its supplier away from Proboards.
As the staff have told us before, this is highly unlikely to happen in the near future, purely because of the amount of data held here, and the amount of time, and possibly money, it could take to move it to another host.
|
|
Does that T&C apply to Ghostery which blocks tracking cookies? Also, you can set AdBlock to allow Ads when visiting certain sites, so if you are going to use it, whitelist DD, OK?!
