Forum and Java update malware?

djdownward · #1 12-12-2011, 05:44 PM

I was browsing forums on my work computer and got an update prompt saying that java was in use on the page and if i wanted to update and use it.

Well I did the first time and apparently it loaded some pho windows security program said there were issues on the computer. It locked out the internet saying it was unsafe and insisted it let this program be installed.

I shut it down in safe mode and did a system restore, and have AVG and malwarebytes loaded on my work comp as well as my home comps.

Since I have done the restore I have had the same prompt from java saying java is in use on the forum pages and do I want to update and install.

I have been declining and canceling since then, and today I just saw it on my brand new home laptop, my scanners do not report anything malicious but I am still declining it all.

Anyone else had a problem like this on the forums? Didn't know where else to post. I guess I'll dup this onto blue forum too.

Uthgaard · #2 12-12-2011, 05:47 PM

Sounds like you got tricked into downloading a virus. You shouldn't need to update anything to view these forums.

djdownward · #3 12-12-2011, 05:52 PM

Well I dont do anything on my work computer except browse forums and game sites. And I didnt have any real protection on it, but I dont understand how the same pop up would show up on my laptop at home and only prompt me while I'm browsing forums.

AVG still says I have no malicious stuff that it can detect.

Wierd, super paranoid now.

Handull · #4 12-12-2011, 08:31 PM

I seem to get random attempts asking me to authorize java. I just always say no at this point unless its a site I absolutely know needs java to run. Malwarebytes is good, and so is TDSS Killer and Norton's Power Eraser (both free). TDSS only detects low level registry and root errors, etc. NPE is highly agressive and you need to be careful using it, as it can flag things like your .exe handling registry as malicious, but it does a good job at finding low and high level things that can be a problem. Then lastly i run malwarebytes to get the last of w/e was attacking me.

**Rogean** · #5 12-12-2011, 09:07 PM

I've also noticed a few pop ups that shouldn't be happening.. but it may have been related to other virus's I possibly obtained from a different website.

If you see javascript code in the source of the website anywhere that shouldn't be there, let me know asap.

getsome · #6 12-13-2011, 12:34 PM

i got hit by one from this website as well.

i was browsing here when i saw something attempted to turn off my firewall on my pc.

I was slaying dragons so i figured i would check it out in a few. about 1 hour later, all the normal bells and whistles from that xpantivirus 2012 malware started popping up. a back door rootkit came along for fun this time. ping.exe was a nasty variant of this infection. it will lag the fuck out of our pc, since it ramps your cpu processes up to 100%.

this happened saturday.

Uthgaard · #7 12-13-2011, 01:45 PM

If you see anything like that, make a note of which ads were displayed at the time and which page it was on.

If it's recent enough, you should be able to go into offline mode and revisit the page as it appeared, firefox has a more detailed and accurate cache than ie though.

Zallar · #8 12-13-2011, 02:07 PM

Make sure your Java is patched to the latest version to prevent banner ads from injecting malware.

disco · #9 12-22-2011, 04:50 AM

My virus scanner has been blocking something trying to enter my system everytime I browse the forums. The page will lock up and then after it contains it, it runs the page smoothly.

arsenalpow · #10 12-22-2011, 06:51 AM

Quote:

Originally Posted by getsome [You must be logged in to view images. Log in or Register.]

i got hit by one from this website as well.

i was browsing here when i saw something attempted to turn off my firewall on my pc.

I was slaying dragons so i figured i would check it out in a few. about 1 hour later, all the normal bells and whistles from that xpantivirus 2012 malware started popping up. a back door rootkit came along for fun this time. ping.exe was a nasty variant of this infection. it will lag the fuck out of our pc, since it ramps your cpu processes up to 100%.

this happened saturday.

I had this exact same thing happen to me twice. I would be in EQ with these forums open in the background and the XP antivirus 2012 would pop up. Did a system rollback both times which fixed it. Also, I changed my browser to chrome and haven't had the issue since.