-
Hey Guest. Check out your NeoGAF Wrapped 2025 results here!
Was just redirected to a shady "anti virus" site from a GAF thread
- Thread starter Demon Ice
- Start date
- Status
blame space
Banned
that's why you never enter a timedog thread.
blame space
Banned
just kidding timedog i love you
Time to clean the fridge. Wipe and restore!
Yeah friend just directed me to this. Gonna run a full scan, if it finds something I'll probably system restore to be safe.
Wait... if it finds something you'll system restore? Do you even know how long you've had that? You could restore back to when you had it. It can probably just remove it.
Bumping this as I also got a redirect. And malwarebytes ran clean.
Norton detected it and stopped it, but it may be ad related.
Norton:
Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
6/28/2012 12:20 PM,High,An intrusion attempt by 96.44.181.170 was blocked.,Blocked,No Action Required,Fake App Attack: Fake AV Redirect 21,No Action Required,No Action Required,"96.44.181.170, 80",queerprocessrisksutility.in/78dee9e271084cb2/999/,"(MY PC) ((MY IP), 55396)",96.44.181.170,"TCP, www-http"
Norton detected it and stopped it, but it may be ad related.
Norton:
Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
6/28/2012 12:20 PM,High,An intrusion attempt by 96.44.181.170 was blocked.,Blocked,No Action Required,Fake App Attack: Fake AV Redirect 21,No Action Required,No Action Required,"96.44.181.170, 80",queerprocessrisksutility.in/78dee9e271084cb2/999/,"(MY PC) ((MY IP), 55396)",96.44.181.170,"TCP, www-http"
Timedog installed flame on my PC. Known fact.
WickedCobra03
Member
No I got that same thing like 5 minutes ago. This computer has seemed to be alright before that.
I will run some anti-malware programs, but I looked in my running programs and nothing looked suspicious, so I dunno.
edit: here are some screencaps. Anyone else getting these, or close to these?
I will run some anti-malware programs, but I looked in my running programs and nothing looked suspicious, so I dunno.
edit: here are some screencaps. Anyone else getting these, or close to these?
blame space
Banned
NeoGAF giving people viruses again? Evilore eerily silent.
From being a techie all my life and countless of times I try to do a system restore in windows, I have NEVER had this work correctly once. Until, last week when my parents XP pc had malware on it. I was in Awe!
ChocolateCupcakes
Member
Last time it was because of Java right? You guys should make sure thats updated.
edit: here are some screencaps. Anyone else getting these, or close to these?
Just got exactly this. Installing malwarebytes right now.
user8503492
Banned
I keep getting propmts for Java related things from Neogaf.
A few months ago I got repeatedly attacked with malware from neogaf somehow.
Just as the Java prompts started popping up here on Neogaf Ive had my Homepage redirected twice and my actual Neogaf favorite button redirected to another site.
A few months ago I got repeatedly attacked with malware from neogaf somehow.
Just as the Java prompts started popping up here on Neogaf Ive had my Homepage redirected twice and my actual Neogaf favorite button redirected to another site.
user8503492
Banned
Almost 100% sure I keep getting problems from going into the "Pics that make you laugh" thread.
Heres the Java prompt I keep getting from GAF. Ive updated and everything, not sure what it is.
ChoklitReign
Member
Same for me, but this happened at a school library computer. It even finished removing a bunch of files. I feel so stupid because it's dressed up like in XP but I'm using 7. How does this shit get onto GAF?
Usually through the ads.
user8503492
Banned
No I got that same thing like 5 minutes ago. This computer has seemed to be alright before that.
I will run some anti-malware programs, but I looked in my running programs and nothing looked suspicious, so I dunno.
edit: here are some screencaps. Anyone else getting these, or close to these?
Ok, just got for the first time right now. I got the other things I posted before but I just got this warning/bullshit for the first time.
Those warning messages aren't actually malware. They're just a clever piece of social engineering that tries to get you to download the actual malware. As long as you don't actually click on the "protect now" link and run the .exe you'll be fine.
That message should only pop up if you're trying to use a site that uses Java (or a piece of malware that uses Java) and you haven't got Java installed. You're fine.
As far as I'm concerned, unless you really need Java don't install it. The amount of exploits that use Java is ridiculous.
Almost 100% sure I keep getting problems from going into the "Pics that make you laugh" thread.
Heres the Java prompt I keep getting from GAF. Ive updated and everything, not sure what it is.
That message should only pop up if you're trying to use a site that uses Java (or a piece of malware that uses Java) and you haven't got Java installed. You're fine.
As far as I'm concerned, unless you really need Java don't install it. The amount of exploits that use Java is ridiculous.
Druz
Member
It doesn't get rid of the malware it just undoes some of what the malware done did like take over file association.
bobbychalkers
Member
Yeah, I got the "queerprocessutility.in" thing as well. I'm already an hour into scanning my computer with Malwarebytes. So far I haven't noticed anything different.
No I got that same thing like 5 minutes ago. This computer has seemed to be alright before that.
I will run some anti-malware programs, but I looked in my running programs and nothing looked suspicious, so I dunno.
edit: here are some screencaps. Anyone else getting these, or close to these?
Hmm, I recall that one being really freaking annoying to get rid of. I may have to lay off GAF for a while if there's an infected ad again.
My antivirus just blocked this same thing when I clicked into the Off-Topic forum, so I'm guessing it's an ad doing it.
AVG identified it as Exploit Rogue Scanner.
http://www.avgthreatlabs.com/webthreats/info/rogue-scanner/
AVG identified it as Exploit Rogue Scanner.
http://www.avgthreatlabs.com/webthreats/info/rogue-scanner/
computers putin'
Member
same just happened to me, wtf?
Surface of Me
I'm not an NPC. And neither are we.
Damn GAF, I thought this was one of my shady porn sites doing this, but it was you!
I think you should do back ground checks on this websites ads.
SerArthurDayne
Member
I just got this.
Probably no help, but I clicked on Nottheguyyoukill's user name in the GAF confessional thread to find out what he got banned for and it opened up a link to the above pictured site.
Otherwise, I know nothing.
Running a scan from orbit. The only way to be sure.
Probably no help, but I clicked on Nottheguyyoukill's user name in the GAF confessional thread to find out what he got banned for and it opened up a link to the above pictured site.
Otherwise, I know nothing.
Running a scan from orbit. The only way to be sure.
KibblesBits
Member
I got one too. I just backed out. If you don't download these things and run your malware/virus scans you're usually ok.
Was it: http://stage.neogaf.com/ ?
blame space
Banned
i just got the pop up box when trying to look at a really old thread. killed chrome without clicking OK and did a MSE scan and it says i'm ok..
bobbychalkers
Member
Is that the one that hides folders and says your hard-drive crashed and a bunch of other parts failed? I remember panicking like hard when I got it.
I don't know if it's related to an ad or not, but this seems to be the URL that people get redirected to. - queerprocessrisksutility.in/78dee9e271084cb2/999/ -
I've just checked and it's still live.
- Status
Similar threads
- Poll