Google Search PhysicsForums Virus Attack

  • Thread starter (Q)
  • Start date
  • #1
(Q)
143
0

Main Question or Discussion Point

While searching a topic on Google, I ran across a link that lead to Physicsforums so I clicked the link.

The next thing I knew, my computer was under massive attack. Viruses were being delivered as anti-virus warning windows began popping up. Spybots and Malware were being delivered - found over 60 in one pass. Programs of some sort were being installed. My browser opening page was highjacked.

So, what happened? Why did a link leading to this forum get re-directed?
 

Answers and Replies

  • #2
977
1
Do you by any chance still have the original link from Google? I would email everything you have to chroot or Greg, just in case this is a problem with this site. I doubt it, though, and you can probably attribute what happened to spyware that was already installed on your computer.
 
  • #3
193
0
that must have been scary
 
  • #4
290
0
DarkAnt said:
that must have been scary
No, not scary at all, Web developers know well what problems they might be...
 
  • #5
290
0
(Q) said:
While searching a topic on Google, I ran across a link that lead to Physicsforums so I clicked the link.

The next thing I knew, my computer was under massive attack. Viruses were being delivered as anti-virus warning windows began popping up. Spybots and Malware were being delivered - found over 60 in one pass. Programs of some sort were being installed. My browser opening page was highjacked.

So, what happened? Why did a link leading to this forum get re-directed?
Give me that link, I want to know how dangerous it really is..
 
  • #6
dduardo
Staff Emeritus
1,890
3
Give me the link too. I'll believe it when I see it. The more likely senario being that you went to another, it openned a pop-under that you didn't see. Then you happened to go to click on a link to physicsforums when the pop-under initiated its attack against your computer.
 
  • #8
290
0
(Q) said:
I went back in my history folder and found the link below:

www.physicsforums.com/archive/t-8466
Why didn't I see anything similar to what you said ??? (-.-)
I guess those viruses have found out other sources, so they have gone chase them, and left this thread alone, (there is also possibility that they are afraid of Pattielli--(:redface:)) uhmm, it is internet though, there will never be anything so called statability, if viruses saw something strange/ irritative, they will choose other ways to run immediately, I addmit it is hard to catch them, and much harder if they are already well-trained (well-made) ones--again internet, it is internet ! yeah -- yeah --yeah!
 
  • #9
dduardo
Staff Emeritus
1,890
3
You must have gotten it for somewhere else. Even though I'm in linux have popup blocking, I would have seen a little icon telling me it blocked something.
 
  • #10
BoulderHead
I'm with (Q) on this matter. Here's what I did;

1) Deleted all TIF files
2) Ran AdAware and removed all traces.
3) Clicked on that link provided by (Q).

Two popup windows and WMP opened.
Popup 1: Web Page Dialog for Westwood College Online.
Popup 2: Microsoft Internet Explorer for Gambling.com

So, I closed the player and killed the two popups, then hit the refresh button on my browser window;

Three popups, WMP, and an Install program dialog box appeared. Killed all instances and ran AdAware again. Seven instances were detected, all cookies. Here's the list;

@advertising[1].txt
@casalemedia[1].txt
@centrport[2].txt
@doubleclick[1].txt
@mediaplex[1].txt
@servedby.advertising[1].txt
@z1.adserver[1].txt

Also, in checking the TIF folder I found the following executables, two of which I'm fairly certain are adware related from having dealt with them in the past;

np1
np2
si1
si2
install026

In short, I have every reason to believe that link is buggy.
 
  • #11
290
0
I used to visit codeguru where I got much more than these things, and whenever i run adware, i see them even in my registry.
By the way, after glancing at what you posted, I would highly recommend not to accept third-party cookies, then turn on the ad-block function available in your browser if that is not explorer. But if it is, you should google and download an ads-blocker for free, I am sorry i don't remember its URL but i am sure there are a lot!
If you like or as a careful person, you should check the internet options and check "ask before accepting cookies". If there is something that you shouldn't put your trust on, just click NO and everything would be fine !

Hope that can be of help!
 
Last edited:
  • #12
dduardo
Staff Emeritus
1,890
3
It's a shame I never have to worry about these problems. I almost feel bad for you windows users. :rofl: :rofl: :rofl:
 
  • #14
BoulderHead
Thanks all, but I'm not asking how to avoid such things, merely supporting what (Q) said as being accurate and alerting anyone who may be interested in looking into this matter (Greg?).
 

Related Threads on Google Search PhysicsForums Virus Attack

  • Last Post
Replies
9
Views
1K
  • Last Post
Replies
9
Views
3K
  • Last Post
Replies
2
Views
2K
  • Last Post
Replies
2
Views
141
Replies
5
Views
885
Replies
20
Views
7K
Replies
18
Views
4K
  • Last Post
2
Replies
26
Views
4K
Replies
4
Views
10K
Top