Omega Owners Forum
Chat Area => General Discussion Area => Topic started by: zirk on 15 November 2014, 15:55:17
-
Suspect its my end, only happens on OOF (advert below OOF Logo), cant seem to find what it is?, Malwarebytes found nothing.
Only happened when I posted a Pic earlier, click Image in new Post, small pop up appeared, very similar to the one saying 'you have a new message', but said 'enter image URL', thought strange so cancelled it, tried again same thing, thought OOF must have had an update in some form, entered Photobucket URL Pic, posted Post all was well.
Ever since then had this, anyone else having similar issues.
(http://i251.photobucket.com/albums/gg299/zirk-photos/OOFnow.jpg)
-
What do you get if you right click on the offending text and pick "show image properties"?
-
Its not an image, its a rolling text banner, its not a pop up as such but somehow embedded in the top section of the top OOF box.
Right click, doesn't seem to tell me much, suppose i could inspect it, but without knowing what should be ther on the oof page, wont really help me. :-\
-
but without knowing what should be ther on the oof page, wont really help me. :-\
Here you go
(http://www.bonkerz.co.uk/oof/zirk.jpg)
-
Thanks, but what I meant was, right click, inspect element, then what to expect under the text source of the oof page.
-
S'not our end. Does it happen in alternate browsers? If not, suspect browser hijack. If so, suspect poisoned DNS cache or more general malware
-
S'not our end. Does it happen in alternate browsers? If not, suspect browser hijack. If so, suspect poisoned DNS cache or more general malware
Have it on IE (although it took a couple of page refreshes to show up), just check FF now but seems slow loading.
-
Can someone copy and paste the text (under inspect element) of the OOF Front page for me.
Seem to have some some links on mine, that I dont think should be there.
-
It won't let me copy/paste .. so heres a screen capture of mine ..
(http://imagizer.imageshack.us/v2/640x480q90/537/z6FAlu.jpg)
-
Thanks, mine slightly differnt, but about 10 lines down after
<img class="floatright" id="smflogo" src="http://images.omegaowners.com/forum/smf2000/Themes/core/images/smflogo.gif" alt="Simple Machines Forum">
have something linking to surefish.com (also wont let me copy it)
Gonna try another MW scan but in safe mode. :-\
-
Thanks, mine slightly differnt, but about 10 lines down after
<img class="floatright" id="smflogo" src="http://images.omegaowners.com/forum/smf2000/Themes/core/images/smflogo.gif" alt="Simple Machines Forum">
have something linking to surefish.com (also wont let me copy it)
Gonna try another MW scan but in safe mode. :-\
That is a valid image. images.omegaowners.com is the server that provides all static elements on the page.
-
ah, sorry, 10 lines below that...
-
From View Source:
<img class="floatright" id="smflogo" src="http://images.omegaowners.com/forum/smf2000/Themes/core/images/smflogo.gif" alt="Simple Machines Forum" />
<h1 id="forum_name">
<img src="http://images.omegaowners.com/forum/smf2000/ooflogo.png" alt="Omega Owners Forum" />
</h1>
</div>
<ul id="greeting_section" class="reset titlebg2">
<li id="time" class="smalltext floatright">
15 November 2014, 18:10:00
<img id="upshrink" src="http://images.omegaowners.com/forum/smf2000/Themes/core/images/upshrink.gif" alt="*" title="Shrink or expand the header." align="bottom" style="display: none;" />
</li>
<li id="name">Hello <em>TheBoy</em></li>
</ul>
<div id="user_section" class="bordercolor" style="display: none;">
<div class="windowbg2 clearfix">
<div id="myavatar"><img src="http://theboy.omegaowners.com/oofpics/avatar/TBE.JPG" alt="" class="avatar" /></div>
<ul class="reset">
<li><a href="http://www.omegaowners.com/forum/index.php?action=unread">Show unread posts since last visit.</a></li>
<li><a href="http://www.omegaowners.com/forum/index.php?action=unreadreplies">Show new replies to your posts.</a></li>
<li>Total time logged in: 120 days, 5 hours and 21 minutes.
</li>
<li><a href="http://www.omegaowners.com/forum/index.php?action=moderate;area=reports">There are currently 8 moderator reports open.</a></li>
HTH
-
Thanks all, ok done (I hope). ;)
Turned to be a embedded link that quiet fancied parking itself under the OOF Logo, part of visadd virus family apparently. :-\
No idea how it got there, along with the other crap it planted all over the place, but did manage to disable my MS Essentials as well.
-
Thanks all, ok done (I hope). ;)
Turned to be a embedded link that quiet fancied parking itself under the OOF Logo, part of visadd virus family apparently. :-\
No idea how it got there, along with the other crap it planted all over the place, but did manage to disable my MS Essentials as well.
tut tut.
As you know, safe mode, full scans, and even offline scans if you have the capabilities. Might be worth checking for rootkits as well.
Personally, on the rare occasions I believe I've been compromised, I burn and build.
-
Thanks all, ok done (I hope). ;)
Turned to be a embedded link that quiet fancied parking itself under the OOF Logo, part of visadd virus family apparently. :-\
No idea how it got there, along with the other crap it planted all over the place, but did manage to disable my MS Essentials as well.
tut tut.
As you know, safe mode, full scans, and even offline scans if you have the capabilities. Might be worth checking for rootkits as well.
Personally, on the rare occasions I believe I've been compromised, I burn and build.
Takes Days/weeks to get back to where you were though....I find a roll back does the job sometimes
-
I normally do a cloned image of a fresh build with every thing I need on it, ie Office, Mail etc, however last time I needed it it failed to boot, must lock into that one now Ive some fresh Win7 disks back, however as you say can be a bit painful getting things up to speed again, especially with all the windows updates required these days.
-
Thanks all, ok done (I hope). ;)
Turned to be a embedded link that quiet fancied parking itself under the OOF Logo, part of visadd virus family apparently. :-\
No idea how it got there, along with the other crap it planted all over the place, but did manage to disable my MS Essentials as well.
tut tut.
As you know, safe mode, full scans, and even offline scans if you have the capabilities. Might be worth checking for rootkits as well.
Personally, on the rare occasions I believe I've been compromised, I burn and build.
Takes Days/weeks to get back to where you were though....I find a roll back does the job sometimes
A rollback rarely gets rid of any compromises.
-
Thanks all, ok done (I hope). ;)
Turned to be a embedded link that quiet fancied parking itself under the OOF Logo, part of visadd virus family apparently. :-\
No idea how it got there, along with the other crap it planted all over the place, but did manage to disable my MS Essentials as well.
tut tut.
As you know, safe mode, full scans, and even offline scans if you have the capabilities. Might be worth checking for rootkits as well.
Personally, on the rare occasions I believe I've been compromised, I burn and build.
Takes Days/weeks to get back to where you were though....I find a roll back does the job sometimes
A rollback rarely gets rid of any compromises.
I mean the ones where its ....try our software for free.... Only to go and forget to tick all the boxes and you find you have a new crappy browser
-
but without knowing what should be ther on the oof page, wont really help me. :-\
Here you go
(http://www.bonkerz.co.uk/oof/zirk.jpg)
4 Days and 5 hours logged on, is that all?............... :D :D I keep mine hidden, just looked, 99 days 8 hours on OOF........................ :-[ :D :D
-
Rarely look at mine, but just checked most online, bugger, where's that Albs bloke gone, need to go quiet for a while so Taxi Al can get the medal, :o :o :o :o
http://www.omegaowners.com/forum/index.php?action=stats :-[ :-[ :-[ :-[ :-[
-
Eight hours should do it :D ;D
That Tunnie lad has some catching up to do though ::)
-
Some curious statistics there :
in General Statistics
Male to Female Ratio: 33.3:1 ::)
in Top 10 Topics (by Views)
NWS - Loo-Knees (Friends) Porn Thread 43290 ???
-
4 Days and 5 hours logged on, is that all?............... :D :D I keep mine hidden, just looked, 99 days 8 hours on OOF........................ :-[ :D :D
I've been a tad busy trying to stay alive since Jan 2011 ;)
-
Eight hours should do it :D ;D
That Tunnie lad has some catching up to do though ::)
Go on then, keep up, I'll stay low for a while. :)
-
Is the OPs web search throwing up anything odd - if you get Trovi adware or something pesky like that then all sorts of crap pitches up - it is easy to remove in uninstall programmes and then (in IE) manage add ons - search providers and delete.