The attached report came from Avast AV software while accessing the forums tonight -- the affected connection from the offending ad has been blocked and now I have to repeatedly refresh until it rotates out or I only get blank areas in the center of the page. (Head, foot and side banners still display).
This was accompanied by a pop-up of a purported people finder.
i had a JS/exploited shell.gen Trojan from this site, it was cleaned by my AV software every time i opened Dizzy. it also stopped any of the forum tables from appearing. I enabled add blocker and the Coors add disappeared and everything else returned to normal
Ok, all ads should now be gone, or they will be in a few minutes. I do not know what happened, but I will post back Monday sometime with a complete explanation and a plan to make sure it never happens again. First guess -- and this is just from what I'v been told -- is that the network from which those ads come was compromised.
I posted in the BF thread earlier from my phone, but I was not in a good reception area and it was problematic, to say the least. ddt has been working tirelessly all day from the west coast since around 7 am his time and we've finally managed to get with the Gossamer folks.
I'm going to direct traffic from that thread here.
I'm getting reports on Rockclimbing.com that the following works for what the rogue ad leaves behind (if your own anti-viral didn't stop it). The trojan may be called Extra Antivir. Click below and scroll down just a bit. If that looks familiar to you, follow the instructions.
one of my machines went for the ride..i was running firefox 3 but the ad blocker wasn't setup correctly
it ended up with the extra-anti virus and 2 gay porn desktop icons
the extra-anti virus looked like a windows boot up screen appearing like windows was rebooting and recommending you install the fake anti-virus for a fee kept doing the fake reboot every 5 minutes then it kept prompting error tabs from the task bar as if it were your windows security to get you to reconnect to the web to download and scan with the AGV anti-virus.
the real antivirus program is AVG so I recognized it as fake right away..also during the fake windows reboots it would never prompt me to type my user password. so I figured it wasn't really windows.
the gay porn desktop icons were a fucked up twist to the virus. they were read only so I couldnt figure out where they came from. i would delete them and they would pop back up within seconds. had me laughing my ass off.
machine is clean now all updates and patches..
coors light rocks!!! no love lost for the john waynes
Okay, ads will be up sometime tomorrow, minus the culprit. I'm going to spend some more time following up on things, and then get some sleep. I'll be back online all day tomorrow to make sure things go smoothly.