Virus? - Page 1 - Website Feedback

Original Poster

33,041 posts

196 months

Monday 14th May 2018

I was just reading a thread, when the whole browser page was replaced with an obvious fake, telling me I have 1 virus, 2 malware and 1 phishing thing. It urged me to 'click this button' or some s

t, to clean it.

This was the page.

-http://safety.microsoft.com.ttksr.5zp8nhicaovkg4jfhcdwmg.download/ow/en/index.php

Either it's real (which I don't believe), or something at PH towers had been compromised.

Edited by Doofus on Monday 14th May 12:17

Ultra Sound Guy

29,287 posts

217 months

Monday 14th May 2018

Doofus said:

I was just reading a thread, when the whole browser page was replaced with an obvious fake, telling me I have 1 virus, 2 malware and 1 phishing thing. It urged me to 'click this button' or some s

t, to clean it.

This was the page.

http://safety.microsoft.com.ttksr.5zp8nhicaovkg4jf...

Either it's real (which I don't believe), or something at PH towers had been compromised.

Probably safer to post a screen shot rather than a potential phishing /scam/virus link!

Dave Hedgehog

15,775 posts

227 months

Monday 14th May 2018

Doofus said:

I was just reading a thread, when the whole browser page was replaced with an obvious fake, telling me I have 1 virus, 2 malware and 1 phishing thing. It urged me to 'click this button' or some s

t, to clean it.

This was the page.

http://safety.microsoft.com.ttksr.5zp8nhicaovkg4jf...

Either it's real (which I don't believe), or something at PH towers had been compromised.

total scam

or i need to contact apple and inform them my mac has a windows virus biggrin

Original Poster

33,041 posts

196 months

Monday 14th May 2018

I don;t have a screenshot. I wasn't proposing people follow the link; just look at the URL to confirm it's not legit.

essayer

10,348 posts

217 months

Monday 14th May 2018

Run Malwarebytes to ensure you don’t have any browser plugins etc you don’t know about

Original Poster

33,041 posts

196 months

Monday 14th May 2018

essayer said:

Run Malwarebytes to ensure you don’t have any browser plugins etc you don’t know about

Already (and continually) done

essayer

10,348 posts

217 months

Monday 14th May 2018

Doofus said:

essayer said:

Run Malwarebytes to ensure you don’t have any browser plugins etc you don’t know about

Already (and continually) done

Probably an ad then, I had this once on another mainstream site, although that was with IE.

Almost impossible to track down the specific ad which caused it unless you were logging at the time frown

eybic

9,212 posts

197 months

Monday 14th May 2018

PH seem to have sold their soul to the devil for advertising space so it's likely one of the ads that's being served. It will maybe be responded to by saying the ad team will be spoken to but in reality, they have already sold the ad space so nothing will happen.

Original Poster

33,041 posts

196 months

Monday 14th May 2018

That's what I thought...

condor

8,837 posts

271 months

Tuesday 15th May 2018

I posted a thread about this in the computer section, didn't realise that there might be a thread in website feedback about it. Foolishly it seems, I thought PH was a safe site to browse.
Could be argued I wasted 2 hours doing a full scan Sunday and a further 2 hours this morning. I'm just pleased that I now know PH is the culprit via a dodgy ad it's allowed.

AlexRS2782

8,424 posts

236 months

Tuesday 15th May 2018

Definitely a dodgy ad that's been fed through. The last time i used this site minus an adblocker active my antivirus went mad telling me it was blocking numerous connections from a script that was attempting to gain access to my laptop to mine bitcoins. Checked the origin in the antivirus and lo & behold it was tied to one of the banner adverts that was being served by PH's preferred provider, that contained a malicious script banghead

There was also this thread recently - https://www.pistonheads.com/gassing/topic.asp?h=0&... - whereby another user pointed out PH / HM appeared to be allowing adverts through containing explicit / sexual content.

Now using Chrome with a decent adblocker and PH is once again free from all the crappy / clickbait adverts.

Shuvi McTupya

24,460 posts

270 months

Tuesday 15th May 2018

Original Poster

33,041 posts

196 months

Tuesday 15th May 2018

Shuvi McTupya said:

Yep, that's the one

Shuvi McTupya

24,460 posts

270 months

Tuesday 15th May 2018

Doofus said:

Yep, that's the one

That just popped up for me so i installed adblocker. I then loaded PH, navigated to this thread and posted here and in one other thread. Adblock has blocked 60 items!

Original Poster

33,041 posts

196 months

Tuesday 15th May 2018

TBH, PH is littered with s

te adverts and adverts for s

te these days.

It is a coincidence that this began soon after the secret/not secret announcement that Haymarket have decided to stop giving a toss about the forums? Hmmmm...

Shuvi McTupya

24,460 posts

270 months

Unexpected Item In The Bagging Area

Tuesday 15th May 2018

possibly..

i have just noticed that some ads are getting through adblocker, such as the large 'sponsored content' b

ks at the bottom of every page..

7,353 posts

212 months

Wednesday 16th May 2018

As per the later pages of this https://www.pistonheads.com/gassing/topic.asp?h=0&... thread, if you browse via Brave you’ll see no adverts.

trickywoo

13,618 posts

253 months

Thursday 17th May 2018

Doofus said:

Shuvi McTupya said:

Yep, that's the one

This one just came up for me too.

Tom Logan

3,872 posts

148 months

Thursday 17th May 2018

I have Ublock and Ghostery on Firefox and I've never seen an advert on this site, all I get is an occasional blank box on the right hand side of a page, if the ads weren't so intrusive I wouldn't feel the need to run adblockers.

The expression 'hoist by your own petard' springs to mind.

Loyly

18,222 posts

182 months