Go Back   nV News Forums > Website Related > Feedback Forum

Newegg Daily Deals

Reply
 
Thread Tools
Old 12-09-05, 03:01 PM   #13
Elvin Presler
Registered User
 
Elvin Presler's Avatar
 
Join Date: Aug 2004
Location: USA
Posts: 633
Default Re: More on the hijacking popups here

They're back. Same hijacking deal.

FYI, I just restored my clean offline backup moments ago too and am reinstalling Far Cry. I've gotten hijacked twice this visit. I went to Rage3d Gaming Forum, then here, nowhere else.

So either these are coming from here, or (conspiracy theory) Rage3d has a malicious script that only activates if the visitor leaves them and comes here. (wham, just got hit again while typing, 3 times now). Usually that is the order I browse in too so....(wham! hit again and AdMuncher is running. I started it after the first hijacking).

As usual, this ONLY happens HERE and nowhere else, and it is random, don't get them every time.

EDIT: This is really wierd. I'm going to stay here while this is happening and try to get logs or something from AdMuncher for you....
Elvin Presler is offline   Reply With Quote
Old 12-09-05, 03:12 PM   #14
Elvin Presler
Registered User
 
Elvin Presler's Avatar
 
Join Date: Aug 2004
Location: USA
Posts: 633
Default Re: More on the hijacking popups here

Holy shi*! Here's what I am getting from AdMuncher right now. I cleared the logs first thing and Rage3d is still showing up....Why? Bad Cookie? And why does it only happen here? Is Rage3d trying to make you look bad? Why do I get no popups while visiting them?

Most of this is mumbo jumbo to me, but maybe someone can make sense of it. I have grabbed all my cookies and Temp Internet Folder contents just now as well, if the powers that be would be interested in snooping around in them, I'll be glad to send them to you (1.6 Meg zipped file).

Link Target URL's:
===============
http://www.nvnews.net/vbulletin/prof...dy&u=27131
http://www.nvnews.net/vbulletin/sear...er&u=27131
http://www.nvnews.net/vbulletin/priv...pm&u=27131
http://www.nvnews.net/vbulletin/member.php?u=27131
http://www.nvnews.net/vbulletin/newr...y&p=766940
http://www.nvnews.net/vbulletin/edit...t&p=766940
http://www.nvnews.net/vbulletin/show...p;postcount=17
http://www.rage3d.com/board/index.php?

Image/Etc Source URL's:
==================
http://www.nvnews.net/vbulletin/imag...quickreply.gif
http://www.nvnews.net/vbulletin/imag...tons/quote.gif
http://www.nvnews.net/vbulletin/images/buttons/edit.gif
http://www.nvnews.net/vbulletin/imag...er_offline.gif
http://www.nvnews.net/vbulletin/images/icons/icon1.gif
http://www.nvnews.net/vbulletin/imag...ine=1094323907
http://www.nvnews.net/vbulletin/imag...n/post_new.gif
http://www.nvnews.net/vbulletin/imag...ser_online.gif
http://www.rage3d.com/board/images/p.../site/logo.gif
http://www.rage3d.com/board/clientsc...lletin_menu.js
http://www.rage3d.com/board/clientsc...etin_global.js Sending me Java scripts when I am not even at their site? WTF?
http://www.strawberry-red.info/def/45/5010_746.swf
http://download.macromedia.com/pub/s...rsion=6,0,29,0

Popup Opening URL's:
================
http://www.strawberry-red.info/def/45/5010.html

Retrieved URL's:
============
http://www.nvnews.net/vbulletin/editpost.php
http://www.nvnews.net/vbulletin/ajax.php
http://www.nvnews.net/vbulletin/imag...er_offline.gif
http://www.nvnews.net/vbulletin/newreply.php
http://www.nvnews.net/vbulletin/imag...dient_tcat.gif
http://www.nvnews.net/vbulletin/imag...ient_panel.gif
http://www.nvnews.net/vbulletin/imag...elsurround.gif
http://www.nvnews.net/vbulletin/imag...ient_thead.gif
http://www.nvnews.net/vbulletin/imag...quickreply.gif
http://www.nvnews.net/vbulletin/imag...tons/quote.gif
http://www.nvnews.net/vbulletin/images/buttons/edit.gif
http://www.nvnews.net/vbulletin/imag...ser_online.gif
http://www.nvnews.net/vbulletin/images/icons/icon1.gif
http://www.nvnews.net/vbulletin/imag...n/post_new.gif
http://www.nvnews.net/vbulletin/imag...r/resize_1.gif
http://www.nvnews.net/vbulletin/imag...r/resize_0.gif
http://www.nvnews.net/vbulletin/imag...r/spelling.gif
http://www.nvnews.net/vbulletin/imag.../separator.gif
http://www.nvnews.net/vbulletin/images/editor/quote.gif
http://www.nvnews.net/vbulletin/imag...nsertimage.gif
http://www.nvnews.net/vbulletin/imag...createlink.gif
http://www.nvnews.net/vbulletin/imag...or/menupop.gif
http://www.nvnews.net/vbulletin/clear.gif
http://www.nvnews.net/vbulletin/images/editor/color.gif
http://www.nvnews.net/vbulletin/imag.../underline.gif
http://www.nvnews.net/vbulletin/imag...tor/italic.gif
http://www.nvnews.net/vbulletin/images/editor/bold.gif
http://www.nvnews.net/vbulletin/imag...moveformat.gif
http://www.strawberry-red.info/def/45/5010_746.swf
http://www.rage3d.com/board/
http://www.strawberry-red.info/def/45/5010.html
Elvin Presler is offline   Reply With Quote
Old 12-09-05, 04:04 PM   #15
retsam
Registered User
 
Join Date: Jul 2002
Posts: 2,602
Default Re: More on the hijacking popups here

read this ...even thoe we joked about a possible root kit but i think that might be your cause....run this tool...

http://www.microsoft.com/downloads/d...displaylang=en

let us know how you make out.
retsam is offline   Reply With Quote
Old 12-09-05, 04:32 PM   #16
Elvin Presler
Registered User
 
Elvin Presler's Avatar
 
Join Date: Aug 2004
Location: USA
Posts: 633
Default Re: More on the hijacking popups here

I'm on it....back in a few with result......

Edit: Nope, I'm clean. I still think it is bad Java from here...or Rage3d. I've been cleaning my caches and bouncing back and forth here and there but can't get the popups going again.
Elvin Presler is offline   Reply With Quote
Old 12-09-05, 04:33 PM   #17
retsam
Registered User
 
Join Date: Jul 2002
Posts: 2,602
Default Re: More on the hijacking popups here

ok cool
retsam is offline   Reply With Quote
Old 12-09-05, 05:36 PM   #18
retsam
Registered User
 
Join Date: Jul 2002
Posts: 2,602
Default Re: More on the hijacking popups here

what about clearing out the precache folder?
retsam is offline   Reply With Quote
Old 12-14-05, 02:43 PM   #19
DaveW
Its me! Hurray!
 
DaveW's Avatar
 
Join Date: Jul 2002
Location: Brit in USA
Posts: 1,203
Default Re: More on the hijacking popups here

Quote:
Originally Posted by Elvin Presler
Holy shi*! Here's what I am getting from AdMuncher right now. I cleared the logs first thing and Rage3d is still showing up....Why? Bad Cookie? And why does it only happen here? Is Rage3d trying to make you look bad? Why do I get no popups while visiting them?
Your saying that even though you don't have Rage3D open, you are still making outbound requests to Rage3D? I've only seen this kind of behavior when behind a buggy proxy server. Does your ISP use a proxy? Its possible its dishing out those popup ads to you.
__________________

Core2 Q9400 @ 3.0, eVGA GTX 260, 4G DDR 800, Vista64
DaveW is offline   Reply With Quote
Old 12-14-05, 06:26 PM   #20
Q
 
Join Date: Sep 2004
Posts: 7,808
Default Re: More on the hijacking popups here

Quote:
Originally Posted by DaveW
Your saying that even though you don't have Rage3D open, you are still making outbound requests to Rage3D? I've only seen this kind of behavior when behind a buggy proxy server. Does your ISP use a proxy? Its possible its dishing out those popup ads to you.
That's what I'm thinking, too. If you are absolutley, positively, without-a-doubt SURE that your system is clean, then this is the only possibility. You would be surprised how vulnerable a system can be, though, even with a fresh install and updates. If you do a fresh install w/out SP2 slipstreamed, you are very vulnerable if you are hooked to ANY network. Even with SP2 slipstreamed, I recommend not even having your network connected physically until firewalling EVERYTHING, installing your Antivirus with recent definitions, and running Spybot immunization. Connect to the internet and get every update from Microsoft immediately. If you don't do this, you can be infected just by sitting on the network. Using IE, however, this doesn't even promise you a lack of infection.

The only way you are getting popups here is going to be found between the chair and the server the site is stored on. If you've done everything right, then its between your computer and the server. Since NO one who has a clean system (even infected systems), other than you, has had an issue with popups it has to be your ISP. Mike does not allow popups on his site and would have a damn fit if there were any on here.
Q is offline   Reply With Quote

Old 12-14-05, 08:50 PM   #21
AthlonXP1800
Registered User
 
AthlonXP1800's Avatar
 
Join Date: Jan 2003
Location: United Kingdom
Posts: 4,352
Default Re: More on the hijacking popups here

I am surprise Elvin still have problems with pop ups, you probably must had missed some important things to do.

Make sure you follow these steps to get rid of pop ups:

1. Check and make sure your Internet Explorer's Privacy is set to Medium-High.
2. Pop up Blocker should be ticked.
3. Download Spyware Doctor and also download latest updates for the program and then scanning for spyware.
4. Update your Anti-Virus and Firewall software then do scanning for virus.

Let me know if these steps help you.
__________________
Intel Core i7 3770K, Corsair H80 liquid cooler with Noctua S12-1200 fan, ASUS P8Z77V with UEFI 2104, 16GB Samsung Green 30nm DDR3-RAM, Pioneer BDR-S09XLT 16x Blu-ray writer, Corsair AX850 PSU, Western Digital 2TB SATA3 hard drive, CanonScan LiDE 210 scanner, Microsoft Internet Keyboard, Microsoft Touch Explorer mouse, 32inch Sharp LC32LE600 LED TV, EVGA Geforce GTX 670 SC 4GB with Geforce 370.50 driver, 50Mb broadband Virgin Media VMDG480 Super Hub, Aspire Xplorer Midi Tower, Windows 8.1 Pro 64bit.
AthlonXP1800 is offline   Reply With Quote
Old 12-14-05, 10:20 PM   #22
a12ctic
 
Join Date: Nov 2005
Location: Chicago IL
Posts: 2,371
Default Re: More on the hijacking popups here

Maby if you didnt use internet explorer (another very piss-poorly made ms product) you wouldnt get pop ups...
__________________
AMD X2 5050 AMD Radeon HD 4830 AMD 780G 4GB OCZ DDR2 Antec 300 Fedora 11
a12ctic is offline   Reply With Quote
Old 12-15-05, 02:41 AM   #23
Superfly
Retired
 
Superfly's Avatar
 
Join Date: Nov 2003
Location: gone
Posts: 3,907
Default Re: More on the hijacking popups here

^^ no need for that.
__________________
It is not how bad the problem is, but how badly it's hurting the person who has it......
Superfly is offline   Reply With Quote
Old 12-15-05, 03:06 AM   #24
rewt
mmm, Beer.. :drooling:
 
rewt's Avatar
 
Join Date: May 2004
Location: USA
Posts: 3,667
Default Re: More on the hijacking popups here

No offense but you're web browser has been pwned. Hijacked?

I still fail to see enough proof that problem is actually arising from visiting this site. So why make yet another thread about it?
__________________
My pimp'n rig
Athlon64 Venice 3000+ @ 2.6GHz (4100+) · Win XP Pro x86, Vista Ultimate x64 · eVGA K8-NF41 nForce4 SLi · Corsair XMS 1.5GB PC3200 CAS2/1T · eVGA 2x 6600GT SLi · Leadtek Winfast TV2000 XP Deluxe · Western Digital Caviar SE ½TB RAID 0/1 · PowerLink LPK2-30 400W · LiteON LDW-411S OC to 811S 8x DVD±R/RW/ROM · MicroAdvantage 64MB QuickiDrive · Samsung SyncMaster 931B 19" LCD · Microsoft Optical Wheel Mouse USB · Sony PSXtoUSB Analog Gamepads · Memorex MX2700 Multimedia Keyboard · Lexmark 3200 Color Jetprinter · nForce Network Controller 1Gb/s LAN (Cable ~3Mb/s down) · ΩPioneer Dolby Digital 5.1 Surround Sound
rewt is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -5. The time now is 08:04 PM.


Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright ©1998 - 2014, nV News.