Please help us with the removal of malicious banner ads. If you find a web site that is the victim of a redirecting Flash advert, if you have been a victim of a redirect, take a few minutes to report it here. Give as much details as possible.
If on the other hand you feel comfortable going back to the site, follow the steps outlined here to record your visit.
You can read more about the malicious SWF adverts in this topic if you wish.
Thanks.
Full Version: Malicious SWF Banners
Hello a.k.a. and welcome.
Thanks for your report, much appreciated.
It's indeed the ifrance link that did hit you, people are suffering since at least the June 12 th on their servers but unfortunatly they are not listening to complaints and prefer to remain silent.
Please don't pay attention to the *genuine* scans, just close every window with Alt + F4 and don't accept any ActiveX controls or downloads from them. In doubt, don't hesitate to ask for a system checkup in our Malware Removal Support Forum.
Thanks for your report, much appreciated.
It's indeed the ifrance link that did hit you, people are suffering since at least the June 12 th on their servers but unfortunatly they are not listening to complaints and prefer to remain silent.
Please don't pay attention to the *genuine* scans, just close every window with Alt + F4 and don't accept any ActiveX controls or downloads from them. In doubt, don't hesitate to ask for a system checkup in our Malware Removal Support Forum.
Thanks for the report. I didn't get hit by any malvertizement for the time being. As you know ads are very geo based thus it might take a while. Any chance you can run Fiddler on it? Can you send me your link by PM, tags / keywords may influence which ad is displayed too. Thx.
Ads are mainly coming from Clicksor ... and they have been caught in the past.
Ads are mainly coming from Clicksor ... and they have been caught in the past.
QUOTE
I guess what I'm asking is, "Can I be infected by malware just by visiting a site that has a malicious SWF banner, or worse, Flash animation on its home page?"
Simply said: Yes.If you never really paid attention how you get redirected, you can watch a video:
Note: Flash Player is needed.
They have improved their install techniques in case file download is set to prompt or blocked, they may use another flash file for example to trigger and force the install of the fake antivirus product.
The Netweasel,
Your approach is good. Pulling out the ethernet in order to break the internet connection is what I would do also as with some driveby installs the computer is slow to respond thus disabling the network connection through its "connection icon" might take a huge amount of time or even fail.
I just would like to add one thing to your guide ...
I hope this small paragraph satisfies your request for critisism.
Your approach is good. Pulling out the ethernet in order to break the internet connection is what I would do also as with some driveby installs the computer is slow to respond thus disabling the network connection through its "connection icon" might take a huge amount of time or even fail.
I just would like to add one thing to your guide ...
QUOTE
At this point I would feel that my computer was probably uninfected and safe to use, but I'd still keep an eye on it for several days, looking for odd behavior or unexpected Internet activity.
At this point I would suggest seeking help on one of the various forums in order to make sure that my computer is clean. Infections can be complex and for the people that are not really savy or skilled it might be hard to tell by themselves if some underlaying activity isn't still occuring. Examples are a rootkit, a nasty bot piloted by a C&C, file infector such as virut.QUOTE
If all else fails, of course, there is always the "reformat-the-hard-drive-and-reinstall-the-operating-system" option, but that is rarely necessary since I keep my eyes open, try not to visit dodgy web sites, and take quick action if and when one of these obvious attempts to infect me should occur.
That's why when I install an OS I create a complete image of the harddrive once the initial setup done (without going on Internet and with all updates installed). Then regular backups of my personal files. It only takes me 8 minutes to reimage my harddrive in case of glitch ... 8 minutes .. even an antivirus scan isn't that fast. As for not trying to visit dodgy sites ... that's not completely true anymore to keep you safe since advertisements are present on every single website. People got redirected by visiting travel agencies, newspapers, storage websites, myspace, hotmail to name only a few.I hope this small paragraph satisfies your request for critisism.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.