Virus attack after log in

I saw a livejasmine link flash across the status bar this morning while trying to Back Arrow out of Barter Town. Didn't catch the whole thing, but I was watching since the first page load did the ol' "Scroll to the Bottom" routine.
 
As stated before, the links on top are 3rd party JAVA script and if that is infected, that has nothing to do with AK.

AK does have to spupport itself somehow as donations and subscriberships only go so far.

Does AK have control over whether or not to use these 3rd party advertisements? If so, then how is AK not responsible? I understand that AK needs to support itself, but it seems to me that this is coming at the expense of the members here.
 
Does anyone seriously think that if an advertiser's links were distributing malware, that the advertiser would sit back and do nothing?
 
Does anyone seriously think that if an advertiser's links were distributing malware, that the advertiser would sit back and do nothing?

Some times it takes them too long to find out they are infected. It's happened a lot with some of them...
 
I run Firefox with No Script and haven't had any problems.

I never had any problem (that I know of) from the livejasmine thing before. But I just loaded Barter Town and one of the prompts at the bottom (Chrome this time) said "Waiting for img0 livejasmine" or something like that.

I fully understand the need for advertising. I'm not fully understanding why the ads are trying to load img0 livejasmine onto my computer, why it's so hard to find out what ad it is, and why run the ad that's loading it.
 
I never had any problem (that I know of) from the livejasmine thing before. But I just loaded Barter Town and one of the prompts at the bottom (Chrome this time) said "Waiting for img0 livejasmine" or something like that.

I fully understand the need for advertising. I'm not fully understanding why the ads are trying to load img0 livejasmine onto my computer, why it's so hard to find out what ad it is, and why run the ad that's loading it.

Did you just click on Barter Town or a specific thread in Barter Town when you saw this?
 
Did you just click on Barter Town or a specific thread in Barter Town when you saw this?

Both instances were just clicking into (Chrome, home) and out of (IE9, work) the Barter Town forum.

When I tried again, both places, finger poised on the Print Screen button, it never came back. I cleared cache/cookies and tried again. Nada. When I view the source code of the site, I didn't see any of the subscriber forums, but HTML ain't my forte.


I suspect it's an ad in rotation, but that's just a guess.
 
Virus

After my second virus my company has blocked me from going to audiokarma and audiogon.
Luckily I have an iPad at home. The macs seem to be immune to virus's.(knock on wood)
 
For me at least I use Chrome 99% of the time it has a built in sandbox and usually will keep bad things away from your OS. Also I use ad block plus,and no script along with MSE and Macafee and malwarbytes .
So far OK some occasional warnings though I`m not sure but the latest F/F may sand box also ? I'm on win 7x64 . The fanboys should take note as botrytis mentioned
Mac trojans and other stuff are starting to appear in the wild. As the i pad and various mac/apple OS implementations become more popular they will be targeted.
I did however use IE9 a bit last week malware got in ( not from AK ) and disabled my MSE I had re install it. I was able to remove the offender with malwarebytes So nothing is fool proof.
I read somewhere that some IT professionals lately are of the opinion that most AV software is not effective against new attacks the logic being that by the time they are
discovered and counteracted by the software companies it`s too late ?
 
Last edited:
The ads are generated from Google based on previous searches you have done. Do as others have said ad block plus and no scrip walla no issues. Lets not blame the site for rogue ads supplied by Google.
 
The ads are generated from Google based on previous searches you have done. Do as others have said ad block plus and no scrip walla no issues. Lets not blame the site for rogue ads supplied by Google.

I don't buy this. I surf quite a few places that run Google ads, livejasmin only shows up here. I have Google News saved as a favorite and hit it several times a day. No livejasmin there, and it's Google's own page.

At any rate, I caught it loading this morning, a screen cap entering Barter Town - not the img0 livejasmin this as before, a link to the website:

attachment.php


It's hard to read, it's "Waiting for ht tp :/ /www. livejasmin. com/listpage.php?psid=rickydee&pstour=t10&psprogram=PPS..." (Extra spaces added to break the live link)

RickyDee is a past member here with no posts, probably banned. His user ID comes up in the user name search drop down, but no other info. But I'm sure somebody will be along shortly to tell me that all Google ads have a psid=rickydee and there's nothing we can do.

P.S. I have never searched for "livejasmin", thank you very much. And it's "voila".
 

Attachments

  • BT.jpg
    BT.jpg
    84.5 KB · Views: 61
Last edited:
Strange indeed. One of the best things you can do as far as keeping your computer malware free is to:
Search safe.
Update your OS.
Update your AV.
Update your browser.
If you are running an older browser version or older non supported OS you are 100% asking for trouble anywhere you go. I run microsoft security essentials and periodically scan with MSE, AVG and malwarebytes to detect anything. I've been virus free for over 3 years. I will be graduating in May for "desktop support specialist" I have also taken many classes that involve networks, and network security. I plan on coming back to school to get a Network Security Degree as well. Even though i'm 23 I still feel that I know more than 95% of people on the planet... ON HERE I bet that's more like... 50% - 75% you guys seem to know what you're talking about.

BUT SERIOUSLY... UPDATE!!!!
I can't stress that enough!
 
I took a look at Rickydee and he has no posts, no signature, no avatar, so that leaves out his ability to launch anything.

I had the server company run a diagnostic to see what is launching but they saw nothing.

I ran Googles software and got nothing. see attachment

I ran Audiokarma.org/forums/ through webpagetest.org and again show nothing launching like this.

You may run the same tests and see the results for yourself. If it is intermittent, the programs would need to run at the exact same time the malware launches. Difficult at best, but needed to determine what is launching and from where.

Not everyone, including me, is getting this linking, so again compounding the difficulty.
 

Attachments

  • google.jpg
    google.jpg
    52.9 KB · Views: 24
I don't know that it's malware, I've never been "hit" with anything. It's just a suspiscious link that loaded with this website and is using the MickyDee user ID for some reason. At least that time, it may scan the database and pick a new user next time, I don't know.

It seems strange that if, as people here are eager to point out, it's just something in a Google ad with no relationship to AK that it would have an AK member's user ID embedded in its link.

Every time I've seen any of the livejasmin links, it's been in the subscribers' area. Does Google even scan that portion of the site?
 
Back
Top Bottom