not 100% sure where to post this but why has this appeared when browsing p99 forums?

And now my pc is being attacked by something called Freetoysforall from p99 forums? what the hell is going on?

What page were you on when that popped up?

I believe it was East Commonlands tunnel

EDIT: - I closed the page and reopened again to then get threat recognized - Freetoysforall

I got the same thing when just hitting the forums link in the top header. Also when I clicked in general discussion...

It popped up again after I posted that last comment.

Running full scan on my laptop now. Will keep you posted.

not sure if this is related but i recently got infected by malware as well. i dont do anything on this comp but browse these forums and slashdot. figured my wife clicked on some facebook stuff but now i wonder.

ive just come on to the main forum selection page and had 3 trojan horse blocked pop up messages from avast :( someones being naughty!!!

What ads are showing on the page?
Can you take a screenshot of them?

Lol people still have ads on their browsers in 2012?

It's hitting me... brought it up in IRC as well.

Could be a malicious advertiser from AdWords, but Google would put a stop to that pretty quick..

Unless P99 got injected...

Yep something strange going on with my browser when on here as well.

malwarebytes fixed most of it but not all. i had to reformat.

So far scan shows nothing, looks like AVG did its job :D .... glad I got rid of mcafee 2 weeks ago otherwise I'd be over a barrel right now.

I passed word along, but I'm not having any issues. If anyone else is try and get a capture of the Ads on the pages you visited if so.

Got one pb as well on the forum: when I open a page, I got rediredct to one of these sites adf.ly or http://www.insideentrepreneurs.com (click at your own risk). It only does it from this forum pages, any help welcome.

It seems to have stopped now. It was refreshing the home page constantly for me and I had a pop up all the time asking if I wanted to stay on the site or leave and as quickly as I clicked on it another popped up !

Ya seems to have stopped here, Will revive the thread with pics if I get this again! Thanks for reply ambrotos fast as always.

no joke just got that somethings not right here page. something is definitely not right here

getting hit in the How do we get players to return to Project1999? thread when i reply to stuff.

Noscript is doing its job.

So both servers go down, certain zones then go down, then malware and viruses from forums? something defo isn't right heh..

for the poopsockers sake, i hope they back their shit up lol (character files in particular.)

not 100% sure where to post this but why has this appeared when browsing p99 forums?

getting the same screen on random threads i visit. literally just reformatted harddrive and installed a legit version of win7 friday before i went camping. did a few windows updates this morning (got back last night) and started to install eq2 so for sure its not something that was previously on my comp.

edit: not only did i reformat i used dban boot and nuke so definitely something wrong goin on here

Hahaha. Truedat ;)

47 viruses treated in one scan? That's a ton for me when I never have viruses.

Every few seconds, the following message occurs: "An add-on for this website failed to run."

Wow, those aren't all from forums surely? I woulda thought they would have come from elsewhere ( atleast the majority )

scanning now with avg then malwarebytes and ill post if anything comes up. so far ive only gotten the somethings not right screen.

I just noticed a message keeps popping up "An add-on for this website has failed to run" constantly. Just p1999, no other websites.

My AVG is 83% through full pc scan.. so far all is good.

avg found system clean. i guess it a bad ad because ive only gotten screen twice. anyhow GL guys and hope your comp doesnt melt.

judging by "Freetoysforall" & "Entrepreneurs bla bla" & "Adf.ly" I'm going with ad too.. sucks but I guess it will fix itself overtime.

Trojan-Downloader.JS.Expack.sn.

All 91 times when I rebooted and checked anti-virus log.

Since coming to the Project 1999 forums, my anti-virus has treated the same Trojan 23 times, all in under 60 seconds.

East Commonlands forum has been hacked, folks. I get pushed to a random assortment of phising and malware sites every time I go to it.

Exported my log into a file for the 1 threat found, this is as follows:

Infection;"Object";"Result";"Detection time";"Object Type";"Process"
Virus found Script/Exploit.Kit;"freetoysforall.info/promotions/";"Object was blocked";"18/06/2012, 17:24:20";"file";"C:\Users\Russell\AppData\Local\Google\Chrome\Appli cation\chrome.exe"

rofl

whenever i load a new page anywhere on this domain, avast blocks a trojan horse and pops up to tell me.

http://brilliantriches.com/


getting sent there and other sites

whenever i load a new page anywhere on this domain, avast blocks a trojan horse and pops up to tell me.

Lol same here just hitting "QUOTE"

Peace,

The script, when not successfully blocked, sends you to go to a search.advertisement intermediary before going to any number of sites.

AVG is a virus in it self.

I am being redirected to foreign sites as well... running a virus scan atm bc of it

malwarebytes not picking up anything

Every time I go to a P99 site Im getting a Malware Blocked msg from my AVS.... something new and fishy for sure

Its that porn you have all been downloading !

Something is injecting a redirect from an iframe that's been injected in to the page... probably by that scam antivirus ad. Not going to paste the link here because people will click on it. Search ad content using firebug for "runforestrun" to track it down.

Probably some douchebag who is spitting his dummy out over something thats happened to him here. Who knows.

Harrison/Cast must have the day off

I accidentally posted another thread about this but i wanna make sure people see this so ill post again here. Other thread can be deleted.

So i came to the p1999 web site today and my anti virus alerts me as soon as i load the site.---My guess is its in one of those Diablo 3 banners---. Anyway every time i load forum or refresh the site my anti virus alerts me and blocks it. Careful folks.

Infection is showing Java:Blackcole-A Trojan

Man I am getting sick of the bullshit of the internet these days.

P.S
I recently found out this is how Korean/Chinese gold farmers hack people's game accounts. Certain people hack many forums gathering as many forum user name and passwords as they can and then sell those as a package to whomever will buy. The buyer (usually gold farmers/game hacks/the dicks that do this shit) then takes those user names and passwords numbering in the thousands and uses them on many different games/paypal accounts and whatever else until they find ones that works. So let this be a warning to those that like to use same username and PW for all there different kind of accounts. Do not do it as you will eventually get hacked most likely.

I heard this straight from a chinese gold farmer and this does happen and it happens on large scale. So beware.

I have no issues whatsoever with AdBlock running so yeah, it's a banner. Or 2, or 3. My suggestion to people is, even if it's only until they get this resolved, install and load up AdBlock.

I have no issues whatsoever with AdBlock

I had the same issue with my browser being hijacked earlier..i use firefox with adblock plus, its not doing it anymore but adblock didnt protect me earlier. ESET didnt register anything either.

anyway it seems to have stopped.

here of some screenshots of it happening to me. This is the third time i've tried to type this message

Damn this sucks... really weird

Mine kept sending me to BET and a Weight loss website. They think I am a fat black person or something...

this thread to

and news only gives you 3 seconds to view or post anything , the website has been hacked devs ...

Hey guys, just thought I'd update the thread and let you all know I was a 1 millionth customer and I won a free iPad 3. Also I recieved some shopping vouchers worth 100,000 through the post & not too long after that I learned how I can work from home and make REAL money REAL fast. Lol.

Try either the Microsoft Antimalware tool, Malwarebytes, or Kaspersky to get rid of it if it's already infected you.

Its definitely p1999. My avast av is blocking it just fine, but when I disable it I get a top of pop-ups and redirects from this website. Something screwy with the ads.

I have adblock on Chrome and on a couple of threads my page would just keep refreshing. Eventually AVG warned me that Chrome was using too much memory and suggested I restart. My "Back Button History" was also massively long.

happening to me as well...will link some sites assuming I can get this message typed...yay.

edit:

seems to have stopped as of about 3 minutes ago.
2nd edit: doing it again

http://newsarea.biz/?id=3200

I have adblock, but it's Avast that's popping up and telling me it blocked a trojan every time I click something.

k, step 1 for this is to isolate where it is coming from. So, trial and error. I've disabled the ads on the forums. From this point forward please let me know if anyone gets a warning that the page was blocked due to malware.

Please do not report if you received this error or anything that you may have got from browsing the forums earlier than the time/date on this post.

Was most likely some infected adsense ads, but we'll see.

I'm still getting it on every page. Even when i just hit refresh inside this thread.

I also getting it when going to the main homepage.

I am getting redirects after loading pages on this forum.
Random ad pages.

-Brimacombe

I'd like to state that I haven't had any issues, not even warnings. So it isn't affecting everyone. I've run a few scanners to check and I have literally been on and off this forum for the last 12 hours.

Fixed. Found the issue. After removing it I found this about it:
https://www.vbulletin.com/forum/showthread.php/380885-vBulletin-Security-Patch-for-4.X-and-3.X

Anyways, I just completely removed that whole component, not sure why it's there anyways.

Putting the adsense back.

Thanks for letting us know it's been fixed. Muchly appreciated for the effort and time you put in I can now browse the forums properly again *cool face*

Still getting.
http://i.imgur.com/A3zMW.png

still got 2 blackcole a trojan warnings from avira. havent been on p99 forums since some days . so its def still on

Hmmm mine seems to have cleared now. This doesn't make sense how only some of the people are affected on forums.

Hmmm mine seems to have cleared now. This doesn't make sense how only some of the people are affected on forums.

Why doesn't it make sense? It is hijacking your browser with redirects, just like a lot of porn sites do. Certain browser security settings or addons will make unnoticeable, while people with lower settings will get hit. Some anti-virus software will flag it, some won't. On my phone using opera it doesn't happen. At home with my Avast shields up I don't see it. When I disable Avast to play games I get redirected off the site constantly.

The thing with these attacks is don't click any links just close the browser. If you click links on the redirects you take the chance of installilng a trojan or other malicious software Just close the browser window and fix your security.

I dont know if this is related, but I was with a prostitute last night who ssaid she had relly bad razor burn, but it looked and tasted like herpes. Should I run a scan on my laptop?

still getting redirected too

k I removed that lightbox.js file. How is it now.

Just now :(

http://i1252.photobucket.com/albums/hh564/swishswish/trojan.jpg

http://www.rogean.com/images/fu.png

I just noticed a message keeps popping up "An add-on for this website has failed to run" constantly. Just p1999, no other websites.

Doesn't happen anymore.

Why doesn't it make sense? It is hijacking your browser with redirects, just like a lot of porn sites do. Certain browser security settings or addons will make unnoticeable, while people with lower settings will get hit. Some anti-virus software will flag it, some won't. On my phone using opera it doesn't happen. At home with my Avast shields up I don't see it. When I disable Avast to play games I get redirected off the site constantly.

The thing with these attacks is don't click any links just close the browser. If you click links on the redirects you take the chance of installilng a trojan or other malicious software Just close the browser window and fix your security.

Doesn't make sense because I haven't installed any new virus / malware / pop-up blocker and I don't get redirected away anymore yet others do. Not changed a single thing since it first started occuring.

Ok how about now.. I restored some of the javascript files. Not sure how they got modified but they had been.

Nothing flagging up anymore (for me at least), closed the browser and restarted to be sure.

Seems fixed.
I was about to post screenshots of my antivirus report. And yes, it showed as a JS trojan like virus.

Still happening.. http://www.project1999.org/forums/clientscript/vbulletin_global.js?v=385 is infected with 'Trojan-Downloader.JS.Expack.sn'. From Kaspersky AV.

I am no longer getting it.

Still happening.. http://www.project1999.org/forums/clientscript/vbulletin_global.js?v=385 is infected with 'Trojan-Downloader.JS.Expack.sn'. From Kaspersky AV.

You might have been loading a cached version.