Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Threat Has Been Detected


  • Please log in to reply
4 replies to this topic

#1 Bob-Tuba

Bob-Tuba

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:09 PM

Posted 02 July 2013 - 01:35 AM

Mod Edit:  Split from  http://www.bleepingcomputer.com/forums/t/499879/infected-with-virus-that-puts-add-links-on-sites-i-visit/#entry3093720 - Hamluis.

 

 

URL: http://ad.adtegrity.net/st?ad_type Process: C:\Program Files (x86)\Google\Chrome\App... Infection: URL:Mal

 

Hi I think I have an infection.  My avast free anti virus keeps giving me pop ups saying as above.  I first noticed the virus on my own blog, when I noticed words had been turned into links that I had not made links of. When hovering on those words, a pop up add would come up.

 

I have windows 7 operating system.

 

I have been through all downloads and not noticed anything sus there, I have no updates to do.  I did try and download a movie a few weeks ago, so I guess that has been what caused it.

 

Silly me.  Please help, from Sharon.

 

I've been getting, "threat has been detected," pop-ups from avast! while playing Mafia Wars at the Facebook website.

Here is the detail:

Infection Details
URL: http://ad.adtegrity.net/st?ad_type
Process: C:\Program Files (x86)\Google\Chrome\App...
Infection: URL:Mal

Infection Details
URL: http://ad.adtegrity.net/st?ad_type
Process: C:\Users\Dad\AppData\Local\Mozilla Firef...
Infection: URL:Mal

Even if Zynga thinks it's okay to partner with a company that wants to put destabilizing malware on our computers, why would Facebook tolerate it?


My Google Chrome, Firefox and Java versions are all up to date.

This is the first time I've come across this.

Any chance that these were false positives?

I can't use Facebook if it's allowing an advertiser to put malware on people's computers, even if it's currently only coming through a Zynga game. A lot of people would react this way. A lot of people use avast! and Chrome and/or Firefox. It would hit the news. Facebook would lose a lot of money.

This is the avast! warning that popped up when I tried to go to adtegrity's website:

Infection Details
URL: http://ad.yieldmanager.com/pixel?id
Process: C:\Users\Dad\AppData\Local\Mozilla Firef...
Infection: URL:Mal

Wouldn't Facebook have policies, procedure and contracts with its business partners to guard against a drive-by download like these?

I have Windows 7 operating system.


Edited by hamluis, 02 July 2013 - 04:09 AM.
PM sent new OP - Hamluis.


BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,768 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:03:09 AM

Posted 02 July 2013 - 06:20 AM

Hi,

while facebook has had many problems with malware lately, this seems to be a false positive from Avast!: http://forum.avast.com/index.php?topic=128772.0

Do you also get the popups on other sites? Yahoo is mentioned a lot.

regards
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 Bob-Tuba

Bob-Tuba
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:09 PM

Posted 02 July 2013 - 03:18 PM

Hi,

while facebook has had many problems with malware lately, this seems to be a false positive from Avast!: http://forum.avast.com/index.php?topic=128772.0

Do you also get the popups on other sites? Yahoo is mentioned a lot.

regards
myrti

Hello myrti,

Thank you for your reply.

The avast! forum thread that your link points to is about avast! warnings about ad.yieldmanager.com, when the user is at yahoo.com.

Our question concerns avast! warnings that it has blocked attempts of ad.adtegrity.net/st?ad_type to download destabilizing malware onto our computers, while we're using Google Chrome (and in my case, Firefox too).

It only happens when I'm using Firefox or Chrome to visit apps.facebook.com/inthemafia/. I hadn't gone to yahoo.com. I don't get the popups on other sites.

By the way, I did an avast! boot scan this morning. I found nothing. Malwarebytes didn't find anything either. I'm not surprised. The avast! warnings stated that avast! had blocked the drive-by download attempts, and kept my computer from crashing.



#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,768 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:03:09 AM

Posted 02 July 2013 - 03:20 PM

Hi,

can you update your Avast and see if the warnings remain?

regards
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 Bob-Tuba

Bob-Tuba
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:09 PM

Posted 02 July 2013 - 04:06 PM

can you update your Avast and see if the warnings remain?

Thanks for your continued interest, myrti.

Avast! updated itself this morning. I'll let you know if I get any more malware blocked messages.

By the way, I Googled avast! AND adtegrity this morning and found someone else reported getting the malicious URL blocked messages too, while browsing another site, and that the URL that is being blocked was ad.adtegrity.net/st?ad_type.

A contributor at that forum opined, "It probably wasn't a false positive. Many ads are known to link to malicious places."

I don't know what your rules are concerning linking to another tech forum.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users