Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

servedby.flashtalking.com?


  • Please log in to reply
23 replies to this topic

#1 James225913

James225913

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:50 PM

Posted 26 November 2013 - 06:09 PM

 I keep getting a pop up saying ''the page at h t t p://servedbyflashtalking.com/ says: undefined. Anyone know how to get rid of this virus? :( Thanks.

Edit: Deleted the duplicate post in the Malware Removal forum as no Malware Logs were included in the topic nor was the prep guide followed. ~ Animal

Add to that with the volume of logs Bleeping Computer receives there is a wait time of possibly a few days. ~ Animal

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,212 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:50 PM

Posted 26 November 2013 - 09:11 PM

Which browser is doing this?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 suppleberry

suppleberry

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 27 November 2013 - 05:14 AM

I'm having exactly the same problem. It happens to me when using firefox. Judging by the number of page views of this topic in just a short time it seems this is happening to quite a few people.

 

Edited to add - I seem to be able to use internet explorer with no problems.


Edited by suppleberry, 27 November 2013 - 07:15 AM.


#4 cazworth

cazworth

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 27 November 2013 - 05:56 AM

I got this too! Found this page whilst looking for someinfo on what it is.. i got a pop up yesterday whilst searching on ebay in google chrome. I wasn't able to close the pop up or navigate away from the page so shut down my computer. I ran a norton scan and malwarebytes scan and both came up clear



#5 buddy215

buddy215

  • Moderator
  • 13,132 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:50 PM

Posted 27 November 2013 - 07:27 AM

Sucuri Research has black listed that domain for distributing malware.

 

Suggest cleaning up temporary files, logs, etc. using Ccleaner. CCleaner - PC Optimization and Cleaning - Free Download

Be sure to UNcheck offer of any toolbars or whatever while installing Ccleaner. Best not to use the Registry Cleaner Tool as it may cause other problems.

 

Block third party aka Ad/ Tracking cookies...Disable third-party cookies in IE, Firefox, and Google Chrome | How To - CNET

Once you have blocked those cookies from installing, you will need to remove the ones presently installed. Use the free SUPERAntiSpyware.com - AntiAdware, AntiSpyware, AntiMalware!

to remove them. Allow SAS to remove/ quarantine whatever it finds.

 

Install the NoScript add-on and Adblock Plus Add-on in Firefox. NoScript will prevent getting infected by malware by just visiting a site and other types of malware.

Adblock Plus can be used in Chrome, too.

Adblock Plus :: Add-ons for Firefox

NoScript Security Suite :: Add-ons for Firefox

 

Use the programs below for finding and removing adware.

AdwCleaner Download

Junkware Removal Tool Download


Edited by buddy215, 27 November 2013 - 10:38 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 buddy215

buddy215

  • Moderator
  • 13,132 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:50 PM

Posted 27 November 2013 - 08:31 AM

Due to so many looking at this topic....3800+....I suspect the cause may be a legit ad purveyor has been hijacked or sold space unintentionally

to a criminal. That has happened before. One Mac user has reported the same problem at this site as the Windows users are reporting, too.

 

It may also be an exploit of one of the frequently exploited programs Java (not Java script), Adobe products such as Reader and Flash, browsers

and Windows OS. Users reading this should check that those programs have the most recent updates.

 

It would help others to report if the solutions I provided above have removed the popup and if one or more of the scanners have identified the cause.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 Dan_Freeman

Dan_Freeman

    Authorized Flashtalking Rep


  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:50 PM

Posted 27 November 2013 - 09:30 AM

Hi Everyone

 

I am CTO of Flashtalking. 

 

This is not a virus or malware or in anyway harmful - it is a simply mistake by a junior JavaScript developer who left a JavaScript debugging message in a live creative, the message just showed the value of a JavaScript variable, nothing in any way malicious.

 

The issue is now resolved, if you clear your cache and are still having the issue please email me direct dan at flashtalking.com and I will have your issue looked into.

 

On behalf of the junior developer i would like to apologize to all of you for any inconvenience caused. We have taken steps to ensure this will not happen again.

 

Thank and sorry again.

 

Dan

 

 



#8 bwg100

bwg100

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:50 PM

Posted 27 November 2013 - 09:56 AM

Hi Everyone

 

I am CTO of Flashtalking. 

 

This is not a virus or malware or in anyway harmful - it is a simply mistake by a junior JavaScript developer who left a JavaScript debugging message in a live creative, the message just showed the value of a JavaScript variable, nothing in any way malicious.

 

The issue is now resolved, if you clear your cache and are still having the issue please email me direct dan at flashtalking.com and I will have your issue looked into.

 

On behalf of the junior developer i would like to apologize to all of you for any inconvenience caused. We have taken steps to ensure this will not happen again.

 

Thank and sorry again.

 

Dan

 

 

 

Could this be cached on some ad servers still? I've seen the pop up today, I think after starting with a clear cache etc.



#9 buddy215

buddy215

  • Moderator
  • 13,132 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:50 PM

Posted 27 November 2013 - 10:23 AM

bwg100....Use Ccleaner and install NoScript and Adblock Plus (unless you are using IE) as mentioned in my first post. If Dan_Freeman is for real...then doing that should solve the problem.

Flash stores cookies and other things, too. Ccleaner will remove that. Just use the default settings.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 Adam_Flashtalking

Adam_Flashtalking

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 27 November 2013 - 10:26 AM

 

Hi Everyone

 

I am CTO of Flashtalking. 

 

This is not a virus or malware or in anyway harmful - it is a simply mistake by a junior JavaScript developer who left a JavaScript debugging message in a live creative, the message just showed the value of a JavaScript variable, nothing in any way malicious.

 

The issue is now resolved, if you clear your cache and are still having the issue please email me direct dan at flashtalking.com and I will have your issue looked into.

 

On behalf of the junior developer i would like to apologize to all of you for any inconvenience caused. We have taken steps to ensure this will not happen again.

 

Thank and sorry again.

 

Dan

 

 

 

Could this be cached on some ad servers still? I've seen the pop up today, I think after starting with a clear cache etc.

 

 

 

 

I also work for Flashtalking and wanted to reply on Dan's behalf. We refreshed the CDN content some time ago so it shouldn't still be cached, however it is still a possibility. 

 

Please can you keep clearing your cache for now and let me know if you continue to experience issues and I'll be happy to look into it for you.

 

Note you can find out more about Flashtalking at http://flashtalking.com.

 

Thanks for your patience.

 

Adam



#11 Dan_Freeman

Dan_Freeman

    Authorized Flashtalking Rep


  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:50 PM

Posted 27 November 2013 - 10:36 AM

Hi bwg100.

 

This issue was resolved around 2pm GMT and the files have all been flushed from Akamai so there should be no server caching. If your browser cache is clear the JavaScript debugging message should not appear.

 

There should be no need for any further action such as installing any cleaner programs. To reiterate again, this was simply a single line of debugging JavaScript left in a template JavaScript file by accident by a junior developer. It is not possible for a JavaScript debugging message to do anything malicious.

 

If you are still seeing any issues please provide the page URL and we will gladdy check it out for you.

 

Apologies again for any inconvenience.

 

Thanks

Dan

 

 

 

 

 



#12 buddy215

buddy215

  • Moderator
  • 13,132 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:50 PM

Posted 27 November 2013 - 10:43 AM

Perhaps one of the Reps for flashtalking would like to comment on the black listing here: Sucuri Research

 

Details for the domain servedby.flashtalking.com

URLs and sub domains distributing the malware or acting as a redirector:

http://servedby.flashtalking.com/container/2249;9850;1226;iframe/?spotName=Home_Page http://servedby.flashtalking.com/container/2249;9851;1226;iframe/?spotName=Product_Pages_Total_Security http://servedby.flashtalking.com/container/2249;9854;1226;iframe/?spotName=Product_Comparison_Page


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#13 Dan_Freeman

Dan_Freeman

    Authorized Flashtalking Rep


  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:50 PM

Posted 27 November 2013 - 10:55 AM

Hi Buddy215

 

Thanks for the link.

 

I have contacted Sucuri Research and asked them to remove this erroneous malware listing.

 

The URLs above are simple iFrame site analytics links. Again there is nothing possibly malicious here.

 

Please let me know if there is anything else I can do to help or reassure you.

 

Dan



#14 James225913

James225913
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:50 PM

Posted 27 November 2013 - 11:42 AM

Hi, Dan,

 

I don't suppose you or the person that made this mistake would like to reimburse me for the £30 I've paid to have my computer spend all morning being cleaned out by a virus removal guy?



#15 Adam_Flashtalking

Adam_Flashtalking

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:50 PM

Posted 27 November 2013 - 12:15 PM

Hi, Dan,

 

I don't suppose you or the person that made this mistake would like to reimburse me for the £30 I've paid to have my computer spend all morning being cleaned out by a virus removal guy?

 

Hi James225913,

Thanks for your message. We're looking into this for you at the moment. In the meantime please can you send full details and the receipt to me by email - adam.williams [at] flashtalking.com. 

 

Many thanks,

 

Adam - Flashtalking






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users