I frequent a large vBulletin based forum. They are having problems with google ads redirecting users to malware sites. It has been two months and they have not been able to prevent this. They are asking for as much information as users can give them when it occurs to fix the problem. The only thing I can see is the URL that was blocked. The IE browser has the blocked URL and a diagnose connection button. It there anymore information Avast free edition provides that may be useful to the owners of this board? If so where can I find it. Thanks in advance
I frequent a large vBulletin based forum.what is the URL?
http://www.plantedtank.net/forums/
It is a random occurence that can’t be reproduced each time which is why they have had problems. It is related to the google doubleclick ads. They turned it off while users are logged in and it won’t happen. So it is surely related to this.
Thanks for the relpy
have notified somone that may be able to give some info… check back later
Thank you VERY much!
Might be an issue with static.verticalscope.com/h.js being unresponsive.
Do users with adblocking installed also experience these unresponsive sctipt delays of up to 5 minutes?
URLs that redirect found in: htxp://www.plantedtank.net/forums/
1: htxp://b.scorecardresearch.com/p?c1=2&c2=6036030&c4=plantedtank.net&cv=2.0&cj=1 → htxp://b.scorecardresearch.com/p2?c1=2&c2=6036030&c4=plantedtank.net&cv=2.0&cj=1
2: htxp://ads.verticalscope.com/www/delivery/avw.php?zoneid=671&cb=INSERT_RANDOM_NUMBER_HERE&n=af4efb13 → htxp://ads.verticalscope.com/www/images/cf68769ed421340b10e0033fe6a4b636.jpg
Attacks could be performed via open ftp vsftpd 2.0.8 or earlier … older versions of SNMP are vulnerable to attack since they use the strings public and private for logins,
polonus
Ad blocking and tracking protection prevent this issue. As far as I know they only disabled google double click ads for logged in users (no problems while logged in). Verticalscope ads still run without this redirection occuring. I personally have not seen unresponsive script delays. The only thing I experiance is a near immediate redirect and block from Avast. The administration seems to be at their wits end and asking users for any information since they can’t reproduce the problem. The thread discussing it is http://www.plantedtank.net/forums/showthread.php?t=299514 although one must be logged in to view it even though the site is free. Just trying to provide as much information as I can to help.