DSF

Ross, I think its time to check your computer for viruses and adware worms

Thanks for checking Paul, this is the last thing I need right now.


Sent from my iPad using Tapatalk

Hi Nik,

Definitely not pulling your leg. Here are three screenshots from the vehicle sign page, but the same happens on others like the mugs page.

I think from memory this forum may load image sin the wrong order, but you'll see from image labelled Greyprint*-0, where the mouse is when the popup happens. With the mouse in that particular spot at the bottom centre, I get 'See More in an orange rectangle and if I wait a second I get a pop up window with your Boots and Sunglasses collection.

Image *-1 shows what I get if I mouse over the popup, in this case on a pair of boots. I get an orange pop up inviting me to visit your store.

Image *-2 shows where a click on Visit Store takes me. Somewhere in Germany I think from memory.
You might have to move the mouse around to get these orange boxes.

This was in Firefox. I haven't tried them in Internet Explorer, because, well, I just don;t have anything with IE on because it is not compatible with Web Standards. On the other hand, I tried it in Chrome and Qupzilla, and it did the same thing in Chrome.

Hi Paul,

Not much chance of viruses or adware here. System is pretty well bullet proof. And I've been working in the computer industry since 1971, so I'm well aware of what can and can't find its way in. At the moment, there is nothing known that can make it through. Including the bash vulnerability.

Cheers,

RossD.

Can't replicate it on Android, so that at least is good. And on the others, the mouse must be in the right position for the orange square to pop up.

Ok, I just had a quick look at your code. Part of the problem is in a bit of advertising script that is supposed to be hidden from browsers, but obviously is not hidden from some. The code seems to be designed to provide advertising 'credits' on a pay per click basis for some mobs called CubeCart and Superfish ( a visual search engine) and is definitely written INTO your code.

I'll but some %%%%%%%%%%% before and after some of the relevant bits. I haven't checked ALL your code, only the bits that stand out like round things on the back ends of dogs.

*****************************************************************************







































%%%%%%%%%%%%%%%%%%











%%%%%%%%%%%%%%%%%




********************

Can't replicate it on Android, so that at least is good. And on the others, the mouse must be in the right position for the orange square to pop up.

Ok, I just had a quick look at your code. Part of the problem is in a bit of advertising script that is supposed to be hidden from browsers, but obviously is not hidden from some. The code seems to be designed to provide advertising 'credits' on a pay per click basis for some mobs called CubeCart and Superfish ( a visual search engine) and is definitely written INTO your code.

NOTE...

As shown in the next few posts by some observant members, the problem isn't 'in' Nik's code.
The problem is is a little piece of Javascript 'injected' into the web page by a browser add on, extension or tool (depends what a browser calls it). Specifically by these tools in Chrome or Firefox.

In this case it was a browser add on that allows downloading YouTube videos for playing later.

Ok, stupid forum program won;t let me post code.
Actually - this is a rather clever 'protective' function of the Forum Software !!!!

I'll take a screen shot of some of the code.

Sounds like rossdv8 has a variant of the superfish supershopping malware. This is usually found within some add on/plug-in in chrome and firefox under the guise of things like, read later fast, instagram, urban dictionary, candy crush extension, cargo bridge, solitaire, tetris, stumble upon and the like. Try to disable all extensions then test the site re enabling each on to find the culprit. Also Open your chrome extensions directory (in Windows: C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions), and search for “superfish” there. When its found in one extension, look up the long character pathname right under the “Extensions” directory (its “ID”) in the browser under Extensions. Remove that extension.
For Firefox do the same and scan with a malware program (malwarebytes will not detect it) I use adwcleaner which finds most things. However disable your antivirus before running it as it sometimes thinks that is malware.
Using add and remove programs scroll through the list of currently installed programs and uninstall Shopping Suggestions, LyricsViewer, LyricXeeker, Plus-HD 1.3, LyricsGet, BetterSurf, Downloadkepper, SurfEnchance, Feven 1.7, LyricsWoofer, LyricsFan, SimpleLyrics and any other recently installed or unknown programs from your computer.

I have checked the webpage code and find none of the code in your attachment apart from the cubecart start line which will do nothing at all.
However careful and experienced you are you are always vulnerable. Free software usually comes at a price and in this case the price is hours of uninstallation.

More comprehensive instructions are here. But I find adwcleaner works on it's own in most cases.

rossdv8;95524 wrote:Hi Paul,

Not much chance of viruses or adware here. System is pretty well bullet proof. And I've been working in the computer industry since 1971, so I'm well aware of what can and can't find its way in. At the moment, there is nothing known that can make it through. Including the bash vulnerability.

Cheers,

RossD.

Dear Ross
I have seen this before many times and i can tell you that _ Listen What Dave said. you have some crap installed in your system that load adverts in every opportunity.

Time to update knowledge in this industry as plenty has changed from 1971 my friend and stop blindly believe that there is no viruses or other worm for your system

Sorry for sounding blant

The clue is in the pop-up: "FVD down loader product search". I, and many others, had the same problem with this.

You can read about it in the CNET reviews here: http://download.cnet.com/FVD-Downloader ... 27988.html So much junk gets installed with these free programs.

Nik's website is innocent of all charges!

Ray