Bad Movie Logo
"A website to the detriment of good film"
Custom Search
HOMEB-MOVIE REVIEWSREADER REVIEWSFORUMINTERVIEWSUPDATESABOUT
Welcome, Guest. Please login or register.
Did you miss your activation email?
September 19, 2014, 05:12:53 AM
533727 Posts in 40377 Topics by 5062 Members
Latest Member: JoshuaKt
Badmovies.org Forum  |  Trouble Tickets  |  Trouble Tickets  |  HACKER ALERT! « previous next »
Pages: [1] 2
Author Topic: HACKER ALERT!  (Read 5770 times)
RCMerchant
Bela
B-Movie Kraken
*****

Karma: 0
Posts: 10816


"Charlie,we're in HELL!"-"yeah,ain't it groovy?!"


WWW
« on: April 24, 2007, 05:20:36 PM »

WHOAH! SOMENE IS HACKING US! THE UNDERLINED WORDS ARE HIDING ADS!
Logged

\"Supernatural?...perhaps. Baloney?...Perhaps not!\" Bela Lugosi-the BLACK CAT (1934)


Interviewer-"Does Dracula ever end for you?"
Lugosi-"No. Dracula-never ends."





http://www.tumblr.com/dashboard
http://www.tumblr.com/dashboard
http://rcmerchant.tumblr.com/
Andrew
Administrator
Frightening Fanatic of Horrible Cinema
****

Karma: 0
Posts: 8426


I know where my towel is.


WWW
« Reply #1 on: April 24, 2007, 05:34:59 PM »

Did you actually see something or was this a joke?

I ask, as there is a new ad network running and they do run "contexual ads" which would look like you seem to be describing.  However, contexual ads are not selected and should not be appearing.
Logged

Andrew Borntreger
Badmovies.org
Doc Daneeka
Tako Luka tuna fever!
Frightening Fanatic of Horrible Cinema
****

Karma: 160
Posts: 1814


I want to eat a tuna!


WWW
« Reply #2 on: April 24, 2007, 05:37:32 PM »

If they are, this should be in trouble tickets (just checking Smile)
Logged

Get out da' waaaaaaaayyy, octopus comin' through!
RCMerchant
Bela
B-Movie Kraken
*****

Karma: 0
Posts: 10816


"Charlie,we're in HELL!"-"yeah,ain't it groovy?!"


WWW
« Reply #3 on: April 24, 2007, 05:40:16 PM »

 No joke. In the "Hottest actress" thread,many of the underlined words...including the "boo" in my post,when clicked on had an ad hidden in it,which poped up,as well in a few hidden under some the the other posters acress choices. Also,the"leet' thing (now gone) that replaced my post number...and a number of other odd flashes. No, I'm not drinking or seeing things...and I'm defintly not goofing! I'm just worried that a hacker is loose.

Sorry I didn't put it "Trouble tickets" I just wanted to alert everybody fast.
Logged

\"Supernatural?...perhaps. Baloney?...Perhaps not!\" Bela Lugosi-the BLACK CAT (1934)


Interviewer-"Does Dracula ever end for you?"
Lugosi-"No. Dracula-never ends."





http://www.tumblr.com/dashboard
http://www.tumblr.com/dashboard
http://rcmerchant.tumblr.com/
Doc Daneeka
Tako Luka tuna fever!
Frightening Fanatic of Horrible Cinema
****

Karma: 160
Posts: 1814


I want to eat a tuna!


WWW
« Reply #4 on: April 24, 2007, 05:42:11 PM »

Not happening for me, but I have Internet Explorer, do you have anything different?
Logged

Get out da' waaaaaaaayyy, octopus comin' through!
Andrew
Administrator
Frightening Fanatic of Horrible Cinema
****

Karma: 0
Posts: 8426


I know where my towel is.


WWW
« Reply #5 on: April 24, 2007, 05:43:10 PM »

I was just able to replicate this.  It is the new advertiser for some reason.  I will check to see what is going on.  Their contexual ads should not be turned on - only the regular banner ads.
Logged

Andrew Borntreger
Badmovies.org
RCMerchant
Bela
B-Movie Kraken
*****

Karma: 0
Posts: 10816


"Charlie,we're in HELL!"-"yeah,ain't it groovy?!"


WWW
« Reply #6 on: April 24, 2007, 05:45:29 PM »

They arn't there any more...geez,I feel like the shmuck who see's  aghost,and it disappears before anyone else see's it.
Logged

\"Supernatural?...perhaps. Baloney?...Perhaps not!\" Bela Lugosi-the BLACK CAT (1934)


Interviewer-"Does Dracula ever end for you?"
Lugosi-"No. Dracula-never ends."





http://www.tumblr.com/dashboard
http://www.tumblr.com/dashboard
http://rcmerchant.tumblr.com/
JaseSF
Super Space Age Freaky Geek
B-Movie Kraken
*****

Karma: 623
Posts: 12663


Soon, your brain will turn to jelly.


« Reply #7 on: April 24, 2007, 05:50:35 PM »

I saw them too.
Logged

"This above all: To thine own self be true!"



R.I.P. Geoffrey William Stirling
Menard
Guest
« Reply #8 on: April 24, 2007, 06:02:38 PM »

I don't know if this is related, but I got hit with spyware when I last entered the forum. My browser locked up and attempts were made to install something. There was some ad banner about some games site at the time, if that offers any help.

I presently have a dll (gebcdbc.dll) that keeps trying to add itself as a browser helper, and it is really annoying trying to keep it at bay. If I can get it with a scanner, I'll have to go into safe mode to delete the file and try to edit the registry.


EDIT: The banner is something about playing 400 games, but I don't know if the advertiser has anything to do with the spyware as that was the thing I saw before.

This is the url for the banner: http://click.linksynergy.com/fs-bin/click?id=OgxcJ07Gfq0&offerid=94521.10000060&type=4&subid=0
« Last Edit: April 24, 2007, 06:06:37 PM by Menard » Logged
Andrew
Administrator
Frightening Fanatic of Horrible Cinema
****

Karma: 0
Posts: 8426


I know where my towel is.


WWW
« Reply #9 on: April 24, 2007, 06:16:01 PM »

Okay, it appears that the "contextual" ads (the ones that RCMerchant and Jase described) are now turned off.

Menard, I am searching to see if I can find that banner, but I do not know of a way to check through all the ads from Google and Clicksor (the new advertiser).  As it is, I am trying to replicate what you experienced.  Only two ads run on the forum, the top and the bottom banners.
Logged

Andrew Borntreger
Badmovies.org
Menard
Guest
« Reply #10 on: April 24, 2007, 08:04:32 PM »

Well, the regedit and safe mode did not work. This dll is running even in safe mode and Windows won't allow it to be removed. I have programs like Windows Explorer trying to access the internet which should not be behaving in that manner. I am going to try to find some of my Linux distros and see if I can delete the file through Linux running as a non-resident OS.

When I ran the scanner, it did find a toolbar called Smitfraud (that was not misspelled).

My main concern is that apparently this dll is not alone as it is still apparently writing itself to the registry, so there must be another file associated with it.

When I got onto the forum, I was introduced to a program called pre.chm which was trying to download to my computer; something was downloading though, but my download manager should have stopped the chm file, not that I can quite fiqure why a help file is trying to download.

About every minute or two, this dll keeps trying to add itself to the browser, so it is incredibly annoying (as I am constantly having to deny permission), and it is making it a slow process to write this post.
Logged
Andrew
Administrator
Frightening Fanatic of Horrible Cinema
****

Karma: 0
Posts: 8426


I know where my towel is.


WWW
« Reply #11 on: April 24, 2007, 08:13:39 PM »

I have tried to replicate this due to the forum doing something, but cannot.  I have done a compare with the files on the server and my local version and everything looks kosher.   I have also checked the output from numerous pages and not found any rogue code, so I am at a loss if you believe it came from here. 

Is it possible that it came from somewhere else and only managed to start its active infection around the time you came on the forum?

I found some info on Smitfraud for you:

http://en.wikipedia.org/wiki/Spyware_Quake

http://www.anti-spyware-101.com/remove-smitfraud/
Logged

Andrew Borntreger
Badmovies.org
Menard
Guest
« Reply #12 on: April 24, 2007, 08:20:27 PM »

Is it possible that it came from somewhere else and only managed to start its active infection around the time you came on the forum?

The spyware did not start to download till I entered the forum, but it is entirely possible that it could have been seeded on another site to be triggered when I went to another site, such as the forum. I don't know how this could have been done, but I do know such scripting is possible. I was getting warnings as well that an activex control was trying to access my system, but evereything was locking up so I couldn't do much about it.
Logged
Menard
Guest
« Reply #13 on: April 24, 2007, 08:24:32 PM »



Are you familiar with this site enough to trust using the smitfraud removal tool they are offering?
Logged
Andrew
Administrator
Frightening Fanatic of Horrible Cinema
****

Karma: 0
Posts: 8426


I know where my towel is.


WWW
« Reply #14 on: April 24, 2007, 08:35:55 PM »



Are you familiar with this site enough to trust using the smitfraud removal tool they are offering?


I cannot say that I am, though I found several references to the removal tool by S!Ri on the web:

http://www.tech-forums.net/pc/f51/smitfraudfix-site-139176/
http://www.lavasoftsupport.com/lofiversion/index.php/t4337.html
http://siri.geekstogo.com/SmitfraudFix.php
http://www.bleepingcomputer.com/files/smitfraudfix.php
http://www.castlecops.com/t187055-smitfraudfix.html
Logged

Andrew Borntreger
Badmovies.org
Pages: [1] 2
Badmovies.org Forum  |  Trouble Tickets  |  Trouble Tickets  |  HACKER ALERT! « previous next »
    Jump to:  


    RSS Feed Subscribe Subscribe by RSS
    Email Subscribe Subscribe by Email


    Popular Articles
    How To Find A Bad Movie

    The Champions of Justice

    Plan 9 from Outer Space

    Manos, The Hands of Fate

    Podcast: Todd the Convenience Store Clerk

    Faster, Pussycat! Kill! Kill!

    Dragonball: The Magic Begins

    Cool As Ice

    The Educational Archives: Driver's Ed

    Godzilla vs. Monster Zero

    Do you have a zombie plan?

    FROM THE BADMOVIES.ORG ARCHIVES
    ImageThe Giant Claw - Slime drop

    Earth is visited by a GIANT ANTIMATTER SPACE BUZZARD! Gawk at the amazingly bad bird puppet, or chuckle over the silly dialog. This is one of the greatest b-movies ever made.

    Lesson Learned:
    • Osmosis: os·mo·sis (oz-mo'sis, os-) n., 1. When a bird eats something.

    Subscribe to Badmovies.org and get updates by email:

    HOME B-Movie Reviews Reader Reviews Forum Interviews TV Shows Advertising Information Sideshows Links Contact

    Badmovies.org is owned and operated by Andrew Borntreger. All original content is © 1998 - 2014 by its respective author(s). Image, video, and audio files are used in accordance with the Fair Use Law, and are property of the film copyright holders. You may freely link to any page (.html or .php) on this website, but reproduction in any other form must be authorized by the copyright holder.