Hello There, Guest!
View New Posts  |  View Today's Posts
reboot.pro infected?

  • 0 Vote(s) - 0 Average


10-12-2013, 08:30 AM #11
Nuno Brito
Team Reboot
Team Reboot
Posts: 351 Threads:13 Joined: Aug 2011 Reputation: 10

RE: reboot.pro infected?
Hi my friends. Yes, Ady has already talked with me but this is something that I'm unable to figure out as well.

I'd just avoid the title of "reboot.pro infected" because this is the kind of thing that many folks would use to say that everything hosted on reboot is infected. My impression is that google might be working with a sleazy advertisements publisher that geo-targeting the profile of Ady (ip address, browser type, etc).

Let's see.
Want to help TLF? Place tech.reboot.pro on your signature around the web. Let's help TLF grow! :)

10-12-2013, 01:52 PM #12
AceInfinity
Developer
*******
Administrators
Posts: 9,733 Threads:1,026 Joined: Jun 2011 Reputation: 76

RE: reboot.pro infected?
Quote:My impression is that google might be working with a sleazy advertisements publisher that geo-targeting the profile of Ady (ip address, browser type, etc).

Could be, but as for the "reboot.pro infected" title, I would agree. Most don't understand that it may not be the site, but an advertisement or hosted image even.


Microsoft MVP .NET Programming - (2012 - Present)
®Crestron DMC-T Certified Automation Programmer

Development Site: aceinfinity.net

 ▲
 ▲ ▲

10-13-2013, 08:34 AM #13
Adys
Junior Member
**
Posts: 13 Threads:1 Joined: Oct 2013 Reputation: 0

RE: reboot.pro infected?
Well, let's assume, just for a moment and for this matter, that "I" am being targeted. I would guess that it is not something "personal". It just happens (under this assumptions) that I match their criteria.

But I would also like to assume that reboot.pro doesn't want to be "used and abused" for this kind of targeting. I can only hope this last assumption is correct.

Regarding the title of this topic, please don't skip the question mark I included :). Anyone reading the topic - even partially - understands that we don't really know the source of the issue, but that it is only happening when I visit reboot.pro under certain specific circumstances. Please feel free to suggest a better, more accurate title that would succinctly describe the initial situation.

I hope there is some way to identify the source of the problem and correct it / avoid it. Even _if_ *I* could live with it, eventually this will make some bad "PR" if it is not resolved, specially among those "targeted users", but not just with them. This is independent of reboot.pro itself not being the origin of this abuse / malpractice. Today some group is targeted by abusing visitors of reboot.pro; tomorrow is about some other group of visitors of reboot.pro;... You get the point(s).

TIA,
Ady.

10-13-2013, 12:40 PM #14
AceInfinity
Developer
*******
Administrators
Posts: 9,733 Threads:1,026 Joined: Jun 2011 Reputation: 76

RE: reboot.pro infected?
(10-13-2013, 08:34 AM)Adys Wrote:  Well, let's assume, just for a moment and for this matter, that "I" am being targeted. I would guess that it is not something "personal". It just happens (under this assumptions) that I match their criteria.

But I would also like to assume that reboot.pro doesn't want to be "used and abused" for this kind of targeting. I can only hope this last assumption is correct.

Regarding the title of this topic, please don't skip the question mark I included :). Anyone reading the topic - even partially - understands that we don't really know the source of the issue, but that it is only happening when I visit reboot.pro under certain specific circumstances. Please feel free to suggest a better, more accurate title that would succinctly describe the initial situation.

I hope there is some way to identify the source of the problem and correct it / avoid it. Even _if_ *I* could live with it, eventually this will make some bad "PR" if it is not resolved, specially among those "targeted users", but not just with them. This is independent of reboot.pro itself not being the origin of this abuse / malpractice. Today some group is targeted by abusing visitors of reboot.pro; tomorrow is about some other group of visitors of reboot.pro;... You get the point(s).

TIA,
Ady.

You raise some good points, but if this is a Google ads issue, then there's not much that could be done about it (immediately anyways). Who knows how long it would take Google to see our issue, respond to it, and find the source on their end.

This is not to say that we're not going to attempt to figure out a solution. I just wouldn't know where to start, because I've not been able to reproduce this issue myself.

cheers
This post was last modified: 10-13-2013, 12:42 PM by AceInfinity.


Microsoft MVP .NET Programming - (2012 - Present)
®Crestron DMC-T Certified Automation Programmer

Development Site: aceinfinity.net

 ▲
 ▲ ▲

10-14-2013, 06:29 AM #15
Adys
Junior Member
**
Posts: 13 Threads:1 Joined: Oct 2013 Reputation: 0

RE: reboot.pro infected?
Is there any simple way for me to log all connection attempts when opening reboot.pro? (Perhaps with some "portable" light tool? From Nirsoft.net or alike?) Would such info help, either to replicate the behavior (by others) or to report it to "Google ads" or "something"?)

If the warning is only triggered under certain version of certain browser, or under certain OS, or when reaching reboot.pro from certain range if IP's (or whatever conditions are required), is there a way for a user to "fool" those parameters? Then, if the behavior changes, we would be able to narrow down the trigger conditions (and report them).

TIA,
Ady.

10-14-2013, 04:01 PM #16
AceInfinity
Developer
*******
Administrators
Posts: 9,733 Threads:1,026 Joined: Jun 2011 Reputation: 76

RE: reboot.pro infected?
Yes, try WireShark. Perhaps one of the best tools I've used.


Microsoft MVP .NET Programming - (2012 - Present)
®Crestron DMC-T Certified Automation Programmer

Development Site: aceinfinity.net

 ▲
 ▲ ▲

11-20-2013, 11:37 AM #17
Florin
Junior Member
Team Reboot
Posts: 456 Threads:71 Joined: Dec 2011 Reputation: 14

RE: reboot.pro infected?
@Adys Is it still like so with Avast?

11-22-2013, 04:29 AM #18
Adys
Junior Member
**
Posts: 13 Threads:1 Joined: Oct 2013 Reputation: 0

RE: reboot.pro infected?
Florin,

Since the last time I posted here, I kept having the same problem, so I had decided to reduce my visits to reboot.pro.

Then I downloaded Firefox portable just to visit reboot.pro once in awhile (yet much much much less frequently than I used to).

So now your post made me check the situation again, browsing reboot.pro with IE9. I am currently not seeing the warning from Avast.

Now, I am not %100 sure that the situation is really solved. One reason is that I now have firefox portable too, which I don't "clean up" as I do with IE (remainder: the warning from Avast only showed up after a clean up of my only browser; so now the basic situation has slightly changed). Additionally I have also manually added the suspicious site (the one Avast was warning about connection attempts to) to a "blocking" list.

Finally, since my previous posts Avast released an updated version, which I have already installed.

I don't know if something really changed in reboot.pro, in the ads, or something in my system is effectively blocking the connection attempts before Avast, or perhaps now Avast is not detecting the suspicious connection attempt, or...

Coincidentally, reboot.pro is being spammed with dozens of topics at this very same moment.

I am not sure this "report" really helps anyone. In any case, this is the current state of the case.

Thank you and Regards,
Ady.

11-22-2013, 05:00 PM #19
Florin
Junior Member
Team Reboot
Posts: 456 Threads:71 Joined: Dec 2011 Reputation: 14

RE: reboot.pro infected?
Yeah, nothing has changed at reboot.pro.

I remember that when you first started this topic, I completed some form @ avast to remove blacklisted sites, don't thing it had been effective.

And I found this site: http://urlquery.net/report.php?id=7878363

11-22-2013, 06:09 PM #20
Adys
Junior Member
**
Posts: 13 Threads:1 Joined: Oct 2013 Reputation: 0

RE: reboot.pro infected?
Florin,

That urlquery page shows the suspicious site I was talking about!!!
Can I conclude that this issue is not _my_ system?

Regarding removing it from the blocklist, I don't understand what you mean. I don't know exactly what that suspicious site does, but it clearly should be blocked.

Perhaps you were thinking that Avast is blocking reboot.pro? It isn't. The problem is that reboot.pro triggers this suspicions connection to the other (suspicious) site. I hope the reason Avast is not warning me now is because the problem is _really_ solved, and not because they took out the alert thinking that the alert was a false positive - it wasn't. Now I am more confused and worried than before.




Forum Jump:


Possibly Related Threads...
Thread Author Replies Views Last Post
  Ugh - Infected BreShiE 19 9,621 08-12-2012, 10:38 AM
Last Post: Predator
   Infected, help please. dead 7 4,300 06-20-2011, 11:34 AM
Last Post: dead


Users browsing this thread: 1 Guest(s)