PPRuNe Forums

PPRuNe Forums (https://www.pprune.org/)
-   Computer/Internet Issues & Troubleshooting (https://www.pprune.org/computer-internet-issues-troubleshooting-46/)
-   -   ca.js trojan on Pprune? (https://www.pprune.org/computer-internet-issues-troubleshooting/496886-ca-javascript-trojan-pprune.html)

Torque Tonight 1st October 2012 11:49
ca.js trojan on Pprune?
 
Today when I open a page on pprune (only) I often get an open/save dialogue box for ca.js which would seem to be a trojan (and obviosly I do not open or save). Anybody else getting this? Is this emanating from some of the adverts on pprune? I have up to date anti-virus software running.

Encyclopedia Search Results: JS/Redirector - Learn more about malware - Microsoft Malware Protection Center


Screenshot:

http://www.use.com/images/s_3/1f0ec1cf4651d60fdcf8.jpg

Torque Tonight 1st October 2012 18:25
Just been using a different computer and sure enough on pprune only I'm getting these dialogue boxes. Both computers are clean according to Norton and Malwarebytes. Seems to be something nasty lurking in pprune today.

Now also jload.js from pixel.adsafeprotected.com. Excellent.

lurkio 1st October 2012 18:53
You're not alone, I've been getting the second for a couple of hours.

green granite 1st October 2012 19:02
Block all coms with the site amazonaws.com (google it)

mixture 1st October 2012 20:22
Block all coms with the site amazonaws.com
Talk about using a sledgehammer to crack a nut !

Amazonaws? The Amazon cloud ? Given Amazon is one of the largest cloud providers, you could find yourself blocking more than you set out to !

Milo Minderbinder 1st October 2012 20:46
have any of you reported this to Clee?
No point just complaining here if you don't tell the sysadmins

Saab Dastard 1st October 2012 20:58
have any of you reported this to Clee?
No point just complaining here if you don't tell the sysadmins
I have already done so, linking to this thread.

When the US west coast wakes up I'm sure they will be onto it!

SD

Torque Tonight 1st October 2012 21:34
Thank you Saab.:ok:

BrandiNettIB 2nd October 2012 23:38
Thanks for the reports, guys. We haven't been able to see this issue here, so we need more data.

The two things we're seeking are the sources of the Javascript files (so far you guys have reported choices.truste.com and pixel.adsafeprotected.com), and what ads are on the page when you see these popups, as they are most likely coming from ads.

We don't recommend blocking the entire Amazon cloud, as you will likely end up blocking many sites, big and small, that use the Amazon cloud for hosting.

BrandiNettIB 3rd October 2012 17:19
Just be on the safe side, I had one of our developers scan the site code to see if anything got injected into it. He didn't find anything and believes this is an issue with Internet Explorer 9. If you're experiencing the issue, try using another browser and seeing if the issue clears up. If not, let us know the ad that's on the page (name of advertiser and link the ad goes to), as well as the source of the JS file, and we'll take a look.

EDIT TO ADD:
For what it's worth, Google Safe Browsing diagnostic shows both above reported JS sources to be safe:

Google Safe Browsing diagnostic page for pixel.adsafeprotected.com
Google Safe Browsing diagnostic page for choices.truste.com


All times are GMT. The time now is 07:50.


Copyright © 2026 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.