Well I logged onto HCRealms about 5 minutes ago 11:10 CST and my Adobe Reader popped up and I got a message telling me that my computer was under attack by a malware program and to DL Eco_installer.exe. I didn't do this because when Adobe pops up without me asking it to I have come to recognize that a virus is trying to get on my computer and my AV clears it off. But there is another virus on the realms and I am warning EVERYONE here to not DL Eco_installer.exe because that is the program that IS the malware. I REPEAT if you get the message your computer is under attack and you need to dl Eco_Installer.exe to remove it DO NOT DO IT IT IS THE VIRUS. AND IT LOOKS ALOT LIKE WINDOWS AV IS TELLING YOU DO DO IT. AGAIN DO NOT DL Eco_Installer.exe

Thanks for the info

The attack vector is almost certainly through the ads on the site. You get rid of them and you get rid of the threat. one way to achieve this is by donating to the site.

If you are attacked, you should be sending all the information you can about the event to the proprietor.

Well I logged onto HCRealms about 5 minutes ago 11:10 CST and my Adobe Reader popped up and I got a message telling me that my computer was under attack by a malware program and to DL Eco_installer.exe. I didn't do this because when Adobe pops up without me asking it to I have come to recognize that a virus is trying to get on my computer and my AV clears it off. But there is another virus on the realms and I am warning EVERYONE here to not DL Eco_installer.exe because that is the program that IS the malware. I REPEAT if you get the message your computer is under attack and you need to dl Eco_Installer.exe to remove it DO NOT DO IT IT IS THE VIRUS. AND IT LOOKS ALOT LIKE WINDOWS AV IS TELLING YOU DO DO IT. AGAIN DO NOT DL Eco_Installer.exe

Are you talking about it popping up a little window that says the website says you have a virus/spyware and they wanna help you? I have been getting that, but obviously don't touch it. I've gotten that twice in the past week. It does look very convincing.

If you accidentally *did* happen to click it, this particular bit of malware is vulnerable to system restore:

Open Task Manager and select New Task
Paste c:\windows\system32\restore into the box
Select rstrui.exe

Pick yesterday (or the day before you picked up the malware). This *is* a system restore, though, so make sure that you've got all your work saved. (even though system restore isn't supposed to affect data files, it's always best to play it safe).

I went to my 1 1/2 year old thread that was probably an early thread on here about the problem. There are a lot of helpful hints and links to other things. Since I am a MOD I will say, buy a subscription and support the site...

Or just check out the thread.
http://www.hcrealms.com/forum/showthread.php?t=251417

This comes up all the time because Typhon is unwilling to deal with it.

I'll put out the same advice I always do. I am NOT going to donate to this site and you shouldn't as well. It's extortion. YOUR COMPUTER SHOULD NOT BE PLACED IN DANGER BECAUSE YOU DO NOT CHOOSE TO DONATE. And placing my computer in danger DOES NOT make me want to donate.

Want to avoid this in the future?

Go to www.mozilla.com and install firefox.

Once you do, search for the Firefox add-on "Adblock Plus"

You will never have an issue with attack ads again, and it will be like surfing a brand new realms. Side bonus - it's all free

If this issue would be ADDRESSED by site management, I wouldn't feel the need to constantly give out this advice

If this issue would be ADDRESSED by site management, I wouldn't feel the need to constantly give out this advice

QFT. :d-normal:

I am running Firefox, and I still get the virus attack attempt.

I am running Firefox, and I still get the virus attack attempt.

Go to mozilla.com Click add-ons. Download and install adblock plus

edit:

Here's a link
https://addons.mozilla.org/en-US/firefox/addon/1865


edit2:

To help get rid of any malware already on your computer
http://www.malwarebytes.org/
http://www.safer-networking.org/index2.html

All Free!

Dl'd Addblocker plus, thanks for the help on that. My brother already sent me to Malwarebytes.org, so I'm good there too, oh and it's nice to not see the stupid ad banners now :)

i agree the mods shouldn't use this situation as a charity push...but at the same time it is nice to have some place to talk about our hobbies...so a little donation wouldn't hurt. everybody is always looking to get something for nothing.

i agree the mods shouldn't use this situation as a charity push...but at the same time it is nice to have some place to talk about our hobbies...so a little donation wouldn't hurt. everybody is always looking to get something for nothing.

No, I am not using it as an excuse to send money to the site. I just understand why it is important to donate, and understand that not everyone is able to donate. I say donate because I know that it is worth it since I donated before I became a MOD.

But I did link to my old thread which had tons of information as it has been discussed over time. However, due to my various reasons of donating and not donating I am not going to go out and say get this software and block out the ads so the site doesn't make money.

I don't get a penny of the money by the way.

The money is used to upgrade the servers, for software and other such needs. No realmsquakes lately. *knocks on wood*

i agree the mods shouldn't use this situation as a charity push...but at the same time it is nice to have some place to talk about our hobbies...so a little donation wouldn't hurt. everybody is always looking to get something for nothing.

I would love to donate to this site. I'm a member of somethingawful, a site that asks for a $10 dollar donation to join. If you don't join you don't see every aspect of the forums but at no time are you FORCED to join because not donating causes your computer to be exposed to Malware and viruses.

I suggested this over in the suggestions thread.


There have been multiple complaints about non-donating members having viruses/malware installed on their machines through ads on the realms. If you are expecting a large surge in traffic once HOT hits, the ad system should be given a complete overhaul.

Am I saying get rid of them? No, I understand the need for them. But my computer should not be placed in danger because I choose not to donate, and seeing attack ads from this site does not make me want to donate. It makes me install an ad-blocker.

I'd suggest a Terms of Service for advertisers that is ENFORCED. Attack ads should be removed before they become the problem they were in the past.

Clearly it has fallen on deaf ears. So I'm going to tell everyone who asks how to block the realm's ads. Hell, if the attack ads were even addressed a little bit I'd become a diamond donor.

Until then, not a red cent

Well I logged onto HCRealms about 5 minutes ago 11:10 CST and my Adobe Reader popped up and I got a message telling me that my computer was under attack by a malware program and to DL Eco_installer.exe. I didn't do this because when Adobe pops up without me asking it to I have come to recognize that a virus is trying to get on my computer and my AV clears it off. But there is another virus on the realms and I am warning EVERYONE here to not DL Eco_installer.exe because that is the program that IS the malware. I REPEAT if you get the message your computer is under attack and you need to dl Eco_Installer.exe to remove it DO NOT DO IT IT IS THE VIRUS. AND IT LOOKS ALOT LIKE WINDOWS AV IS TELLING YOU DO DO IT. AGAIN DO NOT DL Eco_Installer.exe

And as one final point. I did some quick research into Adobe opening unbidden and installing malware AV programs onto your computer as the OP experienced

http://blogs.pcmag.com/securitywatch/2009/02/eweek_and_other_sites_hit_by_m.php

It's source is ATTACK ADS.

Quote from the article


Users with Acrobat 8.1.2 and earlier were affected; just by surfing to the site they may have had the PDF opened by default, causing the download and installation of a rogue anti-virus program called Anti-Virus-1. This name might ring a bell with users; click here to see why.

Opened by default. AKA No fault of the users, despite what Typhon may think.

This needs to be addressed

I would love to donate to this site. I'm a member of somethingawful, a site that asks for a $10 dollar donation to join. If you don't join you don't see every aspect of the forums but at no time are you FORCED to join because not donating causes your computer to be exposed to Malware and viruses.

I suggested this over in the suggestions thread.



Clearly it has fallen on deaf ears. So I'm going to tell everyone who asks how to block the realm's ads. Hell, if the attack ads were even addressed a little bit I'd become a diamond donor.

Until then, not a red cent

In fairness to the proprietor, this is a relatively sticky situation. Tracking down the offending content is not trivial, and can be a bit like playing whack-a-mole. This is compounded by the fact that, up and down the chain, all parties involved have a financial incentive to not find the compromised ads.

Even if we assume that Typhon is fully committed to resolving the problem, and I see no reason to assume otherwise, the firm he gets the ads from may not be, and his ability to influence them is probably fairly limited. They likely have a "you need us more than we need you" attitude, and this is likely true.

It may just be that it's untenable to run the site without ads, and there simply aren't enough impressions to make it work with a more reputable vendor.

I do think it's unfair to claim that this is some sort of extortion attempt without looking at the complexity of the issue. How would you feel if the ads were removed entirely but accesst to all content was now dependent on a recurring monthly subscription?

In fairness to the proprietor, this is a relatively sticky situation. Tracking down the offending content is not trivial, and can be a bit like playing whack-a-mole. This is compounded by the fact that, up and down the chain, all parties involved have a financial incentive to not find the compromised ads.

Even if we assume that Typhon is fully committed to resolving the problem, and I see no reason to assume otherwise, the firm he gets the ads from may not be, and his ability to influence them is probably fairly limited. They likely have a "you need us more than we need you" attitude, and this is likely true.

It may just be that it's untenable to run the site without ads, and there simply aren't enough impressions to make it work with a more reputable vendor.

I do think it's unfair to claim that this is some sort of extortion attempt without looking at the complexity of the issue. How would you feel if the ads were removed entirely but accesst to all content was now dependent on a recurring monthly subscription?

If I had to pay 5 bucks a month to access just the units section I'd do it. I don't think I would join for the forums alone though.


Typhon has stated in the past that people getting Viruses from his site are to blame, not him despite countless evidence to the contrary. Here's a quote


The site is not trying to push viruses on you. Although I hate to always go back to this; 100% of the time it's the user's fault. From personal experience, I was hit with a "FakeAlert" virus 4-5 weeks ago; while doign my normal internet surfing. Nothing out of the ordinary, but then I started getting all of these pop-ups with "You computer is infected". You know what those things area? They're Fake Alerts, trying to get you to install a virus onto your computer. Most people fall for it and blindly follow those links ... then you're infected.

That is all he's ever said on the matter, despite countless evidence that YES the site is pushing attack ads on us. That is why I call it extortion, when he was shown there was a problem he refused to address it.

Honestly if it's so difficult to weed out the attack ads why are there so many sites that get by without them. Going again to the SomethingAwful scenario. One of their advertising partners snuck in some ads that automatically expanded and did other stuff that is against the terms of service SA gives to it's advertisers. Those ads were immediately addressed by site management and removed. No drama, no telling the users of your site that it's their fault. A listening to those who support and wish to support your site and a desire to make their viewing experience simpler.

Again, until this is addressed by site management I will continue to extol the virtues of ad-blocking. And honestly the best way to draw new traffic to the realms is with safe ads, not these things that install garbage onto your system, if a new user comes here, gets infected and then sees a thread like this, are they going to donate? No. Are they going to refer the realms to their friends? No. Are they going to surf this site again? No.

It is in this sites best interest that this be addressed.

edit: I am now going to work, I won't be able to reply to this discussion again until much later

Typhon has stated in the past that people getting Viruses from his site are to blame, not him despite countless evidence to the contrary. Here's a quote




That is all he's ever said on the matter, despite countless evidence that YES the site is pushing attack ads on us. That is why I call it extortion, when he was shown there was a problem he refused to address it.

Honestly if it's so difficult to weed out the attack ads why are there so many sites that get by without them. Going again to the SomethingAwful scenario. One of their advertising partners snuck in some ads that automatically expanded and did other stuff that is against the terms of service SA gives to it's advertisers. Those ads were immediately addressed by site management and removed. No drama, no telling the users of your site that it's their fault. A listening to those who support and wish to support your site and a desire to make their viewing experience simpler.

Again, until this is addressed by site management I will continue to extol the virtues of ad-blocking. And honestly the best way to draw new traffic to the realms is with safe ads, not these things that install garbage onto your system, if a new user comes here, gets infected and then sees a thread like this, are they going to donate? No. Are they going to refer the realms to their friends? No. Are they going to surf this site again? No.

It is in this sites best interest that this be addressed.

edit: I am now going to work, I won't be able to reply to this discussion again until much later

That Typhon quote is pretty old, and I think he's made other statements since then that have softened the stance he had taken.

In any event, you can't compare SA to HCrealms. SA gets exponentially more traffic and has a much stronger hand. I'm pretty sure that advertisers dictate terms of service to HCR, not the other way around.

That Typhon quote is pretty old, and I think he's made other statements since then that have softened the stance he had taken.

In any event, you can't compare SA to HCrealms. SA gets exponentially more traffic and has a much stronger hand. I'm pretty sure that advertisers dictate terms of service to HCR, not the other way around.

I'll concede the point of traffic. The example I was attempting to make was a proactive site manager versus a site manager who simply won't address a problem.

And softening your stance is fine and all, but members are still getting viruses. Again, if the goal of Typhon is to lure additional traffic to this site, these ad's are not helping. I've had a few people at my venue complain about the attack ads here, and at least one tell me he was sticking to heroclix world from now on.

I like this site, I do. I wouldn't be sitting here yelling about this if I didn't. My point is this, SOMETHING needs to be done. The problem can't be allowed to continue. Word of mouth is the best advertising, if people at venue's are complaining about the realms damaging their computers thats not going to drive any new members or donors to this site. And I stand by my point that until this site is as safe for non-donors as it is donors I will block all of the ads on the realms and advise anyone who asks to do the same.

morand, thanks for the foxfire advice. my computer thanks you!