virus issue and advrider.com

Discussion in 'Ask Baldy, Blame AceRph' started by khpossum, Dec 4, 2017.

  1. khpossum

    khpossum poster

    Joined:
    Sep 13, 2007
    Oddometer:
    668
    Location:
    Colorado
    I started having a chrome popup with a fake "four" virus warning on my Moto G4 android phone. It showed up when I got into advrider, or signed in on advrider. It took some doing but I got my phone cleaned up. I used my phone for an hour after I cleaned up with no issues. Then got back on advrider and promptly got that same popup again.

    Anybody else with the same issue? Something going on?
    #1
  2. Yossarian™

    Yossarian™ Deputy Cultural Attaché

    Joined:
    Jul 9, 2007
    Oddometer:
    11,623
    Location:
    the 'Ha
    Nope.
    #2
  3. JimVonBaden

    JimVonBaden "Cool" Aid!

    Joined:
    Feb 11, 2005
    Oddometer:
    73,581
    Location:
    Alexandria, VA
    It is a phone virus not associated with ADVRider.
    #3
  4. khpossum

    khpossum poster

    Joined:
    Sep 13, 2007
    Oddometer:
    668
    Location:
    Colorado
    Yes, I understand it is associated with my phone, but it only shows when I access advrider. It has to have some connection with advrider or how advrider works. Not blaming anybody at advrider, just trying to figure out why or what is going on.

    This is one website that describes the virus: https://sensorstechforum.com/system-heavily-damaged-4-four-virus-how-to-remove-it/ .

    MalwareBytes does not find it, still working on it

    Update: not only chrome, but firefox as well, but only advrider.com
    #4
  5. mas335

    mas335 xendurist

    Joined:
    Jun 17, 2006
    Oddometer:
    2,392
    Location:
    Piedmont region NC
    Had the same problem a few weeks ago, my antivirus said the site was not secure, I use firefox.

    FWIW, I have been always been told not to visit sites that do not have a https prefix in the address bar, currently the address bar shows only http, no s .
    #5
  6. aldend123

    aldend123 Long timer

    Joined:
    Sep 1, 2011
    Oddometer:
    4,643
    Location:
    Bristol County MA
    That's arguably more of a rule of thumb than absolute. TL;DR - ADV doesn't offer HTTPS anywhere on the site as far as I know, and that's not a big deal.

    You should never enter personal info like credit card in to a non-HTTPS site. Browsing basic websites over non-S isn't ideal, but it isn't a huge risk either. Entering a username/password generally means you want HTTPS. If a website wholesale does not offer HTTPS, including on the login, you should use credentials you assume that worst case scenario someone may be able to eavesdrop on. In other words, don't use the same as you use on a bank website. This is best practice anyway, with or without the S. You have no guarantee what the owner of some random website is doing, or not doing, with the password anyway. For all you know, they're stored in a textfile that anyone can access.

    Browsers will typically warn that a website is 'Not secure', meaning that it is not HTTPS, in certain situations like detecting a login page. That warning doesn't mean there is a compromise. It is only a reminder that what you type will not be encrypted. If you go to an HTTPS site, but still see a warning about potential misconfiguration, that'd be a good time to double check with someone else before proceeding.
    #6
    Unstable Rider likes this.
  7. CaptnSlo

    CaptnSlo Derelicte

    Joined:
    Jul 16, 2012
    Oddometer:
    1,775
    Location:
    VA
    I had the same problem and was getting the same virus warning on this site. I followed the instructions here and it seemed to work:

    https://forums.androidcentral.com/a...30081-guide-malware-adware-popup-removal.html

    You probably downloaded an app recently that contained this adware. In my case, I had downloaded a train tracking app and I think that was the cause of the popups bc they disappeared after I uninstalled the app.

    Edit - just got the same popup again. Disregard the above. Bah humbug.
    #7
  8. cejoneswv

    cejoneswv Adventurer

    Joined:
    Jan 22, 2012
    Oddometer:
    12
    Location:
    Pataskala, OH
    Have had the same problem for the past 2 months or so. I tried all the things to get rid of it. Even to the point of completely resetting the phone. After the phone reset, one of the first things I did was to test the advrider site. Within a matter of seconds, I had one of the popup messages appear. I have used Norton and Malwarebytes to try to find anything on the phone. Nothing. I can only conclude that something about the advrider site may be causing this. I don't know. It only happens when I visit this site. I may be imagining this but it seems to have started around the same time I started noticing annoying popups while scrolling through a thread. I have had no success in stopping the popups either. On my computer, I do not see any of these issues. Anyway, for now, when using my phone, this is one site that I have to avoid. Will just have to settle for visiting it on my computer only. Too bad.
    #8
  9. aldend123

    aldend123 Long timer

    Joined:
    Sep 1, 2011
    Oddometer:
    4,643
    Location:
    Bristol County MA
    Temporary work around: Seems like the trend is people using the Safari browser. Try installing Google Chrome from appstore.

    Can you confirm this is an iPhone, or other Apple touchscreen device? Ideally, what version of iPhone. If this is an iPhone, how are you scanning it with those tools?

    If not an iPhone, what device, version, and browser is being used?
    #9
  10. Switchblade315

    Switchblade315 I make people disappear

    Joined:
    Oct 10, 2009
    Oddometer:
    7,769
    Location:
    Watching Bridges Burn
    For the last few days from my phone a advertisement on the login page has been kicking my phone into a fake virus software page. It's random and seems to happen mostly when I have to log back in. It kicks to a diffrent page each time but I know one is a fake Google virus software page. I was hopeing it would happen again and I could screen shot it but I shut it down fast as I don't want it to actully try to download anything.

    Was advised to put this in here. If it happens again I'll get a screen shot of it.
    #10
  11. cejoneswv

    cejoneswv Adventurer

    Joined:
    Jan 22, 2012
    Oddometer:
    12
    Location:
    Pataskala, OH
    Samsung S7 phone. Normally use Chrome. Tried Firefox but that did not help. I have not used Safari (actually, I never heard of it until now).
    #11
  12. Nesbocaj

    Nesbocaj Earth, we're #1

    Joined:
    Jul 15, 2006
    Oddometer:
    1,382
    Location:
    Westchester NY
    Howdy, I am also using a Moto G4, Nougat 7.0, Android security patch 9/1/17, and Kapersky AV (FREE), no issues with ADV.
    I did a full scan before going on ADV and a full scan afterward, no issue.
    #12
  13. cejoneswv

    cejoneswv Adventurer

    Joined:
    Jan 22, 2012
    Oddometer:
    12
    Location:
    Pataskala, OH
    I have tried adding ad block plus as an add-on to Firefox. I have not had any issues since doing this. It does remove the ads from the thread which is what I suspected was the source of the problem. as a test, I logged in via chrome again and within a few minutes I received one of these bad pop ups. Chrome was allowing rhe ads to appear. So I will be sticking with firefox and the ad block plus add-on which firefox recommends.
    #13
  14. WayneJ

    WayneJ What?

    Joined:
    Sep 30, 2010
    Oddometer:
    8,463
    Location:
    Down On The Farm
    Addblock Plus is also available for Chrome.
    #14