# blackhole exploit kit



## glondor (Mar 4, 2011)

Accessing any page prompts avg to block blackhole expliot kit. Just a heads up.


----------



## seawolf (Mar 4, 2011)

From what I could find on Google blackhole exploit kit is a virus. Does it serve a usefull purpose?


----------



## glondor (Mar 4, 2011)

Any one else having trouble with this?


----------



## joem (Mar 4, 2011)

I can no longer access the forum with IE
But fine with chrome.
I scanned my system, all clean.


----------



## Barren Realms 007 (Mar 4, 2011)

joem said:


> I can no longer access the forum with IE
> But fine with chrome.
> I scanned my system, all clean.



I'm not having any problem but mic can't get on either.


----------



## Drewbie (Mar 4, 2011)

No problems here on Safari/mac.


----------



## rusty (Mar 4, 2011)

Last night I loaded xp pro on an old PC I had laying about, when I accessed the forum IE reported there was an error on the forum index page.

After investing 4 hours of my time loading XP Pro, service packs 1,2 and 3 with all updates discarded the system, now it brings a smile to my face whenever I think that one of you guys is trashing a computer that shipped with MS loaded as the operating system.

regards
g


----------



## jimdoc (Mar 4, 2011)

I truly hate windows. I set up a laptop to dual boot and the windows partition got screwed up trying to install a driver for the scroll wheel to work.
It was a factory restoration disc that I used and the scroll wouldn't work in windows. It worked great in Ubuntu right away. I only set it up to dual boot with windows windows for a Delorme Earthmate GPS. I had to totally reinstall windows and do all the updates again. Now I know to leave the windows alone unless I am using the GPS or floppy disc for my Mavica camera. Every thing else is Linux from now on.

Jim

This topic should really be in Technical Problems section


----------



## stihl88 (Mar 5, 2011)

Funny thing Ive noticed on the forum since this morning is that the font has changed and the text size is about 300% larger than normal. Is anyone else experiencing this?


----------



## Barren Realms 007 (Mar 5, 2011)

stihl88 said:


> Funny thing Ive noticed on the forum since this morning is that the font has changed and the text size is about 300% larger than normal. Is anyone else experiencing this?



It all looks the same on my end.


----------



## glondor (Mar 5, 2011)

Ran a bunch of scans. still get an avg warning about Exploit blackhole exploit kit type 1380 with every page load. Only on this forum. The process ID says it is Chrome.exe. Scanned everything. no hits.. File name: goldrefiningforum.com/phpbb3/styles/ca_gen2/template/ca_scripts.js. Detects 2 instances per page load.

Are we under attack?


----------



## Drewbie (Mar 5, 2011)

Did you update Google's Chrome browser recently?

It looks like it is deciding that one of the javascript files used by phpBB3 isn't clean.


----------



## glondor (Mar 5, 2011)

I may have as it is set to auto update. I was looking at that very idea today. Was thinking of rolling chrome back a bit. Maybe a new update will fix it. Thanks for the info Drewbie. I will keep you posted.


----------



## silversaddle1 (Mar 5, 2011)

I love my Mac.


----------



## Noxx (Mar 5, 2011)

Well, I removed some malicious code yesterday in the ca_scripts.js

Is it still infected ?


----------



## qst42know (Mar 5, 2011)

I get a website restore error with IE.


----------



## joem (Mar 5, 2011)

Noxx said:


> Well, I removed some malicious code yesterday in the ca_scripts.js
> 
> Is it still infected ?



I can get onto many other forums through IE but not this one
I am using chrome right now


----------



## stihl88 (Mar 5, 2011)

Barren Realms 007 said:


> stihl88 said:
> 
> 
> > Funny thing Ive noticed on the forum since this morning is that the font has changed and the text size is about 300% larger than normal. Is anyone else experiencing this?
> ...



Thanks barren,

I'm still experiencing the problem but Ive since tweaked my browser to correct it a little, it's strange because it has only happened to this website but not others i visit.


----------



## Drewbie (Mar 5, 2011)

Noxx said:


> Well, I removed some malicious code yesterday in the ca_scripts.js
> 
> Is it still infected ?



Ah.

People's browsers may be caching the old .js file locally.


----------



## joem (Mar 5, 2011)

Drewbie said:


> Noxx said:
> 
> 
> > Well, I removed some malicious code yesterday in the ca_scripts.js
> ...


searched and resulted no such cached file on my machine


----------



## nch (Mar 5, 2011)

I coud not acces the site for 1.5 days ! I thot it was a problem with server 
.
I run XP and IE . 

It works fine now


----------



## Drewbie (Mar 5, 2011)

You browser caches the file automatically. It doesn't retain it's original filename.


----------



## dtectr (Mar 5, 2011)

I run Opera when I don't want to wait an hour until IE loads :lol: I was getting it earlier but not now. Should I dump my cache & start over &/or dump temp files/cookies & start over?

I ran full computer scan & prob not on machine - must be what Noxx said.


----------



## parrothead (Mar 6, 2011)

It crashed IE for me for 2 days. Good to see it back up. I have so much to keep reading.


----------



## joem (Mar 6, 2011)

dtectr said:


> I run Opera when I don't want to wait an hour until IE loads :lol: I was getting it earlier but not now. Should I dump my cache & start over &/or dump temp files/cookies & start over?
> 
> I ran full computer scan & prob not on machine - must be what Noxx said.



Normally My cache dumps on exit this time it did not. So I manually deleted cached files and it worked. I am writing this in IE on XP Pro


----------



## glondor (Mar 6, 2011)

Seems OK to me today. No virus warnings. Thanks Mike.


----------



## glondor (Mar 9, 2011)

Virus warnings are back...


----------



## glondor (Mar 9, 2011)

Wrecker 45 called to tell me he cannot access the forum at all. His antivirus will not let him in. Thanks Mike.


----------



## wrecker45 (Mar 10, 2011)

im back .seems to be working ok...Jim


----------

