If you visit the AirNav forum you may like to check out this thread.
I'm not getting any warnings using AVG but there are reports of a trojan from a number of AirNav members.
http://www.airnavsystems.com/forum/index.php?topic=6913.msg79053#msg79053
I saw that title and thought tarbat had created yet another username :P
I use Avast and this blocked it on connection last night
Malwarebytes and AVG finds nothing on my machine.
AVG has found nothing here and 4 hours into a scan of one of two hard drives, Malwarebytes has found nowt so far.
The file name that Avast blocked was shown as Infection JS:redirecto-TH
I had the same Trojan report on the ShipTrax Forum this morning and couldn't access it. Oddly enough someone from "Microsoft" phoned me up a few minutes afterwards to advise me that he had spotted a nasty virus on my machine!
I told him to "go away", or the Anglo Saxon equivalent, but wondered if there might be a connection. A remarkable co-incidence though!
Peter
I suspect it's a false alert from some of the so-called AV products.
I have a bunch of "security" products here and what one finds another doesn't.
Quote from: stonosnr on April 18, 2012, 03:41:07 PM
I had the same Trojan report on the ShipTrax Forum this morning and couldn't access it. Oddly enough someone from "Microsoft" phoned me up a few minutes afterwards to advise me that he had spotted a nasty virus on my machine!
I told him to "go away", or the Anglo Saxon equivalent, but wondered if there might be a connection. A remarkable co-incidence though!
Posted on "another" forum:
"HMMMM
are you using microsoft essentials and have you got it set to send reports to microsoft ??
which i think you can do"
I didn't think anyone was that naive?
Since I'm banned from the radarspotters forum and can't post a reply to the personal abuse from the member concerned I'll post his reply here. It may help someone if they get an unsolicited call from Microsoft to say they've spotted a serious virus on their computer ;)
"Dont even think about copy and paste this to your stupid forum Mr Anmer
this is copywrite of me and this forum
Hi All
firstly i dont want to be inundated with requests in the future regarding virus/malware >>>that said
as its this forum and fellow virtual radar users
a very good friend of mine is a Microsoft MSVP for their security pages
i have just spoken to him and heres his over the phone reply :-
1] if real this is a very nasty Virus
2] assuming you have been sensible with a 64 bit win7 machine and NOT turned the UAC off
which was being advised by some. you should be ok as you should be asked if you want to install
only a total wally would click yes
if you are 32 bit you are in greater danger than the 64 bit guys
3] your anti virus software should grab it
make sure if its quarantined it gets removed/deleted
4] heres the bit re websites and forums
there is about a 2% chance its bogus >>98% chance its real
it may well be from the forum its self>>any advert on that forum>>or worse its on the server they use for the forum
[ is that the same server for other airnav bits >> if it is i would keep away for the next few hours]
5] i was asked to send my pal an e-mail with the url posted in this thread at the top which i have done
he will have a look further tonight when he gets the chance
you have been warned !!!!
K/"
http://www.radarspotters.eu/forum/index.php/topic,6690.msg47587.html#msg47587
I'll await a letter from Keith D's solicitor. :'(
I've just done a full system scan (took 8 hours) using Malwarebytes (AVG paid for version did a full scan overnight as it does every night) and nothing was detected.
Doesn't prove anything other than these two "security" products didn't find anything suspicious.
I've logged out of the AirNav forum and logged back in and no alerts.
Hopefully I'll get a call from Microsoft. ;)
As advised elsewhere by an expert, the absence of an alert "from there (sic) anti virus/malware programme" is either because:
"a] the program they are using is totally useless [wether free or paid for]
b] they either haven't bothered or don't know how to update there definition dbase"
I know for a fact that both my AVG and Malwarebytes' definitions are up-to-date so can only assume both products are totally useless.
So if you rely on these products be warned and either get something better or keep away from the AirNav forum.
I'll take my chances.
If you believe a site is issuing a virus send an email to your ISP support is usually all it takes for peace of mind.
I am sure google bots would have picked it up if there was an issue
I see the security "expert" has back peddled:
"i just tried that URL again and it seems clear now"
This morning I replaced AVG with Microsoft Security Essentials on a spare PC running Windows 7.
I then ran a full system scan, no threats detected.
Next I went to the AirNav forum. Microsoft Essentials didn't issue any alert.
The security "expert" posted this on another forum:
"i just clicked on the link in the posting above yours and got a trojan warning from my security which is the bog standard Microsoft Essentials
check of the history window in there revealed
serious alert :-
Trojan:JS/blacoleRef.W"
He has since posted "i just tried that URL again and it seems clear now>>time will tell"
As I said before, all this proves is that the three products I'm using on my PCs aren't detecting any threats from the AirNav forum.
But as one AirNav member has posted:
I have had problems with my laptop for the last few days, since I opened this (AirNav) site and had a pop up which seems to have hi-jacked my machine. I used to run Norton, but since this expired, and I changed from BT Internet to Orange, and had problems installed their freebie version of McAfee, I've not had any protection running - only myself to blame for that! - but there's definitely something interfering with things now. If I open IE, sometimes the machine goes to various advertising sites and shuts down whatever I'm trying to access, my email is worst, which I'm not able to acces properly now. I feel a re-format of HDDs and re-installation of Win 7 coming on, at least 2 years since I last had to do it, so that'll also get rid of an awful lot of crap! Before this happened, RB program would act up, and won't let me highlight a particular a/c on the display, doing its own thing, going to any other a/c in the vicinity except the one I was trying to follow - anyone else had that?
Therefore, please make your own decisions about visiting the AirNav forum and, whatever you decide, make sure you protect yourself from threats and take regular backups.
Another thought has crossed my mind.
It's more than likely that the AirNav forum members who have detected threats are also RadarBox users and connect to the AirNav server for constant database updates?
Obviously the work on yet another satisfied Air Nav customer.
The company that never stops giving ;D
That's what AirNav gets for trying to enforce it's 24x7 feeder agreement with the Russians. :) :) :)
AirNav's response:
"Further checks were done and following smf forum bug patches and server bug patches as well we haven't been able to find a cause of this yet. So far we have not found any viruses or code on the forum which has been exploited.
We are however keeping an eye on the situation."
"My AVG blocked the following at 0815 local today:
EXPLOIT BLACKHOLE EXPLOIT KIT (TYPE 2146)
www.airnavsystems.com/forum/index.php?board
I think I'll stay clear of here until further notice."
I use AVG and it's not reporting any threats?
Blackhole Exploit Kit! Not the Nigerians again? ;D
There's been no further news from AirNav and I still can't replicate a security alert using AVG, Microsoft Security Essentinals, Malwarebytes or any of the removal utilities mentioned on the AirNav forum.
However, I did notice this recent post by a well-known security expert:
"i havent really followed it on there forum
but it does look like they got hacked to me"
Not sure what forensic tools and analysis he applied but he seems convinced that something was 'hacked'! :-\
So be cautious.
Look forward to AirNav's response:
"Don't want to appear pedantic or banging on about this, but not having had any alerts or warnings since the 19th, and assuming that as nobody else is reporting further problems the forum is now clean, what did you find to be the cause of the problem and are you satisfied the site is indeed now clean?
The reason I ask is because a relative of mine, involved in 'nasties' removal for an IT company, who spent a lot of time cleaning and checking my machine whilst this situation was going on is interested to know.
As he says, recurring infections don't go away on their own so they must have been eliminated at source."
http://www.airnavsystems.com/forum/index.php?topic=6913.msg79384#msg79384
Still not a peep from AirNav.
Worrying as one might expect a robust statement if nothing were amiss?
"It would seem that the general problem has now been resolved but a response from AND to my last posting could perhaps reassure us that this is the case."
http://www.airnavsystems.com/forum/index.php?topic=6913.msg79467#msg79467
Well. well, well (as they say).
Just went to the AirNav forum to view Latest Posts (done this a few times already this morning) and guess what?
AVG popup window "Threat was Blocked".
See attached screenshot.
VERY WORRYING.
[Attachment deleted by Admin to save file space]
Same here, I would advise keeping away from the Airnav forum especially if you are not protected or have a good AV running, if you have a free AV then don't go there at all.
[Attachment deleted by Admin to save file space]
Hamish,
I love what's lurking below the AVG warning box ;D
"Sorry Guest, you are banned" and "This ban is not set to expire"
My posts were censored and I was only threatened with the chop.
You went the whole 9 yards. :)
Stephen
Quote from: Bethsalem on April 29, 2012, 02:00:07 PM
"Sorry Guest, you are banned" and "This ban is not set to expire"
Stephen
I am so used to seeing that message that I don't notice it any more, I got banned for being the owner of Radarspotters even though I am an Airnav BungleBox customer.
Who is Stephen?
that warning came up on radarspotters site after dan the ban took over
Quote from: mhm on April 29, 2012, 07:58:05 PM
that warning came up on radarspotters site after dan the ban took over
Maybe in response to that epic unboxing video! ;D
This may be totally unrelated:
"We will be upgrading the forum later today, so please be aware the forum may be unavailable for a few hours."
http://www.airnavsystems.com/forum/index.php?topic=6954.msg79809#msg79809
But as Hamish will tell us, upgrading the forum doesn't necessiate any downtime, let alone "a few hours". :(
There is no available upgrade for SMF 2.0.2 at the present time, they may be migrating to a new platform.
Yes, there is no need to close the forum when upgrading as it takes less than a minute to do so, I think then that we should assume that a platform shift is in the offing.
Strange though that the 'Worlds leader in flight tracking' ( He said while vomiting at the blatant lie ) would use free forum software.
Looks like the change is underway.
[Attachment deleted by Admin to save file space]
That was quick and painless:
"The forum has been upgraded now. We need to add a few items back in, if you notice anything strange or not working please contact us. "
Just tried the AirNav forum and this is what I got!
Worrying.
[Attachment deleted by Admin to save file space]
I wasn't the only one and it wasn't just AVG that blocked "something"!
AirNav's response:
"Everything is clear at the moment, we will keep an eye on this again. Again we will reiterate that there has no been virus found on our site and we have been in contact with AVG and few other Anti virus companies to track down what is causing the (false) detection."
Strange I'm only get these alerts when I visit the AirNav forum? I wonder what AVG and the other AV companies said to AirNav?
http://www.airnavsystems.com/forum/index.php?topic=6983.msg80257#msg80257
http://www.avg.com.au/resources/web-page-scanner/
http://www.avgthreatlabs.com/sitereports/domain/airnavsystems.com