Hi, just today I keep receiving notices from Avast that a harmful webpage has been blocked on EVERY single XDA webpage I visit including when I went to make this thread. I am able to visit other websites without this issue.
Is anyone else experiencing this?
Avast says that the webpage is rt.liftdna.com/liftrtb2.js
And that the Trojan is a JS: Downloader-AMY
Could it be possible that XDA Forums have been compromised?
Yes same time stamp...Same problem.
I tried on several computers, all give the same Avast message.
Does another Antivirus detect the same Trojan??
I haven't tried any other Antivirus but I did use Google's Website Diagnostic which came up with no issues
http://www.google.com/safebrowsing/diagnostic?site=http://www.xda-developers.com/
One of the vectors for infecting a machine is via an advert, so while xda isn't hosting the content, visitors can be caught out.
Yep getting it here as well
I gone through some more website scans and there appears to be no issues.
There must be something on XDA causing this
I'm getting it too, using Avast.
Also receiving the Avast alerts on every XDA page. It blocks 3 of the same Trojan on each page apparently.
Avast fail as far as I can see
Looking into it.
I have the same problem too.
http://rt.liftdna.com/liftrtb.js
js:downloader-amy [Tri]
I did not have this warning till this morning.
Just get Ghostery for Firefox, and all things will be fine again.
Ghostery blocks all Analytics, Malware and tracker websites.
examples :
goggleanalytics, G Adsense, Netshelter, LiftDNA and VigLink here on XDA.
Just seach on google for it.
PS: There are some Analytics Companies around who are trying to bypass Privacy Programs and Modes (Like FF/Chrome Privacy Mode) with installing Trojan like Cookies/Scripts. Maybe LiftDNA is one of them (Well the Name directs to it "Lift-DNA"). One otehr well known Company is Kissmetrics, and they are blocked too my Avast and Ghostery (both found a Way to stop these "evil" Scripts/Cookies).
pps, here is the Link about Kissmetrics :
http://www.wired.com/epicenter/2011/07/undeletable-cookie/
Having the very same problem, getting the same message with avast and chrome browser!!
heres a pic of the alert
http://img89.imageshack.us/img89/7416/xdatrojan.jpg
Looks like one of the ads is causing a false positive on Avast.
the_scotsman. read my Post.
LiftDNA is allmost doing the same as Kissmetrics.
LiftDNA got added today not senseless by Avast like they've added Kissmetrics before.
Same here, Avast doesnt like the java script XDA uses at all today.
-smc
kaliberx said:
Just get Ghostery for Firefox, and all things will be fine again.
Ghostery blocks all Analytics, Malware and tracker websites.
examples :
goggleanalytics, G Adsense, Netshelter, LiftDNA and VigLink here on XDA.
Just seach on google for it.
Click to expand...
Click to collapse
Ghostery for Chrome is not fixing this...
Edit: It blocks some .js files from LiftDNA, but still getting avast warning...
Uploaded with ImageShack.us
Blocked the script with URL http://rt.liftdna.com/liftrtb2.js with adblock
Worked!
Related
Hi there moderators!
Is it just me or does anyone else having their antivirus program popping up saying that a trojan has been blocked.
It pops up time after time so it seems like it's all over the place.
I included a screenshot of my antivirus interface (In swedish)
The trojan can be removed but it pops up all the time.
// Ohamn
Seems to be fine with NOD32...
Just in Kaspersky, but they got fixed
Ohamn said:
Hi there moderators!
Is it just me or does anyone else having their antivirus program popping up saying that a trojan has been blocked.
It pops up time after time so it seems like it's all over the place.
I included a screenshot of my antivirus interface (In swedish)
The trojan can be removed but it pops up all the time.
// Ohamn
Click to expand...
Click to collapse
On the 25th of January, 2010, some Google web pages can be blocked by your Kaspersky Lab product because of virus detection. In this case the following message appears on the screen: Access denied. The following error was encountered: The requested object is INFECTED with the following viruses: Trojan.JS.Redirector.ar.
http://support.kaspersky.com/kis2010/error?qid=208281219
My Kaspersky 2010 keeps saying it is blocking the adverts on the site because they are links to phishing sites as well. As been for a while.
cjm1979 said:
My Kaspersky 2010 keeps saying it is blocking the adverts on the site because they are links to phishing sites as well. As been for a while.
Click to expand...
Click to collapse
It's google. I know because Google Chrome decided google.com was a trojan.
Is it just me, or are the ads... not quite... fixed-space ads?
They stay in the right spot on the screen, but they literally are pages that I can scroll through!
I've noticed this for a couple days, I can't be the only one to have noticed?!
My kaspersky has ad block so I donĀ“t see any add on XDA!
Using Opera 10.50
I have not seen your issue and I'm using IE8 & Norton. What browser do you have?
We've been testing some stuff with the ads, and we know there have been some minor problems here and there.
The ads are now all contained within their own iframes (hence why you can scroll within them)... this is so that if the third-party ad servers are having problems it won't slow/stop the rest of the site from loading.
Ah alright. It actually went away the day after I posted the thread so I felt rather foolish! Ads look normal now
I'm using Opera for reference.
I am rooted on a pixel 2 XL with magisk v14 and manager 5.4.3. I have twrp 3.1.1 beta 2. I have changed the calling preference on the phone to wifi with an ADB command. Aside from that no other mods come to mind.
I have multiple functioning apps on my phone and am loving root. However, Facebook, Tumblr, Microsoft word, and Microsoft Excel give me messages saying they can't connect to the internet when I open them. This renders Facebook and Tumblr useless. The office programs can work locally. I tried hiding root from Facebook in magisk to no avail. What's going on with these apps? Do I need to change something on my phone or in it's system? Could any particular root apps like adaway be causing this?
Ok, so I was at least smart enough to be able to determine that adaway is not allowing every single one of the apps I mentioned to connect to the internet.
What's the solution here? Is adaway obsolete in 2017? Is the answer to just go download and buy adguard from the playstore?
Schroeder09 said:
Ok, so I was at least smart enough to be able to determine that adaway is not allowing every single one of the apps I mentioned to connect to the internet.
What's the solution here? Is adaway obsolete in 2017? Is the answer to just go download and buy adguard from the playstore?
Click to expand...
Click to collapse
Adaway is definitely not obsolete. It was removed from the Play Store and will never come back there. There is a thread here on XDA with updates, lots of good help, (and the same questions asked over and over). :good:
Adaway blocks urls / websites but not apps, so you have something else going on. Here is the tutorial to find blocked sites that need to be whitelisted, You can try it.
https://github.com/AdAway/AdAway/wiki/LogDNS
This was tremendously helpful. It did exactly what I wanted. Thank u. Hopefully others see this and it helps them too.
Schroeder09 said:
This was tremendously helpful. It did exactly what I wanted. Thank u. Hopefully others see this and it helps them too.
Click to expand...
Click to collapse
Hi, my setup is similar to yours (rooted, etc) and I've got Google Docs and Sheets thinking they're not connected to WiFi or data. How were you able to resolve your data issue?
MinimalistChris said:
Hi, my setup is similar to yours (rooted, etc) and I've got Google Docs and Sheets thinking they're not connected to WiFi or data. How were you able to resolve your data issue?
Click to expand...
Click to collapse
I haven't focused on getting those working yet, but it seems that the word is working. Excel still gives me the connection error. Adaway was the culprit for facebook. I suspect it is for the microsoft office apps too. I just have to addressed them because I will not be using them heavily. If you have an adblocking app please follow the instructions in the link that Pkt_lnt posted. They're very straightforward and helpful. You need to basically turn ad-blocking off, put it in a "scanning mode", use the app you want to for a few minutes so the adblocking app sees it, then the adblocking app will pick up on host file sites that the app uses. You can add these to a "white list." The adblocking will no longer block the app. It's important to note that if other apps use the same host file that you have just whitelisted ads will appear in that app too. White listing a host file is universal and is not done on an in-app basis.
Thank you!
I have a "xxooapp" folder and also getting random firefox popups when doing nothing
For starters i have a folder on my phone called xxooapp and 3 random files with no extensions inside the folder.
Also I'm getting random popups in firefox and firefox focus while playing on my phone. I don't even have to be in in firefox to get popups. I have downloaded popup blockers and ad blockers for firefox and i also have adaway installed and no root firewall and blocked all apps that dont need internet. I also tried avg anti virus and it was clean. I've un-installed the last few programs that i have installed since it started but that didnt help either The webpage is newprofitcontrol.com/0/ every time
Any ideas on either of these? Thx
equlizer said:
For starters i have a folder on my phone called xxooapp and 3 random files with no extensions inside the folder...
Click to expand...
Click to collapse
Ever Google xxooapp? Free games (and malware) woo hoo!
v12xke said:
Ever Google xxooapp? Free games (and malware) woo hoo!
Click to expand...
Click to collapse
Unless you are using a different google than everyone else, all i see is nothing related to xxooapp except chinese/other languages.
My Galaxy S8+ is giving my spammy pop up / redirect ads in Chrome. The kinds of ads that look like the site I went to is infected with some kind of virus, but it happens for a lot of different sites so I'm thinking it's my phone. It doesn't happen every time. I've attached a screenshot of one.
I don't install apps from third party sites aside from Amazon. Most of my apps are productivity type apps from pretty reputable vendors. I have a few games (not a big gamer) but they all have good reviews on Google play. I've run the built in Verizon security app with no results and I downloaded and ran AVG which found nothing either.
How do I diagnose this?