No issue with Chrome & Norton here, perhaps only certain Internet browser without malicious add on plug in?

This appears to be associated with the rotating ad above the flags on the main page - norton detects and blocks a malicious jar file. You will only see it the first time the ad is loaded for a (or some) advertiser otherwise the jar is still in cache and is not triggered.

 

Edit: whatever it is causes JAVA to run...

 

DJ

Tom,

 

Just wanted to update you that this morning I received not only another Malware alert, but a Trojan alert as well from the homepage. Like DJ mentioned, something (an ad?) is attempting to startup Java and may be the culprit.

 

Phil

I have the same problem. When I opened Avsim page today Norton said; "A high risk attack by aparkechon.dyndns.org was blocked".

 

I use Firefox and a couple of weeks ago I told Firefox to warn me if a website tries to redirect me to other sites. Everytime when I go to Avsim (I still have the url avsim.com as bookmark) I now get a Firefox warning that I am redirected to avsim.net. Is that correct or is something fishy here?

 

When I clicked on the link "Contact us" (bottom of left frame) a mail window was opened (as it should) but there was no mail address filled in (as it should). Is this just a bug or is avsim.net a malicous copy of avsim.com?

 

Krister R

 

yes, avsim.com is normal to redirect to avsim.net as we own both domains and use both in our networking. You'd need to "allow" both in your firefox settings.

Tom,

 

Just wanted to update you that this morning I received not only another Malware alert, but a Trojan alert as well from the homepage. Like DJ mentioned, something (an ad?) is attempting to startup Java and may be the culprit.

 

Phil

 

Phil, thank you. Yes, both were occurring, and we have taken care of the problem. It was an ad that was recently brought online and is now removed. Please don't hesitate to send us alerts if anything else raises its ugly head.

Ok. Thanks John!

 

rgds

 

Krister R

John and Tom

 

Here's another one:

 

 

Seems as if when one is eliminated from your system, another one shows up... methinks someone's burrowed deep into the system.

Seems as if when one is eliminated from your system, another one shows up... methinks someone's burrowed deep into the system.

 

Alan, that appears to have occured just about the time we shut down the offending advertisement. I have just run a pretty lengthy reloading of cache and http and have not seen it appear. So, I am pretty sure that the single ad was the issue and that it is now gone.

Tom,

 

Thanks for the heads up. FYI I've noticed in the las few minutes that whenever Java initiates, the 'intrusion' attempts to root. It just happened again when I clicked on a link on the Front Page regarding a Notice for a Group Flight...

 

"Vertical Studios flight from Boulder, CO to Glenwood Springs, CO."

 

When my Java icon shows up on my Taskbar is when the 'festivities' begin!

 

Cheers!

 

Alan Nakamura

"Vertical Studios flight from Boulder, CO to Glenwood Springs, CO."

 

That links directly to our Calendar system and I have not been able to replicate the Java call.

Alan, that appears to have occured just about the time we shut down the offending advertisement. I have just run a pretty lengthy reloading of cache and http and have not seen it appear. So, I am pretty sure that the single ad was the issue and that it is now gone.

 

UPDATE: The Malware is still showing up on IE9 browsers. We are doing all we can to track down the source and remove it. Please, if you are an IE9 user, temporarily adopt an alternate browser. Also, this is a reminder that everyone should have and keep an updated virus, trojan and malware detection and deletion system on and operating while surfing.

UPDATE: The Malware is still showing up on IE9 browsers. We are doing all we can to track down the source and remove it. Please, if you are an IE9 user, temporarily adopt an alternate browser. Also, this is a reminder that everyone should have and keep an updated virus, trojan and malware detection and deletion system on and operating while surfing.

 

Just noticed this thread. I also received a similiar Norton alert at 12:54pm EDT today: "Severity High - An intrusion attempt by oneechozeroqw.dyndns.org was blocked". The details reported by Norton are very similiar to those by hodge001 and ViperPilot earlier today. At the time I was waiting for the PMDG 737 forum to load and decided to switch to the AVSIM Main page. It has not resurfaced in the past 30 mins on my PC.

 

Wonder if this is somehow related to the DNS malware issue that's in the news today.

All IE9 users should go to the internet options page of the browser manager and clear your caches... you will get the warning until you do.

 

DJ

Hi Tom

 

Firstly my thanks to both yourself and the rest of the team for acting so swiftly on this one, and just a very quick update of my own, when I opened Avsim this morning all seem to be well, with no warnings of any kind when using I.E.9. so it seem that you have tracked the issue down, well at least from my end it seems so.

 

Thanks again for the help.

 

Jim Hodkinson

Anyone reading...

 

May I ask you, to check the following directory:

 

C:\Documents and Settings\*user*\Application Data\Adobe

 

And look for the following 3 files:

• rxsupply.sys
  
• sp.dll
  
• fs.cfg
  

 

Thanks,

Rob