Virus on GenesReunited

[suey]

How is it that only some people had a problem and not others?.  I used GR last week and over the weekend with no problems at all.

I have AVG - ran a check, nothing!  but now I'm paranoid that I may have something nasty lurking in the bowels of my computor that it has not picked up. 

Suey

[Doctor Doomuch]

Hi Suey,
I think it depended on what part of the GR site you were accessing. In my case it was Messages, I don't know where other people were on the site when the problem occurred.
It made me jump I can tell you when the screen went red and then was interrupted by my antivirus suggesting I terminate immediately.
It's not paranoia to be concerned about the security of your info on your computer - if you continue to be aware of the risks and threats of infection, you are more likely to surf safely. My message is "stay sharp".

[suey]

Thanks Dr D .  I went in through the Home page, then into messages and trees..so I guess I'm OK.

Suey

[andycand]

Hi

How is it that only some people had a problem and not others?.  I used GR last week and over the weekend with no problems at all.

I think that there are a couple of reasons, first of all many sites seem to have some variable adverts so that when you log on you don't get the same ads each time. If only one ad was affected then you only had problems if that particular ad appeared. This meant it was a bit of a hit or miss as to whether you had trouble,

Secondly, as Christine of Portugal linked in an earlier message, it depended upon your IP number.

This particular campaign (rxalopecia) is coded to NOT trigger when the victim's computer falls within various IP addresses and geographical locations, including 213.161.0.0 - 213.161.255.255.

Note that GenesReunited has an IP address of 213.161.68.203

This means that if your IP was in the range above you didn't have a problem. It also explains why GR were slow to realise. They wouldn't have been able to replicate the problem as their IP address was within the range that were exempt from the problem.  I'm not too sure about the reference to geographical locations unless its that certain places such as some US states may have tough legislation and by exempting those particular States they bypass those laws.
Also, googling seems to indicate that GR and its associated sites are not the only ones to have been hit recently by this type of attack and by exempting certain IP addresses it slows down action by the sites that are hit thereby infecting more people.
 
Andy

[ankerdine]

My experience with the Trojan emanated from an e-mail from FRIENDS REUNITED on which I clicked to see what it was they were talking about. I did say GenesReunited earlier but I see them as one and the same site. Sorry! I no longer subscribe to FRIENDS REUNITED but I do to GenesReunited. After the warning message my computer anti-virus MacAffee did an unexpected scan so it seems that things are ok now.

Thanks for all your messages of support. It's encouraging to know what is happening.

Judy

[behindthefrogs]

My scan has for the last few weeks revealed a tracker cookie which it then removed.  Since GR deleted their advertisements yesterday this tracker cookie has not reappeared.

David

[wayfareralone]

Is everyone agreed that it is safe to go back onto GR now. 

I only logged on previously and had trouble so how do we know what is happening there?

[sueky71]

I've been on many times since, and had no problems 

[crystalight]

Is everyone agreed that it is safe to go back onto GR now. 

I only logged on previously and had trouble so how do we know what is happening there?

I have used GR over the last couple of days and it all seems ok

Crystal