广告优惠券DropDown [英] Ad couponDropDown

问题描述

我遇到了一个关于著名的现场广告恶意软件的问题，特别是 AdcouponDropDown.

I've got a problem concerning famous on-site ads malware, specifically Ad couponDropDown.

我知道这些广告通常是通过计算机上的恶意软件或作为浏览器插件创建的.然而，我的硬盘和我的 Firefox 都是干净的，但我很久以前创建的特定网站上仍然显示广告.

I'm aware that usually these ads are created via malware on computer, or as browser Add-on. However, my hard drive and my firefox, both are clean, but ads is still shown on particular website that I created a long time ago.

它作为随机生成类的 html 标签插入两个 div 之间.

It is inserted between two divs as html tag with random generating class.

网站在具有 iThemes 安全性(以前的安全性更高)的 wordpress 上运行 - 具有最新更新并且没有高风险问题.当我下载并更新插件时，广告本身消失了，但留下了空白容器和通过优惠券投放广告 | 关闭"链接.

Site is running on wordpress with iThemes security (formerly better security) - with latest update and none high-risks issues. As I downloaded and updated plugin the ad itself disappeared, but left blank container and "ads by coupon | close" link.

现在我通过 css 隐藏了中心标签.

For now I hid center tag via css.

感谢您的回复.

网站链接(斯洛文尼亚语):http://www.grasshopper.si/

Link to site (it's in slovenian): http://www.grasshopper.si/

推荐答案

我遇到了同样的问题.突然，我管理的一个网站上满是来自couponDropDown"的横幅.我的问题也不在于我的计算机中的本地病毒.

I had the same problem. Suddenly, a site I manage was full of banners from "couponDropDown". My problem was not about a local virus in my computer too.

这是我发现的，以及我是如何解决的:

Here is what i found, and how I solved it:

• 正如我之前提到的，我管理着一个 Moodle 网站，其他用户在该网站上管理课程.
• 在同一个人管理的两个课程中，出现了couponDropDown的噩梦.但不是在其他人.问题仅限于某个人的某些课程.
• 显然，这是那个人加载的内容，但不清楚它在哪里.

• 找了一会，在所见即所得的编辑器中，查看HTML源代码，发现了一些具有以下结构的scripts标签:

• As I mentioned before, I manage a Moodle site where other users managed courses.
• In two courses, managed by the same person, the couponDropDown nightmare appeared. But not in others. The problem was restricted to a certain courses from a certain person.
• Obviously, it was content loaded by that person, but it was not obvious where it was.

• After looking for a while, in the WYSIWYG editor, looking at the HTML source, some scripts tags having the following structure were found:

<p>Some HTML over here</p>

<script src="http://cdncache3-a.akamaihd.net/loaders/1032/l.js?aoi=1311798366&pid=1032&zoneid=10368"></script>

<script src="http://cdncache3-a.akamaihd.net/loaders/1032/l.js?aoi=1311798366&pid=1032&zoneid=10368"></script>

在整个过程中，都找到了那个脚本.这导致一些 iframe 被创建，并且来自 http://advertising-support.com/ 的一些内容被已加载.

All over the course, that script was found. This caused some iframes to be created, and some content from http://advertising-support.com/ to be loaded.

我猜你可能遇到了同样的问题.也许您在后端使用了 WYSIWYG 编辑器，并且该脚本已附加到其余内容，而您却没有注意到.

I guess you may have had the same issue. Maybe you are using a WYSIWYG editor in your backend and that script is attached to the rest of the content without you noticing it.

您可以分析您的数据库以查找该脚本(截至 2014 年 11 月 5 日，它仍然存在:)

You may analize your database looking for that script (and as of November 5 2014, it is still there :)

如果您好奇，只需在 html 文件中 C&P 这段代码并加载到您的本地服务器.使用开发人员工具，只需浏览新引入的 HTML.您会看到一些 iframe、加载 falsh 的对象、一些网络流量等，但没有显示实际内容:

If you are curious, just C&P this code in a html file and load with your local server. With a developer tool, just surf the newly HTML introduced. You will se some iframes, objects loading falsh, some net traffic, and the like but no actual content is showed:

<!DOCTYPE html>
<html>
<head>
    <meta charset="utf8">
    <title>couponDropDown test</title>
</head>
<body>
<p>Some HTML over here</p>
<script src="http://cdncache3-a.akamaihd.net/loaders/1032/l.js?aoi=1311798366&pid=1032&zoneid=10368"></script>
</body>

举个例子，我认为它很有用.据我所知，它是安全的！希望能帮到你！

As an example, I think it is useful. And as far as I can say, it is safe! Hope it helps!

这篇关于广告优惠券DropDown的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！