Some of you may have had your Anti-Spy Ware or Anti-Virus software go crazy on you when you attempted to access the "download OSRIC" link on the OSRIC website. It seems the company that we went through for our download page/counter recently added a peice of malware to thier counter to force popups past popup blockers back on Aug. 16th of 2006.

WE WERE COMPLETELY UNAWARE OF THIS.


We set up our counters with them back in June. I am sorry about the problems you may have encountered with the download counter.

The offending counter has been removed.

If you did get infected it was by EXP/Agent.B:

This is very new. In fact it was only discovered month by AV Professionsal. This malware is a javascript that forces popups past popup blockers. Its common name is Application.JS.ForcePopup.A but is also known as Trojan-Clicker.HTML.Agent.a, EXP/Agent.B, and Trojan-Clicker.HTML.Agent.a#22.

Its damage rating is very low and it is less than 10KB in size.
The JS also sets a cookie called PayPopUpAds, which is used for tracking visited websites.

To clean it from your computer, delete the cookie.
Run your anti-spy ware software of choice, install any new updates, then follow any instructions the program tells you.

Again, I apologize for any problems this may have caused. Since it was I, who installed the counter. It was not my intent to direct anyone to a piece of malware.

THE OSRIC pdf document is NOT affected and it is NOT infected.
It can be download as normal at http://knights-n-knaves.com/osric/

You will still be directed to a download page but the new page does not go offsite and does not and will not have any type of malware hidden in it.

 

Jerry Mapes, Co-Admin Knights & Knaves

31 Aug. 2006, 8:15am GMT