Personally I still run 1.9.24 for this very reason. Give me a PayPal button instead of ads and I'll gladly give you some money.
I doubt that it could have infected this guy's system. All he said was that his anti-malware filter detected it and blocked it. According to the link the trojan is an executable, how exactly was it going to be executed?
But, on the plus side, it was another opporunity for you to suggest the donate button again, rofl.
Forgive me for mentioning that it is not beyond the realm of possibilities for an image to execute arbitrary code on a pc just from being RENDERED. In fact, this has happened not so long ago with an exploit in the ATI graphics drivers.
For all the good things one can say about WAU, I definately agree with kingfish. I think it's a true shame that any application goes closed source for whatever reason and even more so when they start adding advertisements. As the author of NetherPanel I can assure you it will always remain open source and entirely ad-free as a policy.
Ps; you can probably also just modify the hosts file and add something.com 127.0.0.1 to prevent WAU from reaching the ad server. Could achieve the same without patching.
The source is of course open - look at the top of the forum. There is the source, along with the updated rules for its use.
It was "officially" closed due to Kingfish himself. You can see the previous posts on the topic. I have a personal distaste for this guy, so don't pat him on the back please.
The ads were requested by the site admin of wowace.com in order to support the traffic WAU was generating. If you were asked to do add them, you would say no?
All you ever had to do was add http://files.wowace.com to the restricted sites list in IE. This disables scripting which is required for the embedded IE control to navigate from the hardcoded URL that is used, something which has to occur before the initial page has finished loading.
Yeah today when I opened WAU, IE opened automatically and redirected me to a website which tried to download a Trojan without user input. My AV program stopped the connection thankfully. Just a heads up...
I will reiterate what I said before. I am thankfull for mods such as WAU to ease our lives but I dont think its worth the risk. Stick to a batch files, the svn, or just the files download page it might be a bit slower but its safer and it will teach you what you want to update and when since most mods dont need updates to often.
However, after the uproar over the ads I stopped committing to the SVN on sf.net since people were planning on forking the project to remove the ads (which I felt was distasteful), i didnt feel I owed them the courtesy of easy access to source from the lastest versions.
My first post on these forums is in that thread (where I asked where the current source is,) you're saying it was closed due to me, but you had closed it before I'd even registered... riiiiight...
Consider this a drama warning guys. I'm not locking this thread... but keep the conversation to the topic subject, take the ads/closed source/whatever debate somewhere else... or better yet just drop it completely due to the fact that WAU is dead BECAUSE OF IT.
Any further post not directly pertaining to the trojan report will be deleted from this thread.
Now, a request from me... there's plenty of people using WAU... could we get a confirmation from someone with a post count higher than 1? (I'm not saying I don't trust the users that may be reporting a legitimate issue, I'm just saying this whole thing looks suspiciously like an attempt at flamebait).
My apologies for putting this in the wrong forum, looks like it fits better here. This isn't bait, nor is it a ploy to get people to click hence why I removed the link from the Avast! log...but since this debate is about not using the ads supported version of WAU, I'll just keep this information to myself and avoid the flame wars/"use something else newb" posts.