Malware Site?

Similar Messages

• Arc Solutions Forum redirecting to malware site

  Hi,
  Does anyone use the Arc Solutions forum for support on Cisco's CUxAC products?
  http://forum.arcsolutions.com/
  When I access it it redirects me to filestore72.info which is a dodgy malware site masquerading as a file sharing site. If I go back in the browser then click the link again it loads the forum page.
  I originally thought it was something dodgy on my PC but it happens on other PC's belonging to other companies that I use for work purposes and seems to happen across all browsers.
  Is anyone else seeing this?

  I have just logged into my account on the Arc forum and I have 4 private messages all of which are dodgy spam (we have detected your computer is infected, use this web proxy etc.)
  They seriously need to get their act together 

• WHY DO YOU HAVE DISTRIBUTED PROOFREADERS CANADA LISTED AS A MALWARE SITE. THEY PROVIDE EBOOKS TO PROJECT GUTENBERG

  Firefox 15.0.1
  You are identifying Distributed Proofreaders of Canada as a malware site. They provide ebooks via distributed proofreading to Project Gutenberg and Project Gutenberg Canada. THIS IS A VICIOUS FALSE POSITIVE!
  YOU NEED TO IMMEDIATELY RESCIND THIS IDIOCY.

  Mozilla uses the Google Safe Browsing service to provide that security feature and Google is responsible for maintaining that list.
  *http://www.mozilla.org/en-US/firefox/phishing-protection/
  *http://code.google.com/apis/safebrowsing/safebrowsing_faq.html

• My Adobe Muse website- Suspected Malware Site.

  My Adobe Muse website has a warning - Suspected Malware Site. Any ideas on how to resolve this...

  The site is hosted through business catalyst: northstarconservancy.org. I've had no issues with this website in three years and have been able to edit and publish with no problems. It shows a server error and says to check my network connection. I noticed that adobe was working on their server the night before I had this issue, so I will probably have to call the tech support and see whats up with it, since it seems related. Thanks, Amanda

• What happens when i get a suspected malware site warning

  Got a message when looking through images of things on google when I looked up a picture a suspected malware site warning poped up.  Should I be concerned or do anything about it.  I dont know if theres a disk clean up or not for macs.

  https://discussions.apple.com/message/12630513#12630513

• Automatically Returning to Malware Sites? Why?

  When I come across a site online that seizes control of my desktop and tries to get me to download a phony antivirus or other malware, and it freezes things and won;t let me click on anything but its 'OK' button, I have to do a hard reboot to clear it, then do a System Restore to make sure nothing has gotten into my system. But then, after all that, the first time I open Firefox again it automatically goes right back to that malware site and the whole things starts over again.
  Can Firefox be set NOT to return to a site it was visiting when a hard reboot or crash takes place? Can it be made to ALWAYS go to my home page when starting up?
  Thank you,
  Lora

  Howdy OatsaMae,
  It sounds like your screen is flashing unexpectedly on you for some reason. I would recommend this section from the following article to help you get that resolved, named:
  Apple computers: Troubleshooting issues with video on internal or external displays
  Reset the system
  You can reset the Mac's parameter RAM and SMC. 
  Reset the resolution
  Start by resetting the Mac's parameter RAM. If the display does not come up, was previously set to an unsupported resolution, and still results in no video:
  Start up in Safe Mode.
  From the Apple () menu, choose System Preferences.
  Choose Displays from the View menu to open the preferences pane.
  Select any resolution and refresh rate that your display supports.
  Restart your computer.
  Thank you for using Apple Support Communities.
  Take care,
  Sterling

• Safari reporting my salon site as a Malware site?!

  HI,
  Safari thinks that our site is a malware or phishing site. When various customers try to open our site on safari 4, they are receiving a error message and cannot open the site. We need this to be removed so that all customers can view our site.
  Apple customer service was not helpful and I am trying to find a way to get our site off this blacklist.
  http://www.stuarthirsch.com
  Thanks very much!!
  Salon

  Safari uses a database maintained by Google to warn about suspicious sites. This means Google has taken a look at your site and determined it has a problem. I would definitely have someone who knows about this sort of thing take a close look at the code for your site. It may have been compromised recently. Did you produce this site yourself or did you pay someone to do it?
  I clicked on your link and received the same warning. That warning screen also contains a link to Google's diagnostic site with specific information on your web site. It says Google has not checked your site in the last 90 days and it is not currently rated as suspicious. Safari's database update could be out of date. The Google diagnostic site also has a link to request a re-evaluation of your site.

• Anti-phishing, anti-malware site blocking not working after settings to enable

  Tried the anti-phishing and anti-malware test pages with correct security settings as directed; they both load fine--which they shouldn't!

  I would purchase a recover disk set from HP or an HP Partner.
  Is was sold with a recovery partition capable of producing a set of recovery disks. When it was set up, the notebook asked if you were ready to make a set of recovery disks. Unfortunately, it would have been less expensive to pay attention to what it said. A disk set will cost around $20-30.00.
  ****Please click on Accept As Solution if a suggestion solves your problem. It helps others facing the same problem to find a solution easily****
  2015 Microsoft MVP - Windows Experience Consumer

• How do I block a known malware site

  I keep getting this pop-up which my anti-virus says contains an exploit. How do I block this site?

  Depends on your anti-virus. Most of them have the option to block a given site (look in the "Settings" menu), but you can also block it with your firewall.
  Firefox though is just a browser: it doesn't have the ability to block sites.
  What I suggest you do is to download the free version of Malwarebytes from http://www.malwarebytes.org/products/malwarebytes_free and then run a full system scan.
  You also need to update your plugins because several of those are out of date which potentially exposes your system to attacks of the kind you're experiencing at the moment. You can check which ones you need to update by visiting the [http://www.mozilla.com/en-US/plugincheck/ Plugins Check] page.

• After a malware attack last week that rewrote my registers I had to restart from a restore point. The problem is now when firefox wants to update, it want to use the site that contains malware. I need to reset it to the proper site how do I do this?

  My son was using the cpu at the time of the first attack. He got it cleared out and working. A day later it hit again when I was using the computer. As soon as I saw the fake virus scan I brought up taskmaster and stopped it. Almost immediately it started running again so I stopped it a second time. When I did, it shut down windows explorer. The only thing that would run was the malware. I brought it up at a restore point and it ran normally. This cycle has been repeated several times.
  Both Avast and SpybotSD will find and delete the malware, and both of these update normally. I think that when firefox updates itself, it is requesting data from a malware site rater than from you. How do I reset this?

  Try this:
  #Go to '''Tools '''| '''Options '''| '''Advanced '''and click the '''Network '''tab.
  #In the Offline Storage menu, click the '''Clear Now''' button.
  #In the location bar, type '''about:config '''and hit Enter.
  #In the filter at the top, type: '''keyword.URL'''
  #Double click it and remove whatever's in there. You'll see it revert to "Default" and "String".
  #Go to File | Exit
  #Restart Firefox and go to the page you want to set as your homepage
  #Go to '''Tools '''| '''Options '''| '''General'''.
  #Make sure it says "''Show My Homepage''" in the first dropdown menu.
  #Click the button called "'''Use Current Pages'''" to set the homepage to the one you have on the screen.

• Can anyone advise on the harm of this malware?

  Yesterday googled "George Stephenson £5 Note" to get information about the previous UK banknote that has not been legal tender since 2003.  The sixth website in the search results is some sort of malware that starts warning you your computer is infected and appears to start scanning your hard drive. Annoying enough - but it also starts putting files into the download list.
  I was concerned this may be spyware and eventually have downloaded for use the 30 day trial of macscan.  This has found nothing - but takes hours to do. Even though I still have the last one of these downloads in trash, so maybe it is not Trojan Spyware.
  I have sent a message to goggle about this malware site and tried to find anyone else to report this to but have failed to find anyone who will investigate.
  So I attach the link to the website below in the hope that someone is expert enough to cope with this and tell me what it is.  PLEAE DO NOT USE THIS LINK UNTIL SOMEONE COMPETENT HAS ADVISED ON HOW HARMFUL IT IS - IT IMMEDIATELY STARTS DOWNLOADING FILES TO YOUR MACHINE: -
  www.fashmedia.co.uk/clients2/george-stephenson-5-pound-note

  You need to get that junk off your computer, if you accepted the download and install. Apple has information and instructions for removal:
  http://support.apple.com/kb/HT4650
  For additional information, see also:
  http://www.reedcorner.net/news.php/?p=138  
  http://www.reedcorner.net/guides/macvirus/ 
  It doesn't matter where you are located, by the way; that's not relevant to the issue, and your firewall won't help in this circumstance if you approve the download and install yourself, though you may be tricked into doing so.
  If the message is just popping up when you web surf and you aren't allowing a download and install, then you are just encountering a hacked web site (which may not be the one to which you post the URL; it doesn't when I go there) that has the ad for that fakeware.
  Regards.
  Message was edited by: Dave Sawyer

• How do I add a site as "trusted" inFireFox 5

  Other browsers, and some anti-malware sites I have used have said, "make a site trusted, and that should fix your problem".

  You don't. Never change the trust settings of any certificate unless you created it yourself. That's just about the most dangerous thing you can do with a computer. The IT staff at work has to fix the site.

• Safari SSl Issue with Online Grading Site

  I manage a department that offers grading of exams online. Users supply their answers and have the server grade the submissions.
  We randomly have an issue where Safari users will have their exams graded incorrectly. Basically failing the student even though they have supplied the correct answers.
  When we have them resubmit the same answers in IE for Mac the server correctly grades the exam.
  This issue is not consistent. Some exams grade correctly in Safari and some do not.
  Any advice would be appreciated.

  Hmmmm....
  via MacWorld:
  Nothing in Apple’s ridiculously minimal release notes suggested that this feature existed. But this time, the company’s intransigence in telling you what it has changed in the software you use may have further consequences. How Safari could “know” about these phishing and malware sites raises all kinds of interesting questions. Now we can tell you with reasonable confidence how it all works—but because Apple has not done the same thing, we cannot say with certainty that it is completely private, or that Safari is not sending information about the pages you visit to a third party.

• Safari privacy issue with "fraudulent site" option?

  If one uses the "Fraudulent sites" option in Safari, does Apple or Google know each and every website you visit?
  In other words, does a database download to your computer and the websites you visit are checked against it locally.  Or, does every website you visit get reported and checked against an external database at Google or Apple, etc.?
  If it's the latter, I think this has far too much potential for privacy abuse.  I've searched around for information on this, but have run into dead ends.  Is there an expert here and/or someone who has information on just specially how the " "Fraudulent sites" option in Safari works in this regard?

  Hmmmm....
  via MacWorld:
  Nothing in Apple’s ridiculously minimal release notes suggested that this feature existed. But this time, the company’s intransigence in telling you what it has changed in the software you use may have further consequences. How Safari could “know” about these phishing and malware sites raises all kinds of interesting questions. Now we can tell you with reasonable confidence how it all works—but because Apple has not done the same thing, we cannot say with certainty that it is completely private, or that Safari is not sending information about the pages you visit to a third party.

• Defense: Malware targeting Mac's

  Mac's users running any browser with JavaScript turned on by default are vulnerable to being tricked into clicking on a trick image and/or link.
  That image may appear to be a standard OS X window with a close box or the typical OS X looking window asking a question with OK or Cancel. It can look like anything really, it's purpose is designed to get you to click anywhere on it and initiate a download to your computer.
  Safari tries to be helpful and "Open Safe Files" by default, which is being used with numerous success to run code on one's machine, by bypassing the normal user action of 'open the downloads folder and then clicks on the download to run' process in exchange for convenience.
  Most Mac's are used with one person, and the initial setup of a new Mac (or a new OS X install) is the first user is automatically a Administrator User. Running one's typical day to day use while in Admin User mode gives any code running on one's machine more privileges and access than it would receive if the user of the computer created another OS X account and ran most of their computer use as a General User.
  The ultimate access for rogue code would be Root User, which on Mac's is turned off by default, however a temporary access window to Root User is allowed when a Admin User provides his or her Admin Password. Once rogue code gets Root user access, it's all over, OS X is completely compromised.
  The key to security on a Mac, or any computer system actually, is a process called "Compartmentalized Security" where the more privileges code receives, the more it's subjected to time and scrutiny to determine it's legitimacy.
  Web browsers are the forward troops facing a overwhelming enemy, the World Wide Web. Not one modern web browser is 100% safe, not Safari, not Firefox, not IE, not Chrome, not Opera. Neither are plug-ins or scripts that run within these browsers 100% safe.
  So the key to maintaining security is to provide a high level of "Compartmentalized Security" steps which shifts the exploit potential further down the privilege level so it can't do much of anything or gain further access.
  People can get carried away with downloading and installing software in a rapid fire manner, this provides a ripe opportunity for malware to get onto one's computer, even gaining root access right away.
  So in order to provide better compartmentalized security, provide more time and steps before potentially installing rouge code. I suggest the following actions:
  1: Run most of your day to day computer use as a General User with less privileges. This can be done by creating a new Admin User, logging out of the present user and into the new Admin User, then turning the first user into a General User.
  Whenever certain actions are needed, like accessing the Application's folder (where programs can be changed by malware) a Admin Name and Password will be required. A small hassle, but it provides another step for it to get past.
  2: Use Firefox web browser and the following Add-ons: NoScript, Ad Block Plus and Public Fox.
  Under the Toolbar customization, drag the NoScript button to the toolbar. NoScript turns off all scripts and plug-ins by default, which if you trust the site your on, you click the button for turning them on and the page automatically reloads.
  In Public Fox preferences, set a password on downloads, this way a popup window appears before any download occurs, keeping malware from sneaking into your downloads folder and potentially being clicked on.
  With Ad Block Plus, subscribe to the Easy List which automatically appears in the browser window. This will auto-update to keep advertising, which has been used numerous times as a attack venue, from appearing.
  Click&Clean, Ghostery, BetterPrivacy, FlagFox, WOT, HTTPS-Everywhere (from the Electronic Frontier Foundation) are also highly recommended add-ons.
  3: In Safari preferences, turn off "Open Safe Files" install the Ad Block Plus add-on and the Click2Flash add-on. If any add-on appears in the future to simulate what NoScript and Public Fox does on Firefox, then enable those add-ons.
  4: Check the staus of your browser plug-ins. These websites makes it easy, bookmark them in a obvious place so you remember to visit them routinely. As soon as a vulnerability appears, either update or turn off the affected plug-in in your browser until a patch is issued.
  https://www.mozilla.com/en-US/plugincheck/
  https://browsercheck.qualys.com/
  5: If you enjoy surfing the backalleys of the Internet and you have at least a decent dual core Intel based Mac, I'd highly advise installing the free VirtualBox and loading a free ISO of Linux Mint DVD 32 bit 10.10 (most consistent and easy to use, everything included, Linux distro)
  http://www.virtualbox.org/
  http://www.linuxmint.com/download.php
  The object is to load and install Linux Mint into the virtual machine like installing a operating system onto a regular computer. Once completed, then save a snapshot to revert to after your Firefox browsing session (in Linux) is completed. All and any potential malware, caches etc is flushed when you revert the entire guest OS back to the earlier state. Keep the Guest OS updated via the Software Update option and save a new snapshot.
  6: Use common sense, if it don't look right, then stop and flush the OS X based browser from memory via the Apple > Force Quit menu.
  7: Install the free ClamXav, it will remove the OS X malware it knows about, offering some after the fact defense and Windows malware from their files.
  http://www.clamxav.com/
  I don't advise a full time, always on and running anti-virus solution for Mac's due to Apple's tendancy to change the underlining OS themselves to thwart potential malware. So something like Norton which maintains tight control over OS X should be avoided.
  Malware on Mac's are a scarce thing because of Apple's top down approach, but trojans are a potential attack venue and people need to insure more steps to avoid being tricked.

  Thomas A Reed wrote:
   That causes problems for some apps, which won't run on anything but an admin account or on the account they were installed on.
  Then the programs need to be reinstalled for "All Users" which most do now by default or reinstalled for the new Admin account. Since the previously Admin is now a General User, it's not a issue. If the program needs Admin/Root access the user should be made aware of that fact and understand they just elevated privileges to a most dangerous level.
  Linux has a security key that displays in the menu bar that one has opened a "sudo window" which any code run during that time can have Root level access. Of course OS X has no such warning.
  And it's not a guarantee of security - a user who gets in the habit of authenticating to admin to install stuff from their Standard account is no safer than the user who gets in the habit of authenticating to install from their Admin account.  This is a good general suggestion, but may not work for everyone and provides practically no real security against "social engineering" by itself.
  The only guaranty of security is unplugging the power from the computer and tossing the machine into a pit of molten lead.
  The user is rarely installing/uninstalling or making such drastic changes to their machine that entering their Admin name/password is such a burden. Those rare folks who do reside in that realm or even for a short duration, log into the Admin User from the start and competent enough to know the difference anyway.
  Again, using things like these won't protect you by themselves.  How do you know if a site is trusted and should have JavaScript turned on?  And most folks are finding this malware via trusted sites that have had malicious JavaScripts "sneaked" into their code, through malicious ads or search engine optimization poisoning.  How can you know if your trusted site is affected?  And, given how much this malware has been jumping around over the last week, I seriously doubt Ad Block Plus can keep up.
  Well your LESS protected without them. So far the NoScript "web cop" Add-on has protected Firefox users from the MacDefender trojan by not allowing Javascript to run by default.
  Even if a trusted site has the malware and one turns off NoScript for that site, then Public Fox (with a password block on downloads) stops any automatic download from occurring.
  Ad Block Plus defends against advertising which has been used as a malware vector. It provides the option to whitelist  favorite sites which trust has been established by the user.
  Again the reasoning here is to provide a "security guard" approach, nobody gets in without approval.
  I'd highly advise installing the free VirtualBox and loading a free ISO of Linux Mint DVD 32 bit 10.10
  That is not a realistic suggestion for the average person, who will have neither the desire nor the knowledge to run Linux.
  Well note that I placed a condition on that advice, "if one likes surfing the backalleys of the Internet" as all browsers are venerable to some extent from direct website intrusions. So another "compartmentalization" level is required for sites that are prone to that sort of behavior which use images or warz as click bait.
  And mind me saying Thomas, it's rather presumptious of you to dictate what another would like or not like.
  Remember Apple opened the door to multiple operating systems running on their hardware, the PPC days are long gone, a brave new world is here where one can run all the major operating systems on one machine.
  Heck, Steve Jobs even used Linux on his Pixar renderfarm, I bet his MacPro runs everything under the sun just like my 17" Quad does.
  Apple is the second largest grossing corporation in the world next to Exxon, professional IT people like myself use Mac's now because of their ability to run all major operating systems. It's looking rather sad showing up to the job dragging a ugly bulky Dell when one can have a slim sexy looking silver MacBook Pro.
  So no need to get fan boy defensive any longer.
  Note that even folks with Safari's Open "safe" files after downloading option turned off have been affected by opening the installer manually.  And some have been alerted to the presence of malware by the automatic appearance of the installer.  I'd still agree, though, but would add that you should keep your Downloads folder cleaned out, so that any suspicious items that turn up will be easily recognized, and not mistaken for something you downloaded earlier. 
  As to Click2Flash, I think nobody should be on the web without it!  I don't trust Flash as far as I could throw Adobe.
   This should have been #1!  AV software has struggled to keep up with all the variants of MacDefender, malware sites move on sometimes an hour-by-hour basis and malicious code sneaks into trusted sites.  In all, no automated defense tool will protect you from a new threat...  only your "wetware" can do that!
  Well at least we agree on something, I actually don't approve of anyone using Safari AT ALL, because of it's lack of a NoScript option and failing every Pwn2Own contest.
  But there are those who will, by stubborness or brand loyalty, will continue to use Safari so I recommend at least a partial security solution.
  And since the MacDefender trojan uses Javascript, not Flash, Click2Flash offers little protection, just another preventative measure against other attacks.