Virus and/or malware warning when entering site
in [Security]
|
From: Belprice on 20 Jan 2010 04:40 I work for an online travel and leisure company and a few days ago peopele started calling us and saying we had a virus and/or malware , spyware warning popping up when they tried to get into the site. The message is below:............... Reported Attack Site! .......This web site at www.forcetravelclub.co.uk has been reported as an attack site and has been blocked based on your security preference. Attack sites try to install programs that steal private information, use your computer to attack others, or damage your system. Some attack sites intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners. END...... Our IT guy has run all the usual virus and spam/maware/spyware programs and they all come up clear. I was wondering if the reason for this may be that someone has hacked into our server and/or done something which makes this message come up. Also when you do a Google search for our site ( Force Travel Club) you also get a warning that the site may harm your computer if you go into it. Its causing us loads of problems and everyone who goes near the site gets these warnong messgaes and stay way clear. I would be very very grateful for any help or advise on how to deal with this problem Thanks in advance. JC
From: MowGreen on 20 Jan 2010 10:35 On Wed, 20 Jan 2010 01:40:01 -0800, Belprice <Belprice(a)discussions.microsoft.com> wrote: > I work for an online travel and leisure company and a few days ago > peopele started calling us and saying we had a virus and/or malware , > spyware warning popping up when they tried to get into the site. The > message is > below:............... > > Reported Attack Site! > ......This web site at www.forcetravelclub.co.uk has been reported as an > attack site and has been blocked based on your security preference. > > Attack sites try to install programs that steal private information, use > your computer to attack others, or damage your system. > > Some attack sites intentionally distribute harmful software, but many are > compromised without the knowledge or permission of their owners. > END...... > > Our IT guy has run all the usual virus and spam/maware/spyware programs > and they all come up clear. I was wondering if the reason for this may > be that someone has hacked into our server and/or done something which > makes this message come up. Also when you do a Google search for our > site ( Force Travel Club) you also get a warning that the site may harm > your computer if you gointo it. > > Its causing us loads of problems and everyone who goes near the site gets > these warnong messgaes and stay way clear. I would be very very grateful > for any help or advise on how to deal with this problem > > > Thanks in advance. > > JC > > For the Google warning see: FAQ: Malware and hacked sites http://www.google.com/support/forum/p/Webmasters/thread?tid=5078e3ae6fc0996a&hl=en " Q: My site has been labeled as "This site may harm your computer." What do I do? A: Clean up your site. If you don't know how to do this, contact your web host for help. Q: Google's search results say I have malware, but I can't find it! A: If you can't find malware on your site yourself, it's generally best to let the users in the Webmaster Help Forum help you to find it. Oftentimes, malware is somewhat hidden. " Malware and Hacked Sites section of the Google Webmaster Help Forum http://www.google.com/support/forum/p/Webmasters/thread?tid=5078e3ae6fc0996a&hl=en I tried to access the site using Firefox 3.0.17 and now see the "attack site" warning. It would be nice if you had included such information in your initial post. The advisory is provided by Google so just contact them for assistance in locating where the malicious content may be. http://www.google.com/safebrowsing/diagnostic?site=http://www.forcetravelclub.co.uk/&hl=en " What is the current listing status for forcetravelclub.co.uk? Site is listed as suspicious - visiting this web site may harm your computer. Part of this site was listed for suspicious activity 1 time(s) over the past 90 days. What happened when Google visited this site? Of the 4 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-01-19, and the last time suspicious content was found on this site was on 2010-01-18. This site was hosted on 1 network(s) including AS15418 (FASTHOSTS). Has this site acted as an intermediary resulting in further distribution of malware? Over the past 90 days, forcetravelclub.co.uk did not appear to function as an intermediary for the infection of any sites. Has this site hosted malware? No, this site has not hosted malicious software over the past 90 days. How did this happen? In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message. Next steps: Return to the previous page. If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center. " MowGreen =============== *-343-* FDNY Never Forgotten =============== banthecheck.com "Security updates should *never* have *non-security content* prechecked
From: David H. Lipman on 20 Jan 2010 10:45 From: "MowGreen" <mowgreen(a)nowandzen.com> < snip > | For the Google warning see: < snip > Site was WAS compramised. See Multi-Post in; microsoft.public.security -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: MowGreen on 20 Jan 2010 13:10 Got it. Darn multiposters !!! <w> It's a sad commentary when a law enforcement website doesn't understand how their site was hacked. MowGreen =============== *-343-* FDNY Never Forgotten =============== banthecheck.com "Security updates should *never* have *non-security content* prechecked David H. Lipman wrote: > From: "MowGreen" <mowgreen(a)nowandzen.com> > > < snip > > > | For the Google warning see: > > < snip > > > Site was WAS compramised. > > See Multi-Post in; microsoft.public.security >
From: David H. Lipman on 20 Jan 2010 13:16 From: "MowGreen" <mowgreen(a)nowandzen.com> | Got it. Darn multiposters !!! <w> | It's a sad commentary when a law enforcement website doesn't understand | how their site was hacked. LE site ? Looked like a travel club site. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
|
Next
|
Last
Pages: 1 2 3 Prev: administrator change or overide or removal Next: Looking for advice on PC Cloning? |