Malware warning - Re: Browsing for escorts <=== RESOLVED!

[bedazzled]

Working in the IT industry, I do take a few extra precautions when surfing the net that most people might not by using a few different tools that warn me of different potentially harming threats as I browse. [and I do my browsing from a virtual machine too, so if I do get infected, I can easily re-image the virtual machine easily enough]

Today, I was browsing recent postings and was about to check out JasmineJazz, and the moment I clicked on her website my browser reported the following message:

The website at www.jasminejazz.com contains elements from the site factoriacreativa.net, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer.

I thought I would share this information with the gang here. For all I know, it might just be that kind of malware that could get someone in trouble at work, or discovered at home.

I did attempt to warn Jasmine directly on here, but her PM box is full. When I was preparing my email to send to her hotmail account directly, I thought this matter should be posted a little more publicly, as a warning to the end users unaware. However, keep in mind that this notice is absolutely not intended to hurt Jasmine's reputation or business. She may not even know how her site might have been infected with such a malware element. I have sent her further information that might assist her in addressing the issue at the source.

For those interested, here is a link to a related reference to this malware:
Safe Browsing Diagnostic Page: re. factoriacreativa

All the best to you all...
...and practice safe surfing!

 

[bedazzled]

Malware Issue has been resolved!

Jasmine,

As I promised you in my last email to you (sent just a moment ago), I am letting everyone know I have validated that the condition has been rectified, and that I am no longer observing the report of the Malware condition in my browsing environment.

Sorry if I got your Webmaster got a bit worried and frustrated at not being able replicate the condition himself, but it appears he did right by you by contacting the Google folks and still getting it investigated. I am even amazed at how quickly the issue was addressed!

Mainly - I want to reassure everyone reading this thread that indeed, the issue has been addressed and RESOLVED! - They should no longer fear visiting your site.

I am absolutely glad I could help, and I will add that I enjoyed corresponding with you on this matter. The moment I posted this warning online to inform everyone, I knew there was a possibility you'd want to shred me to pieces in a dark alley. You were very amicable in your emails... actually make that delightful... So much so, I was thinking about digging in deeper for more issues just so I could deal with you further... I wish my clients, in the IT business, would react and interact with similar issues as you have!

I also thank everyone that read my posting... no one tried to take a bite off me in any way shape or form.

Happy safe surfing everyone!

 

[Balzzy]

Just another Warning, I was surfing TERB today and at some point was infected with a bad spyware that took over my computer. You get a message that says windows has detected spyware, but that is part of the spyware. An officail looking window comes up like it is a microsoft product Virus Scan 2009 or something like that and messes you up!!! I'm not sure what specific part of TERB infected me but I am pretty sure it came when I looked/opened something. I called the Microsoft Virus Help service and 2 hours later I'm up and going again..Just an FYI for everyone

 

[JohnC]

Just another Warning, I was surfing TERB today and at some point was infected with a bad spyware that took over my computer. You get a message that says windows has detected spyware, but that is part of the spyware. An officail looking window comes up like it is a microsoft product Virus Scan 2009 or something like that and messes you up!!! I'm not sure what specific part of TERB infected me but I am pretty sure it came when I looked/opened something. I called the Microsoft Virus Help service and 2 hours later I'm up and going again..Just an FYI for everyone

I got that from another website a few weeks ago, the very devil to get rid of!!

 

[bedazzled]

Anti-Malware recommendation...

I got that from another website a few weeks ago, the very devil to get rid of!!

Indeed... a devil to get rid of. My neighbor had the same one on the family computer. I found that Malwarebytes' Anti-Malware 1.28 (current version at the time) got rid of it easily. This particular anti-malware was recommended to me by a colleague then, and is freely available.

Version 1.30 is current version as of this writing: Malwarebytes' Anti-Malware 1.30 from Download.com

My neighbor has been without issues since. (but I'm secretly hoping he get re-infected soon! Me and my wife got a fantastic free meal accompanied by outstanding wines as a thank-you for having saved them from this malware!)

Cheers!

 

[fourteen]

I got that same fake dialog box yesterday

I got that warning and the official looking box telling me to update my virus protection. I might have been on a redzone site at th etime, can't remember exactly. I did not click on it as I suspected it was malware so thanks for confirming that it was!

It was even difficult to get rid of the dialog box - I think I had to shut down.
What kind of bastards are out there doing this?

It would be easy to be fooled by this one; perhaps another warning should be posted.

Regards,
14

 

[GlassesFan]

I never expected *this* would be the subject of my first post on the site, but just thought I'd add my 2 cents, as I work in the software industry and have specific knowledge of both spyware and i-frames.

It's extremely unlikely that you were infected by the site where you first saw the pop-up. The nature of adware (which is what it sounds like this was) is that it infects you on a site you don't trust (or sometimes via questionable software you download), then pops-up later, often when you're browsing a site that has similar content to the ad that comes up.

"Malware" is an all-encompassing term for viruses, worms, spyware and adware. Viruses and worms are generally protected against by anti-virus software, and spyware and adware need anti-spyware software. Some anti-virus companies are now including spyware and adware detection as well, but using separate tools is still considered the more reliable method of detection.

Absolutely no offense intended to BeDazzled's colleague, but Anti-Malware by Malwarebytes is trial software (you eventually have to pay for it), and while I'm sure it works fine, there are a few industry leaders who actually provide free versions to home users, such as:

Microsoft: http://www.microsoft.com/downloads/...-AFA4-F7F14E605A0D&displaylang=en&mg_id=10134
Spybot Search & Destroy: http://www.spybot.info/en/mirrors/index.html
Adaware: http://www.lavasoft.com/single/trialpay.php (make sure to select the free version)

Unlike anti-virus software, you can install and run multiple anti-spyware programs at the same time, though any one of these 3 will likely catch any spyware and adware on your system. My preference is Spybot for the extra capabilities it has, though you'll likely find Microsoft's to be easier to use if you're not too comfortable with computers.

On that topic, a fantastic free anti-virus is available from AVG at http://free.avg.com/.

By the way, for those wondering what an "i-frame" is, the quick explanation is that it's a portion of a web page that actually contains another web page inside it, often from a different web site. It is commonly used for showing ads or to allow an external company to maintain statistics on the site's visitors. Obviously it can also be used as a method of attack, since people will think they're only on one web site, when in fact they're actually on multiple sites simultaneously. An i-frame can only be added by someone with direct access to the web page source though, which either means the web designer (or someone at their company, if they're not a freelancer) or someone who successfully hacked into the web server.

In the case of Jasmine Jazz's site, it's likely that her web site designer purposely included the code for legitimate reasons, not realizing that the site he/she was linking to in the i-frame was infected, or that the site became infected after Jasmine Jazz's site was already linking to it. Other possibilities include that the server was hacked by someone who added the i-frame, or that the web designer was trying to make some money on the side from Jasmine Jazz's site without her knowing.

Sorry folks, I realize this was probably much more than my 2 cents worth. Hopefully it's of use and interest to some people though.

 

[lookingforitallthetime]

Sorry folks, I realize this was probably much more than my 2 cents worth. Hopefully it's of use and interest to some people though.

Thanks!

To back up GlassesFan's post, I also use AVG, adaware and spybot.

All free and work perfectly. So far (knock on wood) I've had no probelms.

 

[bedazzled]

Follow-up on the thread I started...

Absolutely no offense intended to BeDazzled's colleague, but Anti-Malware by Malwarebytes is trial software (you eventually have to pay for it), and while I'm sure it works fine, there are a few industry leaders who actually provide free versions to home users, such as:

Microsoft: http://www.microsoft.com/downloads/...-AFA4-F7F14E605A0D&displaylang=en&mg_id=10134
Spybot Search & Destroy: http://www.spybot.info/en/mirrors/index.html
Adaware: http://www.lavasoft.com/single/trialpay.php (make sure to select the free version)

Unlike anti-virus software, you can install and run multiple anti-spyware programs at the same time, though any one of these 3 will likely catch any spyware and adware on your system. My preference is Spybot for the extra capabilities it has, though you'll likely find Microsoft's to be easier to use if you're not too comfortable with computers.

On that topic, a fantastic free anti-virus is available from AVG at http://free.avg.com/.

Thanks GlassesFan... Though I don't agree 100% with it, you did provide valuable additional information to the home users...

I'll add that:
- Malwarebytes has never required me to pay/purchase it... but irregardless, Ad-Aware isn't any better... "only the paid version of Ad-Aware comes with a new antivirus engine. Only users of Ad-Aware's paid versions reap that benefit."

- Rating wise, Malwarebytes leads, Spybot S&D seconds, and Ad-Aware follows... [that was the case when I first brought up the topic, and ... look at that, still is today... according to http://www.download.com/] - All I'm saying is it is interesting to see how they're compared/rated by the Editors and the user community when we weigh our options with the available tools out there...

-Watch out though... Spybot S&D doesn't like to co-exist with Ad-Aware on the same machine, as I just found out recently. So, you can't necessarily have just any of these applications running together at the same time...

- I had defender for a long time... and it was totally unreliable then. Eventually, it just crapped out on its own. I thought I had read it had become unsupported a while back, so I never looked back on it.

AVG is not too bad... It certainly is better than nothing at all, I'll grant you that... I use it on several of my virtual test machines I don't want to spend $ protecting. It does not always manage to pick its update automatically - requiring a hand to get it past the update hurdle - but it's just as well: Spending a moment to help it get its update, I get to spend a bit of time reviewing its logs and operational events that most of us take for granted with most other virus applications out there [until the day someone manage to hijack the upgrade process and infiltrate wrongful definitions that would in fact make the computer think valid files are virus, delete them, and the computer dying with no forewarning at all... but I digress].

The fact of the matter is, there is no real solutions out there. The best you can do, is try to keep your internet access to a minimum on the machine you rely on to earn a living, and don't let others use that computer either. It is best to use a totally separate machine for internet plays and discoveries. If you suspect an infected site, do not hesitate to post and report about it.

I certainly don't envy those that require to spend their valuable time virus scrubbing their computers...

Enough for tonight... Like you, I too can get carried away.