Jump to content

Norton Security is detecting "malicious toolkit website 9"


Recommended Posts

I love my MAC!

Enjoy the relative safety while you can, since it's been proven time and again that Macs are not inherently more secure, they're just too small of a market to attract much attention from malware writers. If their market share ever broke into double digits, you'd almost certainly see an increase in targeted malware.

Link to post
Share on other sites

I also had a few bugs, one was major. I had a friend who told me about SpyBot and downloaded it. It fixed the problems. However I was still attacked!!! I think the problem comes from these adds above on the site.

I did notice a few things awhile back, doing a Goggle search on Guitars and You Tube on line blues courses, I started to see adds with guitars. Then doing a search while looking over new cars again car adds. There where others things that followed me over the time.

I believe that the adds or something follow me, maybe some of you as well…see for yourself.

I thought these adds were only temporary, not looking or starting up anything, just asking.

Happy Modeling,

Joe

Link to post
Share on other sites

Enjoy the relative safety while you can, since it's been proven time and again that Macs are not inherently more secure, they're just too small of a market to attract much attention from malware writers. If their market share ever broke into double digits, you'd almost certainly see an increase in targeted malware.

Yep. There's already malware out there designed specifically to target iOS (which is used to run the (i)Phone and (i)Pad). It's only a matter of time before there's a wide-spread virus attack on Macs, because there not inherrently more secure than Windows, it's just that there's not been the effort put in to find and exploit weaknesses due to the small market share.

As for the problem we've had here I recommend using an Ad Blocker. They're available for IE as well as Firefox.

Vince

Link to post
Share on other sites

I also had a few bugs, one was major. I had a friend who told me about SpyBot and downloaded it. It fixed the problems. However I was still attacked!!! I think the problem comes from these adds above on the site.

I did notice a few things awhile back, doing a Goggle search on Guitars and You Tube on line blues courses, I started to see adds with guitars. Then doing a search while looking over new cars again car adds. There where others things that followed me over the time.

I believe that the adds or something follow me, maybe some of you as well…see for yourself.

I thought these adds were only temporary, not looking or starting up anything, just asking.

Happy Modeling,

Joe

This is exactly what I experienced after cleaning my machine. My google and bing searches directed somewhere other than where I wanted to go.

Edited by Sig Saur & Son
Link to post
Share on other sites

I just got another warning from Avast that it had blocked a malicious program from being executed. It happened within 5 seconds of opening up the ARC main forum page. I did have other windows open but given some of the others posts, I am starting to wonder if there are not issues specific to this site?

Link to post
Share on other sites

I just got another warning from Avast that it had blocked a malicious program from being executed. It happened within 5 seconds of opening up the ARC main forum page. I did have other windows open but given some of the others posts, I am starting to wonder if there are not issues specific to this site?

I agree. But it only effects my win XP machine not the ones I have running win 7.

Link to post
Share on other sites

Ok there's still a virus bug in here somewhere. My anti-virus just caught one. Not sure which add it is but the one that was up when I got the alert was a Google add.

I'd like to hear from one of the Mods on this issue. Having a website that infects (or attempts to infect) your user's machine is a bit problematic.

Link to post
Share on other sites

It would be helpful if those who are receiving warnings would post said warnings and any other output they get along with what browser and version and what antivirus/malware/spyware and version they are using.

When I thought I had caught it here, I contacted Steve immediately. I also caught one from the Huffington Post's login screen. After reading all the similar stories here, I have concluded I may have caught the virus here. As I stated in an earlier post, the virus was proceeded by an Exploit.drop.2 Trojan Horse. My malware caught it immediately but apparently not before it deposited an executable file named sfg.exe. This file ran the Windows Security Scan scam/virus. I could stop it from running by closing it out in Task Manager. But it returned every time the computer was rebooted, plus, ping.exe starting running and ate up a terrible amount of my CPU. In safe mode, I was unable to run system restore but at least that gave me a date and time for the start of the sfg.exe part of the virus. In addition, I could not run or download any clean versions of malware, even in safe mode and as admin. I hunted the little sucker down in the hidden program files and deleted it. However, this screwed up my registry and none of my desk top links worked anymore. It's fixed now, thanks to my son who is a computer systems specialist.

I only infected my XP Pro Machine. It has not infected my Win7 64 bit machine. I was running security essentials and Malwarebytes at the time. Malwarebtyes caught it but Security Essentials did not.

Cheers,

Dave

Link to post
Share on other sites

In my case, while I haven't had a trojan drop in since that time, I have still been getting occasional site redirects, so something keeps trying to drop in. I've run Spybot Search and Destroy two times in the past 48 hours and it has detected five tracking cookies. Once I delete them, it takes care of the problem. Once I am done here, I'll run Spybot again to see if the same cookies pop up. Then I'll try something similar with one of the other websites I frequent.

Link to post
Share on other sites

I've been pondering this issue. I'll be honest.....at this point I have no info to offer. If it is the google ads...then why just the forum seems to be a the problem and not the ARC site.....both use the same Google ads.

It could be a specific ad that has problem codes......and we all see different ads depending on surfing history and where we live etc. So there "could" be a problem ad that wouldn't be affecting some of you but would be affecting other people.

I do find it hard to beleive there is an ad with a virus in it.....as the ads are stored on Google servers and I would think Google is pretty careful about running ads that are virus free.

I do not run Norton.....so I don't have the advantage of info that members running Norton have.

I'm currently running a scan of my machine with malwarebytes to see if my machine is infected....I run XP on all my machines.....my daughters run Win7 on their machine for added security.

I'm all ears if anyone has any suggestions on how I can proceed in this. I'm not a programer.....so I am all ears if anyone has any suggestions.

Link to post
Share on other sites

Ok....I just finished running malewarebytes and my machine checked out clean....and this is the machine I use to surf the ARC Forums and the ARC sites....as well as all my other internet surfing.

Link to post
Share on other sites

I too have caught the win 7 security 2012...on my work machine. I got it over lunch one day while in the real space forum. I have a 64 bit Windows 7 with McAfee on internet explorer, 8 I believe. (I felt terrible about infecting my work machine, but less so talking to the IT guy about it...both the president and sr vice president of the firm both got it from somewhere as well). I have 64 bit Windows 7 on my laptop at home on Firefox, running the free AVG software and have not had any issues on it.

I know didley about confusers...could it be something vulnerable to IE and not Firefox? Just my 2 cents...

David

Link to post
Share on other sites

I know didley about confusers...could it be something vulnerable to IE and not Firefox? Just my 2 cents...

David

That was what I was thinking, but someone replied to me earlier in this thread and confirmed they got it and were running Firefox.
Link to post
Share on other sites

That was what I was thinking, but someone replied to me earlier in this thread and confirmed they got it and were running Firefox.

That was me. Win 7 (32 bit) with all the updates, Firefox, Avast, AntiMalware and Spybot S&D. Still got it. Fricking pain in the butt to clean the mess up.

Link to post
Share on other sites

I picked something up from here this morning. Killed ESET and all of my malware programs. Now I can't access any programs through the start menu. What a PITA! Posting with my I am a spammer, please report this post. right now.

Ben

Link to post
Share on other sites

I haven't been able to find out what I got hit with. Finally got system restore running through command prompt, which has at least let me get malwarebyte running. I'll let y'all know if I turn up anything.

Ben

Link to post
Share on other sites

I haven't been able to find out what I got hit with. Finally got system restore running through command prompt, which has at least let me get malwarebyte running. I'll let y'all know if I turn up anything.

Ben

I've picked this one up five times in the last week (the "Win7 Antivirus" trojan or whatever it is). It closes all my internet windows and won't let me open Malwarebytes, but I found a trick suggested online that seems to work. Click on the date/time on your computer and set it a month ahead. For some reason this disables the virus long enough to open Malwarebytes. Have Malwarebytes do a quick scan and you'll be up and running again within ten minutes.

Hope this helps,

Scott Wilson

Edited by Scott R Wilson
Link to post
Share on other sites

True but it sounds like the same thing. The symptoms sound the same.

The symptoms of most viruses are the same, computer or real. :)

Maybe I'm skimming to much, but the only symptoms I'm seeing are setting off a antivirus/spyware/malware/etc. program or the computer not willing to work.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...