PDA

View Full Version : Exploit Rogue scanner



susan-y
10-02-2010, 10:58 PM
Hi computer techies...
Please tell me what I can do about this. Everytime I log on to Genes Reunited I get this message from AVG. I understand because it has been blocked the threat isn't getting on to my computer, but it is annoying and time consuming. Would GR not be aware of this problem?

quote
Acessed file is infected
Threat was blocked!
file name: 89.248.171.66/index.php?affid=92005

Threat name: Exploit Rogue scanner ( type 1027 ) quote


http://smileys.on-my-web.com/repository/Computer/computer-29.gif
Thanks
Sue

Lincoln Lad
11-02-2010, 2:03 PM
Hello Sue, it would appear to me that you have an malware infestation of some sort that is redirecting your browser.
The site IP address for GR (from Whois) is 213.161.68.203 , not 89.248.171.66.

Have you run MalwareBytes or Adaware or Spybot at all to see if infected?

susan-y
11-02-2010, 6:27 PM
Hi Lincoln Lad....
Thanks....
The answer to your question is "no"! I just run virus protection and checking and when I do that it says all is well. My question is why would this only happen when I try to access Genes and not any other site and are any of the above free to download? Sounds like its time for my son-in-law to pay me a visit:)
By the way " Malware infestation" sounds really creepy..makes the skin crawl!!
http://smileys.on-my-web.com/repository/Animals/insect3.gifhttp://smileys.on-my-web.com/repository/Animals/insect3.gifhttp://smileys.on-my-web.com/repository/Animals/insect3.gif

Sue

Peter Goodey
11-02-2010, 7:42 PM
" Malware infestation" sounds really creepy

Every bit as nasty as it sounds.

v.wells
11-02-2010, 8:21 PM
I had the exact same thing happen when I was on Genes twice in the last couple of days. I just clicked it off. Quit the page and then opened it up again. I think it is a plug add-on with their speil about upgrading to a newer browser such as IE8, Chrome, Firefox and Safari. It is really irritaing, but I ignore it as my anti-virus protection is doing its job just fine.

v.wells
11-02-2010, 8:26 PM
Hello Sue, it would appear to me that you have an malware infestation of some sort that is redirecting your browser.
The site IP address for GR (from Whois) is 213.161.68.203 , not 89.248.171.66.

Have you run MalwareBytes or Adaware or Spybot at all to see if infected?

Lincoln - How do you find the site address? All that show is the url :confused:

Lincoln Lad
11-02-2010, 10:21 PM
Hi Vanessa,
If you google whois it will bring up a site where you can search on the address or domain name and it will give you all UK details held such as server address etc.

Keith

v.wells
11-02-2010, 10:53 PM
Thank you Keith - I'll give it a whirl. :) I have just downloaded Firefox and am testing it to see how I like it or not. Another learning curve for me :confused:

Waitabit
12-02-2010, 12:56 AM
Do let's know Vanessa, what you think of it, seems popular with several members here, but I'm wary of such changes to what is not really 'my' machine.

susan-y
12-02-2010, 1:40 AM
I had the exact same thing happen when I was on Genes twice in the last couple of days. I just clicked it off. Quit the page and then opened it up again. I think it is a plug add-on with their speil about upgrading to a newer browser such as IE8, Chrome, Firefox and Safari. It is really irritaing, but I ignore it as my anti-virus protection is doing its job just fine.

Aw, Vanessa... at least I know I'm not alone! it happens on the computer in the office as well and it has even better security ( I think) than I have at home.
I have Fire fox on the office computer..works fine for searches.....

Sue

v.wells
12-02-2010, 2:04 AM
Having some trouble with viewing ancestry images but son says he'll sort it out for me. Gmail showed on the igoogle home page but doesn't show on igoogel on IE7. I will have to take time tomorrow and sort it out. Survivor's on at the moment.

v.wells
12-02-2010, 3:08 PM
Hi computer techies...
Please tell me what I can do about this. Everytime I log on to Genes Reunited I get this message from AVG. I understand because it has been blocked the threat isn't getting on to my computer, but it is annoying and time consuming. Would GR not be aware of this problem?

quote
Acessed file is infected


Threat was blocked!
file name: 89.248.171.66/index.php?affid=92005

Threat name: Exploit Rogue scanner ( type 1027 ) quote


http://smileys.on-my-web.com/repository/Computer/computer-29.gif
Thanks
Sue

I emailed genes support/feedback yesterday and I got a reply THIS MORNING! Talk about fast! They said to copy the url and paste it into an email to them as they will deal with it immediately. They had tried to replicate it but couldn't.

So when in doubt contact them.