×
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
oldie
Contributor
Message 1 of 5

Unerwünschte Seiten vermeiden

Jump to solution

Hallo, sorry ich bin Deutsch, ich spreche nicht Englisch.

Ich Habe Ein Problem, this page ( http://static.ernmoneynow.com/ac/?z=1&ilmernzkvtaztusnt=002564845340DF77&pu=&s nm = & = & t = ilmern...) OffNet Selbst denBrowser und verlangt Eine Windows-überprüfung.

Wie Kann ICH das. verhindern?

1 Solution

Accepted Solutions
exbrit
MVP
MVP
Message 5 of 5

Re: Unerwünschte Seiten vermeiden

Jump to solution

oldie:  If you don't already have it I would add a translator to your browser add-ons.   Google Translator is good.

Oldie: Wenn Sie nicht bereits haben würde ich einen Übersetzer, um Ihren Browser-Add-ons hinzufügen. Google Translator ist gut.

View solution in original post

4 Replies
Peacekeeper
Message 2 of 5

Re: Unerwünschte Seiten vermeiden

Jump to solution

Hi, sorry I'm German, I do not speak English. 

I Have a problem, this page (http://static.ernmoneynow.com/ac/?z=1&ilmernzkvtaztusnt=002564845340DF77&pu=&s nm = & = & t = ilmernzkvtaztusnt) OffNet self denBrowser and requires a Windows check

Google's translation not the best however I gather you need the red rating reevaluated if so follow this method

here are the steps:

  1. Browse to www.trustedsource.org/en/feedback/url
  2. Recommended for website owners or anyone else who wants to be updated on the request status:  Create an Account and then Login
  3. Click on “Check Single URL” (since most re-evaluation requests would be for a single URL)
  4. Select the Product you are using – in our case choose “McAfee SiteAdvisor”
  5. Type in the URL you want to check
  6. Click “Check URL”
  7. Optional:  Choose up to 3 categories from the drop-down “Optional categorization suggestion:”
  8. Optional:  Leave an “Optional comment”
  9. Click “Submit URL for Review”
  10. If you created an Account (and logged in with it), a Ticket ID will be displayed, along with 3 options on when you will receive email (when the ticket isOpen, Reviewed, or Closed)
Hayton
Reliable Contributor
Reliable Contributor
Message 3 of 5

Re: Unerwünschte Seiten vermeiden

Jump to solution

No, I don't think so. This isn't a case of this-site-is-Red-please-make-it-Green.

The site URL (http://static.ernmoneynow.com/ac/) looks suspicious, and in fact it maps to another URL : http://hvvproduction.nfshost.com/ac/

All the scuzzy fix-malware-fast websites are full of instructions to remove this, whatever it is, but they don't have a name for it - they use the domain names above as their description.

Both of those names map to the IP address  208.94.116.244

https://www.virustotal.com/en/ip-address/208.94.116.244/information/

There appears to be a history of malware detections in different sub-sections of those sites. Now, it is .../ac/ which is the problem; last time it was ../bg/

This looks like an aggressive adware campaign, because there is some packed and obfuscated javascript on the site which Sucuri takes violent objection to (see HERE).

Our scanners identified a packed (encoded) javascript block related to the "runforestrun" malware botnet that has been compromising Plesk-powered servers.


Those links lead to multiple exploit kits affecting desktop (Windows) users. Additional details here: http://blog.unmaskparasites.com/2012/07/26/runforestrun-now-encrypts-legitimate-js-files/.


Affecting: Sites with Plesk outdated.


Clean up: Malware is hidden at the javascript files.

ESET is blacklisting both of those domain names) which are, in fact, the same site. It looks as if the site exists to switch users to advertising sites elsewhere, some of which may modify browser settings.

The decoded javascript has a number of references to "ads.yahoo.com" and "ask.com" so it would be best to run the usual tools :

AdwCleaner

Malwarebytes (Free version)

CCleaner (Free)

Peacekeeper
Message 4 of 5

Re: Unerwünschte Seiten vermeiden

Jump to solution

Thanks Peter the translation confused me.

exbrit
MVP
MVP
Message 5 of 5

Re: Unerwünschte Seiten vermeiden

Jump to solution

oldie:  If you don't already have it I would add a translator to your browser add-ons.   Google Translator is good.

Oldie: Wenn Sie nicht bereits haben würde ich einen Übersetzer, um Ihren Browser-Add-ons hinzufügen. Google Translator ist gut.

How Many Badges Can You Collect?
Ready for a little competition? Members like you are earning badges and unlocking perks for their helpful answers. Are you? Click here to find out.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community