CF Website Flagged as Dangerous

[Therapy]

Same here.
But now seems OK.

Maybe I am infected and spreading it now.

[mintyspilot]

Quote:

Originally Posted by Therapy

Same here.
But now seems OK.

Maybe I am infected and spreading it now.

All very strange. I tried loading CF via Google in case Google's search function tagged CF, but nothing so far. I'll check again in the morning.

[Bash]

i just accessed CF via a MacBook Pro using Firefox with AdBlock, and didn't see any warning messages.

[DeepFrz]

I'm also using FF and AdBlock plus. I just got the one message and MS SE removed the exploit. It is a windows thing so you wont see it on Linux. Surprise, surprise.

Also running Win 7 Pro and Security Essentials.

[Vasco]

Nothing using Chrome.

[Bash]

Quote:

Originally Posted by DeepFrz

I'm also using FF and AdBlock plus. I just got the one message and MS SE removed the exploit. It is a windows thing so you wont see it on Linux. Surprise, surprise.
.

Yeah, the computer I got the message on was running Windows.

Uh oh, DeepFrz. The malware changed your avatar duck into a cat.

[DeepFrz]

Quote:

Uh oh, DeepFrz. The malware changed your avatar duck into a cat.

That's just my fuzzier, softer side...

[oldbilbo]

My Sophos a/v picked up a malware transfer from CF earlier today - Mal/HiLoti-D.

The file was isolated.

A deep clean might be warranted at CF Towers....

[Zednotzee]

I had the same problem when I first logged on. IE8 & Nod32. Here's the URL's related to the problem:

9/15/2010 7:07:02 PM HTTP filter file http://sentumi.co.cc/sentumi7/files/j.jar multiple threats connection terminated
9/15/2010 7:07:02 PM HTTP filter file http://sentumi.co.cc/sentumi7/files/j.jar multiple threats connection terminated
9/15/2010 7:07:01 PM HTTP filter file http://sentumi.co.cc/sentumi7/files/java.jar probably a variant of Win32/Agent.BODRIGH trojan connection terminated
9/15/2010 7:07:01 PM HTTP filter file http://sentumi.co.cc/sentumi7/files/j.jar multiple threats connection terminated
9/15/2010 7:07:01 PM HTTP filter file http://sentumi.co.cc/sentumi7/files/java.jar probably a variant of Win32/Agent.BODRIGH trojan connection terminated
9/15/2010 7:07:00 PM HTTP filter file http://sentumi.co.cc/sentumi7/files/java.jar probably a variant of Win32/Agent.BODRIGH trojan connection terminated
9/15/2010 7:07:00 PM HTTP filter file http://sentumi.co.cc/sentumi7/files/j.jar multiple threats connection terminated
9/15/2010 7:07:00 PM HTTP filter file http://sentumi.co.cc/sentumi7/files/java.jar probably a variant of Win32/Agent.BODRIGH trojan connection terminated

Since they are all Java related, suggest you disable it. Looks like the problem originates from a 3rd party advertisement to me.

[Therapy]

I just noticed right after that I have the windows update shield telling me to install updates.

Security Update for Microsoft Office 2003 (KB2288613)
Windows Malicious Software Removal Tool - September 2010 (KB890830)
Security Update for Windows XP (KB981322)
Update for Microsoft Office Outlook 2003 Junk Email Filter (KB2291595)
Security Update for Windows XP (KB982802)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB975558)
Security Update for Windows XP (KB2259922)
Security Update for Microsoft Office Outlook 2003 (KB2293428)

Hoax?

[sarafina]

I got the warning pop up for the sentumi site. It seems as if it opened windows media player and tried to play something. I am in firefox.

[barnakiel]

How about you tell us what you have downloaded?

THX
b.

[Henry Morgan]

Bullet proof yourself...

Anyone using Internet Exploiter must have rocks in their head so get firefox and disable ie through the proxy settings.

Follow instructions here
http://www.wikihow.com/Make-Firefox-Load-Pages-Faster

Firefox

Tools/Addons/Get addons

Key scrambler personal
Flashblock
No Script
Better Privacy
Fasterfox
Adblock+

Antivir anti virus is best free or paid engine
Superantispyware
Malwarebytes anti malware

Java Ra
http://raproducts.org/wordpress/


I2p
http://www.i2p2.de/

Jap
http://anon.inf.tu-dresden.de/index_en.html

sandboxie
http://www.sandboxie.com/

[Dreaming Yachtsman]

I also received a warning notice when I logged onto CF this afternoon using IE 8.0 with Norton Internet Security. A screen capture image of the history report in Norton is here:


Thanks to Norton Antivirus.

How can we eliminate that specific threat?

[DeepFrz]

Just completed a full scan and it removed 2 more exploits. They seem to be java related.

Exploit: Java/CVE-2010-0094.P and 2008-5353.QZ