Malware in TUS? (Trouble reporting)

Kaleu · February 10, 2013, 04:49 AM

When I try to search DJ-M4R10 nickname the following page pops-up.

http://prntscr.com/s71ul

The Google chrome blocked the acess of this page in www.tus-wa.com

The content of members.lycos.nl, is a known distribuitor of malware, and was insert in that web page. Higly probable if you visit this page now your computer will be infected with malware.
__________________________________________________________________

Next screenshot: http://prntscr.com/s71vs

What's the current status of members.lycos.nl?
The current site is listed as suspect. If you acess it, your computes will be damaged.

A part of this website was listed by suspect activity during 20 days in the lastest 90 days.

What happened when Google visited this website?

Of 191 pages tested during the lastest 90 days, 74 pages cointained malicious softwares which were being downloaded and installed without the knowing of its users. The last time Google visisted this website was 2013-02-03, and the last day that Google detected something suspicious was in 2013-01-05.
The malicious softwares include 64 trojans, 18 exploits, 12 scripting exploints.

The malicious softwares are hosted in 44 domains, including trafdriver.com/, cg79wo20kl92doowfn01oqpo9mdieowv5tyj.com/, onlyfind.net/.

25 domais act as a intermediary for the distribuition of malwares to the visistors of the site, including members.multimania.nl/buligast/, members.multimania.nl/hytui/, members.multimania.nl/babiks/.

This website was hosted in 2 networks, including AS25074 (INETBONE), AS3561 (SAVVIS).

This website worked like an intermediary for distribuition of malwares?

During the last 90 days, members.lycos.ml does not seemed as a distribuitor of malwares.

How does it happened?

In some cases, the malicious codes can be added by third users to the legit website, which may cause this warning message.

ps: I can access this page for my own risk and report, but I will wait someone's answer.
ps²: After try some more times, the page stopped to pop-up.

Edit: Updated image links.

Tomi · February 10, 2013, 10:02 AM

maybe your computer is infected by some virus?

Crazy · February 10, 2013, 10:38 AM

I've had the same message before, I didn't think much about it and haven't seen it since. My computer is still working just fine ^^

MonkeyIsland · February 10, 2013, 10:43 AM

Djoszee's avatar is an image set in lycos.nl. So when selecting a member in popups, if Djoszee comes up, it will point to lycos.nl to view his avatar. That has nothing to do with TUS. If lycos is really untrusted, we could remove his avatar.

StepS · February 10, 2013, 05:07 PM

or reupload

THeDoGG · February 10, 2013, 05:23 PM

lol stupid chrome .. i've had also this notice while trying to visit a member.lycos website.
Lycos is a free website hoster, and probably one of the hosted pages contained malware, but since chrome is very stupid it is blocking the whole domain!
I'd recommand to switch to firefox

Kaleu · February 10, 2013, 07:57 PM

Ok, thanks MI!

@Tomi
Nah xD

@Doggy
Chrome is perfection in html5 pages!

THeDoGG · February 15, 2013, 08:50 PM

chrome = ie6

Phanton · February 15, 2013, 10:41 PM

Quote from: Crazy on February 10, 2013, 10:38 AM
I've had the same message before, I didn't think much about it and haven't seen it since. My computer is still working just fine ^^

me too

StepS · February 16, 2013, 08:54 AM

Quote from: THeDoGG on February 10, 2013, 05:23 PM
lol stupid chrome .. i've had also this notice while trying to visit a member.lycos website.
Lycos is a free website hoster, and probably one of the hosted pages contained malware, but since chrome is very stupid it is blocking the whole domain!
I'd recommand to switch to firefox

what will this solve? it's just a blacklisted website, publicly blocked in many browsers.
i wouldn't ignore such notices, as in most cases they are real. one example is a background java app embedded ito page which clips mouse cursor to half the screen, blocks the task manager and opens an ad page (containing a phishing page with "new browser", in fact being a malware).

THeDoGG · February 16, 2013, 11:46 AM

Quote from: StepS on February 16, 2013, 08:54 AM
Quote from: THeDoGG on February 10, 2013, 05:23 PM
lol stupid chrome .. i've had also this notice while trying to visit a member.lycos website.
Lycos is a free website hoster, and probably one of the hosted pages contained malware, but since chrome is very stupid it is blocking the whole domain!
I'd recommand to switch to firefox
what will this solve? it's just a blacklisted website, publicly blocked in many browsers.
i wouldn't ignore such notices, as in most cases they are real. one example is a background java app embedded ito page which clips mouse cursor to half the screen, blocks the task manager and opens an ad page (containing a phishing page with "new browser", in fact being a malware).

I'm just pointing the fact that it is stupid to blacklist the whole domain. Lycos has millions of personnal pages hosted, why not blocking the specific URL instead of all the domain?

StepS · February 16, 2013, 03:34 PM

Quote from: THeDoGG on February 16, 2013, 11:46 AMI'm just pointing the fact that it is stupid to blacklist the whole domain. Lycos has millions of personnal pages hosted, why not blocking the specific URL instead of all the domain?

tell this to USA Gov, Google, and many other proprietaries
it's been ages like this, and there's no good way around it

and it's not about chrome

Statik · February 16, 2013, 05:01 PM

it's even worse in Russia, they can ban Google xd

THeDoGG · February 18, 2013, 06:49 PM

lol yeah big problem, and nightmare for webmasters!
I knew lycos was a safe site, otherwise i would have believe that it is dangerous