cancel
Showing results for 
Search instead for 
Did you mean: 
steve404
Level 7

site advisor now identifying almost all sites as risky !

Jump to solution


Last evening the Site Advisor started identifying almost all sites I went to as either yellow (suspicious ) or sometimes red (high risk). Sites such as Yahoo and Amazon are now being flagged with the yellow warning (suspicious). Obviously these sites have no risk and should be identified as “green” as they were until last night.  I know there has been some discussion on this forum on this issue, and that it’s been stated that websites going through a “hacked” server will all be given a “risky” label, but I’m getting these yellow and red flags for many, many sites which I assume are using various servers, and up until yesterday they were always “green.” With almost website I visit (and sometimes each page on a website), I now get either a yellow or sometimes red warning box which I have to close before I can continue on the site.

Does anyone know if this is going to be corrected, or is this new, never-ending stream of false warnings the way McAfee will now be operating?  

0 Kudos
1 Solution

Accepted Solutions
Hayton
Level 18

Re: site advisor now identifying almost all sites as risky !

Jump to solution

Thought so. SiteAdvisor is kicking up about srvsinf.com, not about Amazon.

This could have been a search redirection or page poisoning, I wasn't sure which.

What you've got is either a browser hijacker that either redirects you to a site you don't want to go to, or adware that displays pop-up advertisements. There isn't a reliable analysis of this, which is not a virus but may be more than a PUP.

The domain "srvsinf.com" is only two months old and the number of reported infections is quite low, but it seems that every dodgy third-rate remove-malware-now site is clamouring (in strangulated Hinglish) for your attention to remove this "dangerous threat". I have a strong suspicion that those sites are aware of these nuisances in advance...

It's been asked about here - but no answers

http://bizcommunity.att.com/t5/General-Care-Billing-Support/Mcafee-site-advisor-pop-up-on-insider-we...

http://answers.yahoo.com/question/index?qid=20131201164028AABU9FT

EVERY website I visit, I get a popup, www.srvsinf.com, and it's a website that shows links to what i'm doing, and sometimes surveys. As soon as I type in a website like ebay or amazon, this will pop up immediately.

I'm not going to direct you to any of those suspicious malware-removal sites, because mostly they just say - as I usually do - to run Malwarebytes free versionThat and AdwCleaner should help to remove this, but also check your browsers for any add-ons or extensions that have been installed recently. If in doubt, remove or disable them.


Message was edited by: Hayton on 12/12/13 02:26:03 GMT
0 Kudos
14 Replies
Hayton
Level 18

Re: site advisor now identifying almost all sites as risky !

Jump to solution

You're seeing this, I'm not. I'd like to see a screenshot of one of those SiteAdvisor blocking pages for Yahoo or Amazon or some other major site.

0 Kudos
SafeBoot
Level 21

Re: site advisor now identifying almost all sites as risky !

Jump to solution

working fine for me as well. We need some screen shots Steve, or some other evidence.

0 Kudos
steve404
Level 7

Re: site advisor now identifying almost all sites as risky !

Jump to solution

Hi,

Attached is a screen shot of what popped up when I just went to Amazon. The same thing popped up when I went to Netflix about an hour ago. As I mentioned, these warnings are now popping up just about wherever I go. It's kind of a hassle when doing Christmas shopping on-line   Thanks.

screenshot.jpg

0 Kudos
Hayton
Level 18

Re: site advisor now identifying almost all sites as risky !

Jump to solution

Thought so. SiteAdvisor is kicking up about srvsinf.com, not about Amazon.

This could have been a search redirection or page poisoning, I wasn't sure which.

What you've got is either a browser hijacker that either redirects you to a site you don't want to go to, or adware that displays pop-up advertisements. There isn't a reliable analysis of this, which is not a virus but may be more than a PUP.

The domain "srvsinf.com" is only two months old and the number of reported infections is quite low, but it seems that every dodgy third-rate remove-malware-now site is clamouring (in strangulated Hinglish) for your attention to remove this "dangerous threat". I have a strong suspicion that those sites are aware of these nuisances in advance...

It's been asked about here - but no answers

http://bizcommunity.att.com/t5/General-Care-Billing-Support/Mcafee-site-advisor-pop-up-on-insider-we...

http://answers.yahoo.com/question/index?qid=20131201164028AABU9FT

EVERY website I visit, I get a popup, www.srvsinf.com, and it's a website that shows links to what i'm doing, and sometimes surveys. As soon as I type in a website like ebay or amazon, this will pop up immediately.

I'm not going to direct you to any of those suspicious malware-removal sites, because mostly they just say - as I usually do - to run Malwarebytes free versionThat and AdwCleaner should help to remove this, but also check your browsers for any add-ons or extensions that have been installed recently. If in doubt, remove or disable them.


Message was edited by: Hayton on 12/12/13 02:26:03 GMT
0 Kudos
steve404
Level 7

Re: site advisor now identifying almost all sites as risky !

Jump to solution


Hi Hayton,

Thanks for your reply and advice.

So I guess this thing isn’t something that McAfee can automatically remove from my PC.

I’m not too high-tech….So if I download and use the two items you mentioned that should do the trick and stop these pop-ups which are happening 100% of the time now.... and the downloads won’t cause any collateral problems to my PC?

Thanks again,

Steve

0 Kudos
Hayton
Level 18

Re: site advisor now identifying almost all sites as risky !

Jump to solution

If it's adware McAfee may class it as a PUP - that is, you decide if you keep it or not. The clue is that the blocking page you posted was Yellow, which is for minor risks. A Red page for that site would mean McAfee would clean any files if it found them. If you have a Red SiteAdvisor blocking page for any site you know is safe, please post that as well. The authors of these things are rushing them out in time for Christmas - no, seriously - so there could be more than oneof these things on your system. Look in your browsers to see what extra things have appeared lately.

Malwarebytes is safe, we all use it. It takes a harder line towards PUPs and borderline cases than does McAfee. AdwCleaner I've used, and it's good for winkling out things added into browsers without your knowledge. My only caution is that when I used it it deleted SiteAdvisor from Chrome because it was a third-party extension, not from the Chrome store. But with AdwCleaner you can run it in check-only mode first to see what it's going to do. Best to read any supporting information before you use it, the user interface is a bit unfriendly. But it works, and I give it 8 out of 10 (Malwarebytes gets a 10).

Because this srvsinf is new, I don't guarantee those tools will both know about it. Malwarebytes should, they're fast. If Malwarebytes hasn't been updated to remove it I doubt if anyone else will do it yet.

0 Kudos
Peacekeeper
Level 20

Re: site advisor now identifying almost all sites as risky !

Jump to solution

I would add that when you install Malwarebytes you do not thake the offer of trying the free trial of the full version as that can clash with Mcafee as it has a real time scanning option.

0 Kudos
conductorwho
Level 7

Re: site advisor now identifying almost all sites as risky !

Jump to solution

I'd think that due to the nature of the popups / hijacks the Herusthetics.Shuriken engine in MBAM would likely snag it. Considering the dearth of adware out there, I bet there'll be a match in the engine.

Run a full scan. After running the scan, if anything's listed as a PUP or a PUM (Potentially Unwanted Modification) just delete it. Then post the log from the notepad file that comes up here.

As for the downloads, I don't have AdwCleaner but I have MalwareBytes installed, no collateral problems whatsoever. Makes a great supplement to total protection and is very useful for deep-cleaning.

0 Kudos
catdaddy
Level 20

Re: site advisor now identifying almost all sites as risky !

Jump to solution

As Hayton stated, with "AdwCleaner" it is best to run in "Check Mode" intially. For if you are not familiar with the program and it,s features...you quite possibly could remove legitimate programs needed to make certain your system functions properly.

While I am at it, while it may be "Off Topic" in regards to this Post...

Have you experienced any further instances with your Engine Version Updates with the (.3) affixed to them?

Thus far all of mine have been the ( Final Version ) ending in zero since 1731.3. As my current Engine Version now, is ( 1736.0)

Have a Good one,

CatDaddy

Cliff
McAfee Volunteer
0 Kudos