The org syn website was listed yesterday by Google as passing malware. This is an alarming development. Does anyone know anything more?solo - 21-10-2008 at 14:53
I guess it's time to download a copy of all the organic synthesis and stay away from that site.....solokclo4 - 21-10-2008 at 17:04
Err.. that's really weird, why would such a wonderful site be called malware by google? When obviously Orgsyn isn't going to be malicious. Right?497 - 21-10-2008 at 17:26
The little warning thing says that it could have been a third party that did it. That must be what it is. Either that or its a government conspiracy
to keep us from accessing it...chemrox - 21-10-2008 at 21:49
The "third parties" troll for heavily used sites. Org Syn probably has no experience cleaning out such garbage and will have to learn how. I give
them a few days and try again.raiden - 21-10-2008 at 21:59
The Org Syn site passed a hijacker to this computer called JD/downloader and another called IEexploit.
My AVG resident shield caught then and sequestered thwn in Virus Vault.
There is a piece of freeware called Smithfraudfix on the net that is effective at getting rid of this. I used it and have had no further problems,
The virus files are in Temporary Internet Files folder.
Also infect Registry.
Below I post the exe file for the removal tool.
The Clean function (2) needs to be done in Safe Mode. That is, reboot, and as soon as BIOS is through hit F8, menu comes up on black screen, select
Safe Mode.
Then double click on smithfraudfix.exe and select (2) ENTER
Then follow instructions. If program stops responding just reboot into normal mode. You are finished.
This worked for me.
[Edited on 22-10-2008 by Sauron]
Attachment: SmitfraudFix.exe (1.6MB) This file has been downloaded 829 times
raiden - 21-10-2008 at 22:34
Quote:
Originally posted by pantone159
and perhaps some more details at:
Apologies, I posted the wrong link.Sauron - 21-10-2008 at 23:38
The Org Syn site now appears to be operating normally. I just ran a search and got no AV warning from AVG, I downloaded a pdf, no problem.kclo4 - 22-10-2008 at 16:49
Argh! Google is still viewing it as malware and my schools firewall, or whatever it is, has now completely blocked it because of this threat.
How lame is that?
My schools firewall is a bit insane though so I shouldn't be very surprised. For instance it blocks all images from Wikipedia regardless of the
content.Sauron - 22-10-2008 at 18:10
Complain to Google.497 - 22-10-2008 at 19:33
Strange... yesterday I was able to click "ignore warning" and it would work, but now I try it and the warning page just refreshes, not allowing me in
at all. A bit aggravating..sparkgap - 22-10-2008 at 19:42
Was there any official word on CambridgeSoft or Wiley about the matter?
sparky (~_~)Sauron - 22-10-2008 at 20:50
A pity that Google is being such a nanny-ninny.
Can you access orgsyn.org via Yahoo's SE? Or some other SE?
I am not having problems accessing it through my usual link from IE.
As far as I can tell, AVG stopped the hijacker malware cold. I ran the smithfraudfux.exe in safe mode just in case.not_important - 22-10-2008 at 23:55
Quote:
Originally posted by 497
Strange... yesterday I was able to click "ignore warning" and it would work, but now I try it and the warning page just refreshes, not allowing me in
at all. A bit aggravating..
I'm not even seeing a warning at Google, takes me straight to the orgsyn site. They must retest fairly frequently anf have cleared the report.
I'd used the site during the time of the infection, and got no alerts at my end. Could be because the injection used offsite sources for the malware
scripts and I'm using NoScript, or because they were IE/ActiveX specific (IEexploit is), or I'm really running OpenBSD and not XP like the browser
usually reports.
The name Smitfraudfix has no 'H' in it.chemrox - 23-10-2008 at 11:56
Oustanding post Sauron. I will keep those files handy!
