Can't access davidlynch.com

Whenever I try to access davidlynch.com, a message pops up saying it is a malicious site and denies me access. I understand that mr.Lynch’s work might be misinterpreted by people, but by software? I’m trying a different free anti virus solution now and it does indeed let me in. It’s not a big deal since it’s a member site and I’m not a member, but I thought it might be worth some investigation since it should be a harmless site.

Have an awesome day, people :slight_smile:

Hi ocn,

The site is not harmless and it was unwise to not heed the warning, other av’s do not have the excellent protection like the avast shield. The site has now found to be malicious…This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities…

  Drive-By Downloads   

Threats found: 335
Here is a sample:
Threat Name: HTTP Malicious Toolkit Variant Activity
Location: htxp://www.davidlynch.com/ppv/swfs/music/dj-mp3-downloads.html

Threat Name: HTTP Malicious Toolkit Variant Activity
Location: htxp://www.davidlynch.com/ppv/swfs/music/how-do-you-download-music-for-ipod.html

Threat Name: HTTP Malicious Toolkit Variant Activity
Location: htxp://www.davidlynch.com/ppv/swfs/music/tony-carey-mp3-download.html

Threat Name: HTTP Malicious Toolkit Variant Activity
Location: htxp://www.davidlynch.com/ppv/swfs/music/country-music-downloads.html

Direct link to: htxp://www.davidlynch.com/ppv/swfs/music/index1.html
Location: htxp://www.davidlynch.com/ppv/swfs/music/how-do-i-download-music-to-my-ipod-shuffle.html

Direct link to: htxp://www.davidlynch.com/ppv/swfs/music/song-south-carolina-on-my-mind-download.html
Location: htxp://www.davidlynch.com/ppv/swfs/music/how-to-get-music-off-of-ipod.html

Direct link to: htxp://www.davidlynch.com/ppv/swfs/music/brintney-spears.html
Location: htxp://www.davidlynch.com/ppv/swfs/music/numa-song-download.html

Direct link to: htxp://www.davidlynch.com/ppv/swfs/music/free-music-downloads-for-mp3-players.html
Location: htxp://www.davidlynch.com/ppv/swfs/music/flintstones-theme-song-download.html

Direct link to: htxp://www.davidlynch.com/ppv/swfs/music/mp3-instrumental-music-downloads.html
Location: htxp://www.davidlynch.com/ppv/swfs/music/100-free-music-downloads.html

Direct link to: htxp://www.davidlynch.com/ppv/swfs/music/sharing-copywritten-music-from-ipod-to-ipod.html
Location: htxp://www.davidlynch.com/ppv/swfs/music/mp3s-music.html

polonus

Indeed. I agree with Polonus.

URL Void scan

Report 2010-07-04 13:12:23 (GMT 1)
Website davidlynch.com
Domain Hash 6060f541f2d472647f4ab354820a38d6
IP Address 66.238.109.4 [SCAN]
IP Hostname 66.238.109.4.ptr.us.xo.net
IP Country US (United States)
AS Number 2828
AS Name XO-AS15 - XO Communications
Detections 2 / 17 (12 %)
Status SUSPICIOUS

Scanning site with: AMaDa CLEAN
Scanning site with: BrowserDefender DETECTED
Scanning site with: Finjan CLEAN
Scanning site with: Google Diagnostic CLEAN
Scanning site with: hpHosts CLEAN
Scanning site with: Malware Patrol CLEAN
Scanning site with: MalwareDomainList CLEAN
Scanning site with: MyWOT CLEAN
Scanning site with: Norton SafeWeb DETECTED
Scanning site with: ParetoLogic URL Clearing House CLEAN
Scanning site with: PhishTank CLEAN
Scanning site with: SURBL CLEAN
Scanning site with: Threat Log CLEAN
Scanning site with: TrendMicro Web Reputation CLEAN
Scanning site with: URIBL CLEAN
Scanning site with: Web Security Guard UNRATED
Scanning site with: ZeuS Tracker CLEAN

VirusTotal - davidlynch_com_1_.htm - 3/42
http://www.virustotal.com/analisis/b09540be2437c470f9dac10a9272b195350be99be9e6b2c6bc0df51b065596ba-1281374227

Might I ask is URL Void Scan a program, Pondus?

As well as asking Polonus the same question, what program were you using?

Thanks :slight_smile:

URLVoid http://www.urlvoid.com/
NoVirusThanks http://www.novirusthanks.org/index.php

and the scan Polonus is refering to is NortonSafeWeb http://safeweb.norton.com/

Wow Bob Wow. :o I’d never have guessed. I don’t know what all that means, but fortunatly I tested on a Laptop that carries no data of importance.
Thanks, though :slight_smile:

I'd never have guessed.
On the internet.......never trust anything, before it is trippel checked

Hi ocn,

Norton Safe Web reports are a bit similar to BrowserDefender’s, the additional virustotal scan gives data as with what name the malware there is flagged by the various av scanners that come bundled with this meta scanner (here my good forum-friend Pondus is always performing the scan check-ups and he will report for variants that are not yet flagged by avast (not in this case)), my proposed cleansing routine came from forum routines earlier performed…

Just think about the following few lines for a short time and make up your conclusions…

Every 3.6 secs a (known) reputable site becomes hacked and malicious code is being injected there without knowledge of the webmaster and admins or hosting party, sometimes these sites stay malicious for a considerable time with malcode re-directs and silent downloads and will pose an direct malware threat to the unaware browser user. So it is a good policy to report these sites for abuse (mail), unless the hosting party does not respond and is irresponsible or allowing abuse to continue and with 315 exploits there they are not taking particular notice or are incompetent. Good protection for the average user comes by fully patching and updating your OS, browser software, third party software (check with secunia PSI inspector), have the avast shields up and for full protection use a Mozilla browser with the extensions NoScript and RequestPolicy installed and active, with the first one you can toggle to allow and disallow all scripts (and where script cannot run malware cannot run), and with the second you can toggle browser requests and this can stop third party (suspicious and malicious) requests. If you now have become aware of the immense underlying online threat, you now know why we, the security aware, take these protection precautions,

polonus

Reviving this thread because I’m getting the same warning today at the lynch website.

Odd thing is if I check the site with urlVoid, both BrowserDefender and Norton Safeweb show infected. If I then click the details on each, the site comes up SAFE. Checking the site from BrowserDefender & Norton directly gives me a SAFE result.

What’s the deal here? False positive? Thanks.

Hello,

it is a false positive, it will be fixed in the next VPS.

Alena Varkockova