I get this message that a malware has been blocked each time I start Firefox. Do I need to pay more attention to this?
can you post a screenshot of the pop up message ?
there is a pin in top right corner, click it and you lock the pop up to the screen…
Presumably it is the Network shield blocking a malicious site, see image.
@ Momsix
Do you have any active bookmarks or RSS links that might have this site in them ?
MBAM also block that IP 94.75.221.69
URLVoid - mnepoher.com
Report 2010-06-28 17:53:25 (GMT 1)
Website mnepoher.com
Domain Hash 26ae99d3225b945c9bd53bcace54adae
IP Address 94.75.221.69 [SCAN]
IP Hostname vpn.piratoff.com
IP Country NL (Netherlands)
AS Number 16265
AS Name LEASEWEB LEASEWEB AS
Detections 0 / 19 (0 %)
Status CLEAN
Scanning site with: AMaDa CLEAN
Scanning site with: BrowserDefender UNRATED
Scanning site with: Finjan CLEAN
Scanning site with: Google Diagnostic CLEAN
Scanning site with: hpHosts CLEAN
Scanning site with: Malware Patrol CLEAN
Scanning site with: MalwareDomainList CLEAN
Scanning site with: McAfee SiteAdvisor CLEAN
Scanning site with: McAfee TrustedSource UNRATED
Scanning site with: MyWOT UNRATED
Scanning site with: Norton SafeWeb UNRATED
Scanning site with: ParetoLogic URL Clearing House CLEAN
Scanning site with: PhishTank CLEAN
Scanning site with: SURBL CLEAN
Scanning site with: Threat Log CLEAN
Scanning site with: TrendMicro Web Reputation CLEAN
Scanning site with: URIBL CLEAN
Scanning site with: Web Security Guard CLEAN
Scanning site with: ZeuS Tracker CLEAN
NoVirusThanks - mnepoher.com - CLEAN
http://scanner.novirusthanks.org/analysis/80e2208809bfb63f04e5b54297c9fffb/c2l0ZQ==/
Hi
The site IP is in various blocklists:
Blacklists
md5:060ad92489947d410d897474079c1477:221
md5:fdb114c19ceee36c240bfbf63c454a1e:221.69
md5:29d1165b61ef7dc62cecf00ea22b1d93:22169
md5:14bfa6bb14875e45bba028a21ed38046:69
md5:d09bf41544a3365a46c9077ebb5e35c3:75
md5:fbbe7c655473b1207e261f724fe00231:75.221
md5:abcade60dd1745f8c730f2e328e76e4f:75.221.69
md5:d34093d2d8a8d2753e13adc4ee3e1b6d:75221
md5:52f1ccd763e8bb142a5bc07c096561d7:7522169
md5:f4b9ec30ad9f68f89b29639786cb62ef:94
md5:396ee667348ed2f67d63f2549dac3fdc:94.75
md5:17b7031ae1bebfd93541f6b0c8ff55f1:94.75.221
md5:5111ec9a191c0a1377f1df3ee9d0fa62:94.75.221.69
md5:b2df0a0d4116c55f81fd5aa1ef876510:9475
md5:05a076b41380b0d15b94c7916f7370cc:9475221
md5:fc4cd626b37b95b0bf2e91f209ca29bc:947522169
Says upon visiting: The fact that you are seeing this page indicates that the website you just visited is either experiencing problems or is undergoing routine maintenance,
polonus
It isn’t really a problem with the site as one of why is firefox connecting with it, that is the disease rather than the symptom (avast alerting).
Hello guys,
this domain is used as malware rotator (redirector to randomly chosen malware domains). We started to block it on 24.6.2010 and it covers for example JS:Prontexi too.
Please try to remove all the history from your Firefox and if the alerts wouldn’t stop you should inspect addons and plugins.
Regards
Ok, I really am a newbie! I have managed to capture a screen shot, but can’t seem to load, paste, etc to get it to appear in this window. Also, clearing my history did not work.
How would I “inspect” my plug ins and add ons?
You’re not inspecting them as such, just checking that the add-ons/plug-ins are ones installed by you, check Tools, Add-ons in the firefox menu, then Extensions and Plugins sections.
Having captured your image you have to save it as a .gif or .jpg or .png image file (.gif is smaller file size). When creating the image, crop it to show just the relevant parts, not the whole screen or it is likely to be too large to attach.
- When you click the Reply button, there is an Additional Options link, this expands the options to attach a file, that can be an image file or a text file (.log or .txt). Also see How to post an Image.
Woot, that did it. There WAS an extension called “Search Helper” that I didn’t recall. I disabled it, and no more message! TYVM!
No problem, glad I could help.
I would suggest going further now and uninstall it. Search helpers are even if legit pretty much worthless as all the major search engines, google, etc. are pretty accurate and can be fine tuned without so called search helpers. Many such search helpers just collect data on what you are searching for and upload it to their own servers to use in delivering ads; it is possible that this attempted connection was just that trying to upload data; or worse trying to install more malware.
Welcome to the forums.