Infected file on GenesReunited

[crystal lady]

Sue - I've also got a tree on GR which I keep just for contacts etc, I have some new info to add on but that will have to wait as well.   Can't remember when my actual renewal date is, just hope its not too soon and that I have a chance to do something about it   

Crystal

[downside]

Read all about it here:-

http://www.xephandreema.com/2009/12/exploit-rogue-scanner-how-to.html

Basically Genes Reunited is NOT THE PROBLEM.

Exploit Rogue Scanner Type 820 sends an error through your registry, causing your Security Center to send an "alert message" that the applications you open are virus infected. THIS IS NOT TRUE. It's kind of like a fake system error.

GR is not infected.

[ambers]

Many thanks for the Link downside

Is type 1027 the same ?

Ambers

[downside]

I think it is from the same family of malware, second cousin twice removed.

A genealogy joke.

[ankerdine]

Read all about it here:-

http://www.xephandreema.com/2009/12/exploit-rogue-scanner-how-to.html

Basically Genes Reunited is NOT THE PROBLEM.

Exploit Rogue Scanner Type 820 sends an error through your registry, causing your Security Center to send an "alert message" that the applications you open are virus infected. THIS IS NOT TRUE. It's kind of like a fake system error.

GR is not infected.

I really still dont understand how you can say this when GR is the common denominator for all the above coments.

I still do not understand why GR have not replied to our emails. If Ancestry and Find My Past personnel read this website then surely GR administrators do too?

J

[smudwhisk]

GR may be the common denominator but I suspect at least one of the sources, as has been suggested already, will be the ads feed on the site.  I encountered the same problem a couple of years ago from GR and when I pointed out to them they had a problem with the ad feed on the site they ignored my email .  AVG and AD-Adware scans of my laptop at the time showed no issue apart from a file in temporary internet files which had been cleaned so I just deleted it.

Exploit Rogue Scanner Type 820 sends an error through your registry, causing your Security Center to send an "alert message" that the applications you open are virus infected. THIS IS NOT TRUE. It's kind of like a fake system error.

If you do get the above, while your PC may not be infected and it could just be a false positive to get you to download the infected file (when its offering you software to clean your PC), there are occasions when the alert can be hiding other malware.  I've seen this several times in recent years having to clean up malware infected PCs at work.  The pop-ups themselves can be a pain to get rid of.

[Roobarb]

I'm pleased to have come across this thread because the exact same thing happened to me last night. I was trying to open a message on GR, luckily my virus checker picked it up. I couldn't close it down so eventually went to Task Manager and closed down everything, so that did the trick. I've been back on GR today to reply to a couple of messages and all was well.

Downside, I'm afraid all that technical stuff is above my head but I can't see how the problem isn't with GR.

[smudwhisk]

Downside, I'm afraid all that technical stuff is above my head but I can't see how the problem isn't with GR.

The ads on the site are actually only "links" to other websites who provide the ads as a link on the GR site.  Although I think GR should be paying attention to what they are linking to, its the company supplying the ads that will have the problems as it is these which contain the malicious code. 

It wouldn't hurt GR though to actually respond when someone points out to them there has been a problem ....

[elaine447]

I had same problem today
I did not click on any of the links on GR
all I did was check something on my tree
then close it 
Elaine