OpenDNS is blocking this known Windows only threat at that site, which must have been hacked. If you aren't running Windows on a partition, then you have nothing to worry about by going there. I don't know how OpenDNS blocking works -- I use but do not subscribe to OpenDNS -- but does it allow you to go anyway, despite the warning?
Can you log in to your OpenDNS account and change the settings so this is not blocked, at least temporarily until the site is cleaned?
Thanks. The wierd thing is I don't have an openDNS account so I can't understand how it's spotted this problem - unless it is running silently in the background on my mac. I have certainly never signed up to it.
I tried going just to http://www.cafc.co.uk, not using your complete link and I'm seeing that the entire domain is blocked for me as well by OpenDNS. I guess an account is not needed. I would wait a bit and see if it gets cleaned up.
As for not understanding why you have OpenDNS at all, go to System Preferences>Network>Advanced>DNS and report back with the numbers you have there. The ones for OpenDNS are
I have those numbers aswell.
I have tried to get a message to someone I know is connected to cafc.co.uk through twitter, but as he more than likely uses a windows based pc to update the website he may not understand that mac users are being blocked.
Thanks for your assistance; for a moment I thought that I had inadvertently downloaded malware/virus, but I now see that Open DNS is protecting me.
Well, if he's aware and a sys admin, or can contact one, they should be able to disinfect the site. BTW, the conficker is old news from 2009. I didn't know it was still around. But, then again, I don't follow Windows viruses.
I've checked with a few malware reporting sites, including Google Safe Browsing, and that site comes up negative. Maybe a false positive from OpenDNS? Or something brand new.
Message was edited by: WZZZ
If you think this shouldn't be blocked, please email us at firstname.lastname@example.org.
Ask them to investigate.
Thanks for your help WZZZ. I hope the site gets disinfected (if indeed it is infected).
If there is no problem and Open DNS are reprting a false positive, any idea how I can get past the warning page?
Well, you could go into that location in Network and enter these numbers above the ones for OpenDNS. They are Google public DNS servers. They will be used first, before the ones for OpenDNS. Go back in and remove them using the minus button when this has passed over, or move them below the OpenDNS ones as a backup if the OpenDNS Servers are ever down.
Even if there is a problem, the conficker worm can't do anything to a Mac.
OpenDNS may have been protecting you all the while against this.
WZZZ, all my software updates are up to date - I installed a java update on 14 April. So I assume this is the update which you refer to in your last reply re patch against Flashback infection? If so, can I safely go into Network and put in the 22.214.171.124. and 126.96.36.199.?
Sorry but am still a novice re mac, so do not know what Flashback Command & Control botnet servers are. Is there a scan I can run to see if I have got any infections (like I was able to do when I had a pc)?
Thanks again in anticipation of your assistance.
If your're running 10.6.8 and Software Update isn't showing a Java update, then you've done everything that's needed. That update was released on 4/12, so it looks like you got it. Still, disable Java in your browser. It's hardly ever required by any sites, and even the newly patched version will almost certainly be exploited again at some point.
I'd also recommend turning off Java completely in Java Preferences.app in Utilities. Just go in and uncheck both boxes. You can always go back in and turn it on if needed.