aaron9615
(Aaron9615)
1
Hey fellow spiceheads 
one of our users stumbled across this website, which attempts to scare you into downloading its malware file. I blocked it via our filter and would recommend anyone reading this block this address also. the website is www1.savessuiteforyou.in attached is a picture of the malicious site also. FYI the astericks were added before and after the site so no accidental clicks. Hope this helps prevent any future outbreaks on anyones network, have a good one everyone!
Aaron
5 Spice ups
bill7822
(Mad Dad)
2
One of many thousands of sites just like it. Tried to go there and it was gone.
Bummer, like to test my anti-virus/malware.
Yea i have seen this same thing before. The address it displays is not the true address and instead it has a very randomized redirect setup. I have clicked on the same initial link to get to that same site before and always the web address that displays at the top is different.
Hitting that page usually does not infect you though. You have to click around and install something from that site still. Just fools most because it looks like it is windows explorer folder telling you that you are infected.
Liek RobJ1982 said, it randomly strikes and blocking a specific site is mostly a waste of time. You are safe until the user downloads and runs the “Virus Removal Tool” which instead infects the PC. There are several versions of the site but they all look pretty much the same.
I’ve run into this numerous times and Malware Bytes has been a life saver. Sometimes the virus can hijack all of the exe extentions preventing everything from working. There are numerous sites on how to reassociate these. Just boot the machine in safemode with networking and run Malware Bytes.
The key is to train your users to instantly call IT when they think their machine is infected with a virus instead of trying to clean it themselves.
Kyle-R
(Kyle R)
5
Seen many variations of this from many different place’s.
