pixel.quantserve.com???

A lot of the sites I've been visiting for a long time on Chrome are now causing F-Secure to throw out notifications of a malicious website, which is pixel.quantserve.com/(a bunch of gibberish).

 

Capture.PNG

 

To my knowledge, quantserve is just a tracking cookie thing. Why is it doing this? Am I being redirected or hijacked? Is this malware?

Best Answer

Comments

  • SimonSimon Posts: 2,636 Superuser
    I'd suggest a scan with www.malwarebytes.org and see if it finds anything.
    MadameLily
  • UkkoUkko Posts: 3,160 Superuser

     

    Spoiler

    Hello,

     

    Sorry for my reply.

    Maybe it's can be anything.

     

    I can just to think.. that F-Secure web-traffic just ignore part of related URL (which you marked as just tracking cookies - and maybe it's like that) and block other part of URLs.

    Can it's be.. that all other part (not visible under screenshot) have other URLs under specific/addition/keys?

    Potentially current URLs already marked as malicious under F-Secure Security Cloud. And it's blocked.

     

    Question just.. why current link (which can be as redirect, or other links as Advertisement maybe - I not sure.. about current service) comes with malicious URLs around.

     

    Such as I mean something next: originally blocked not just "http : / / pixel . quantserve . com", but URL from additional under link something as "/pixel;r=231241;sas2121;redirect-to:malicious-website . com" - where "malicious-website . com" main reason for block-action under your notification history.

     

    Maybe if it can to happened just with Google Chrome (if you able to understand.. which website triggered current notifications) - maybe you have something wrong with addons/plugins?

     

    Sorry for my reply. Just there maybe can be various of explanation. Such as.. known for you websites.. always can be with troubles about security. Web-developers not always think about security. Normal websites can be under strange attackers-people.. and create a various hack-action for any of websites... load a exploits, fake advertisements or other-other.

     

    MadameLily
  • It might be the rest of the link, but my problem too is that I can't resize my window for whatever to see the rest of it.

     

    Another thing is that it only happens to a few websites in particular, like it's not on YouTube or F-Secure or a few other things for example. I assume if it was malware it would be after everything? (Still running a scan, of course. Better safe than sorry.)

    Ukko
  • UkkoUkko Posts: 3,160 Superuser

     

    Spoiler

    Does you use Client Security or something same? Or just there F-Secure version provided by your ISP?

    Such as..  with screenshots it's looks like some of other versions, but features related with "modern ones".

    Or maybe it's a not Windows version simply? :)

    Just home versions.. already comes (or should be) with resize-feature about notification history window.

    Maybe full LINK can be visible.. if you target it by mouse and wait?

     

    So.. it's maybe can be related with troubles for some of websites. Such as it can be hacked. Or there fake advertisements, malicious banners or other (?!). If it simply possible there.

    Can you provide a links for "trouble" websites (where happened block status). Maybe it's not nice design to use under community reply.. but maybe will be OK with private letter.

    Such as.. it can be more visible...   if same block-actions will be same with my experience (as example).

    Or it's happened just under your device. If it's global situation.. so your device can be "worry-free", but website should to do something for prevent "strange" tracking services under their pages (by any of vulnerabilities under their website's engine.. or some of addition things around, for example). Or if current "link" can be related with advertisements or other. Maybe there can be some of "not trusted" for F-Secure "certain" scripts or something around this and it's blocked (such as... direct link known for F-Secure as malicious one).

     

    Sorry for my not nice English.

     

    MadameLily
  • I have Windows 8.1, my version of F-Secure is provided by Cogeco. It's up to date, of course.

     

    Sites in particular are www.gaiaonline.com and www.funnyjunk.com, those are the two it came up on.

  • So my Malwarebytes scan finally finished, and nothing came up.

     

    And I just realized after all this time that both links were deleted, unless my post never went through at all. Smiley Embarassed

  • SyndalSyndal Posts: 1

    I am also receiving the message "Harmful website: pixel.quantserve.com" which I think is from F-Secure (?a tiny Optus (F-Secure) icon) in an alert panel at the bottom of the screen. I am an Optus F-Secure client.

     

    Currently I am tracking  Cruise Liner 'Oosterdam' and every time I access the online tracking software ( www.sailwx.info/shiptrack/shipposition.phtml?call=PBKH ) I receive the above message.

     

    This has only been happening for the past 3 days (OK previously) and occurs on my Win7 Desktop computer and also my EeePC Netbook running Win7 Starter.

     

    Can I take action to stop this happening?

  • SimonSimon Posts: 2,636 Superuser

    You could send the URL links to F-Secure for analysis via the Submit a Sample service, or send in a Support Ticket with details of the affected websites, and a screenshot of the popup.  You can also add a link to this thread for reference.

     

    Further, you could scan the links with https://www.virustotal.com/ and see what comes up, but that won't offer an immediate fix, just information.

     

    Edit - I've been trying to get Virus Total to work, but it just hangs when sending a link.  Not sure if it's just my computer / connection or if there's a problem with the service.

    Ukko
  • I had it scanned earlier and it came up 1/57 or something, I forget the number. The 1 was some obscure thing too. Again, their WebSense thing just said advertising.

    And I tried adding links for reference but they vanished.
  • UkkoUkko Posts: 3,160 Superuser

    Hello,

     

    What certainly you want to stop?

    Such as... "notification" about blocking harmful-links goes to break page or something else? and you not able to use it?

    If there all OK with page.. and you able to use this...

    Potentially.. it's not really can be helpful to "stop" this... because. Potentially reasons for current situation (such as.. related with previous links, which I also check and not get same result) can be related with:

     

    -> Your browser does not block some of third-party resources: advertisements, banners, scripts or other.

    It's can be blocked, but will ignore same things from quantserve.

     

    -> In somewhat reason.. any of "advertisements/tracking"-services can be "in use" by malicious things (scripts, exploits, redirects, phishing and other. if author of banner/related people... can to do malicious actions).  And potentially there can be a risk.

     

    -> It's looks like that quantserve (as some of links, scripts or other addition there) goes to be marked as suspicious/harmful under F-Secure Security Cloud.

    And browsing protection features.. goes to prevent.. your "visit" for this page/link.

    Such as.. you can to feel "safe"-status there. And you can to "fix" situation - if you will install something as AdBlock/NoScript (or if installed.. re-add some of databases there) or other variants, which can be related with your browser.

     Such as.. prevent load javascripts and advertisements/banners. With current design - potentially.. you should not to receive any notification about block-action.

     

    Also.. there can be something wrong with your system. But with situation from current topic.... it was probably all OK.

    You can to re-check plugins/addons/extensions under your browser, some of installed application. And .etc - if there can be "too much" advertisements or re-place "one advertisements" (which should be under page) to another one.

     

    Why it's happened just now.. or recently. Potentially can be:

    -> F-Secure Security Cloud get a "reason" for create new rating for direct/certain links about quantserve.

    -> Some of advertisements/tracking/banner/pictures/scripts from quantserve start be "in use" by something malicious.

     

    Sorry for my reply. And if I wrong understand.. how it's looks like there (such as.. if it's goes to be "outside" of browser - it's should be more dangerous).

  • I'm having the same problem. It's been popping up every couple of minutes this morning. I also keep getting a pop-up from the taskbar with an F-secure logo reading "This is many message widget!" I don't remember ever getting any task bar pop-ups from F-secure before this morning other than a notification that a scan was completed, so it seems odd that both are suddenly popping up ever few minutes. Makes me suspicious of a virus but just did another scan and nothing came up. Could this be some sort of bug in the F-secure code?

  • UkkoUkko Posts: 3,160 Superuser

    Hello,

     

    Maybe.. if it's be with meanings.. that "some of links" goes to be marked as malicious, suspicious, scam, phishing or something else. And F-Secure Security Cloud start to think about "all of related/around" links as malicious. Or just direct ones. In somewhat reason "databases of malicious URLs" start be with addition after updates. It's can be as false-positive or can be as "just too much actions" (not just "certain known" direct-links goes be marked). It's will be explanation.. why it's happened just recently... 

    Also... maybe there comes some of specific URLs (which can be..... from internet-provider or related with tracking history?!).

     

    Anyway.. also you able (in somewhat reason.. if there something more, but not related with description). About DNS: https://www.f-secure.com/en/web/labs_global/dns-check

     

    Just a little be strange your description about "taskbar"-pop-up with F-Secure Logo (?!).

  • SimonSimon Posts: 2,636 Superuser
    It might be worth running the Online Scanner and see if that detects anything:

    https://www.f-secure.com/en_GB/web/home_gb/online-scanner
  • KlisheeKlishee Posts: 1
    What I've found out, its ad-ware, coming from cookies. When you are getting notifications from F-Secure that it blocked "malicious website" from opening by hovering cursor on the notification it gives long ass text, about middle of it u can find the source of website/client that is running the cookie. Example: I've utorrent to open automatically with the computer. Had 3-4 messages while computer was opening. the line of text i spotted "cdn.bitmedianetwork.com" and by using google, found out the source of cause on notification. I removed utorrent from my pc and i haven't got any notifications while computer is starting. What i think its new type of ad-malware that F-Secure is detecting as threat. All we can do is to F-Secure to solve how to block connection from the "threat".
  • NeelaNeela Posts: 1

    I have that same problem as the first poster but it just started today. When I visit certain sites (for example twitch.tv) F-secure throws out notification of a malicious website. The URL is starting with the pixel.quantserve.com but in the middle of the URL I don't see any malicious URL's.

     

    This has happened on Google Chrome and Mozilla Firefox and I'm using Adblock Plus on both, but when I installed NoScript on Mozilla, F-secure does not throw notifications when I visit those certain sites.

     

    I have tried Malwarebytes Scan and F-Secure scan but they don't find anything. I don't know if F-secure is just overprotective  or is it some kind of adware. 

  • JörschenJörschen Posts: 1

    What can I do to get rid of the pop-up: "This is many message widget, Sie haben ungelesene Nachrichten" followed by another pop-up, stating: "Schädliche Website http://......" Thanks in advance and best regards, Jörschen

This discussion has been closed.