Talk Morgan Forums Community The Malvern Arms Phishing block on TM image site

Well it’s back with a vengeance - I’ll limit my use to the iPhone until that image is removed..AVG has been good to me for 23 years, the last 10 full fat including driver updates & tune up. So I’ll get in more gardening time instead
maybe..

All AV products will work in roughly the same manner. What AVG is doing is not bad or wrong, bad input results in bad output which is what we are probably seeing here. Not worth throwing out the baby/bath water based on one false positive.

Start by marking the site as safe in the AVG settings. Then report it as a "good" site if you can. This should allow you to see it.

If a site gets reported as being a risk by a customer AVG then updates the central cloud database.
Some less experienced people may be worried about something and so hit the "report" button unknowingly.
If enough people report something AVG may then mark their database and so all users with AVG installed will see this change the next time they look the site up to connect to it. This is why only the AVG users are currently reporting it. Other AV software has not had the report and so is happy.

When your machine goes to connect to tm-img the AVG checks the site name (DNS or domain name services) with AVG cloud.
AVG reports it as suspect/bad etc and so your computer bocks it.

This means that people need to report it as good or through some feedback mechanism it needs to get corrected in their database.

For those of you who are non-technical - do not just load another AV program on top of AVG as this will cause melt-down. Removing AV software can be quite a challenge. AV software links very tightly into the operating system in order to do it's job and only one can exist at a time. Always fully remove the old one first. If you have Kaspersky start with prayer as it is a little devil to extract so be careful.

General IT concensus is that Microsoft's own AV is now "good enough". IMHO 3rd party AV software is more like buying insurance from your electrical retailer when you buy a new washing machine - not generally worth it. If you are prone to accessing unknown websites / mistyping web IRLs that may end up somewhere malicious, then I suppose additional AV s/w might be useful.
Probably better is to use a VPN (which can also trap bad web sites before they get to you) like NordVPN.
To go even better, install a PiHole on a Raspberry Pi attached to your router - that stops most reported bad sites being accessed (remember a lot of sites are accessed indirectly - they are embedded in other web pages) - mostly advertising sites of course - plus this has the effect of speeding up your web browsing. This does require a bit of IT fiddling but the instructions are pretty good!

Interestingly the biggest IT failure (earlier this year) - the CrowdStrike debacle - was effectively a corporate AV suite that went bad. And the biggest scams I see friends falling for are things like McAfee subscription renewals...

Thank you very much for the thought you have both applied to this annoyance it is most helpful and constructive.
As I have rolled over my 3 subscriptions to AVG I am totally committed but feel most hesitant to modify any of the settings with regards to the seemingly errant tm image file. Logic in survival mode tells me if I were to do so I would be unprotected were someone to add another corrupted file of a sinister nature. I imagine AVG would apply the same logic as myself and say well you said it was ok and we are in compliance with your choices. Yours the world class cynic.
PS. I run W10 and get a virus report from them also, so I appear to be doubled up but I am an innocent and total ignoramous in such matters tbph….

Richard

when you install an additional AV on top of windows it will normally turn off the inbuilt modern AV that Windows does come with these days. It's never a bad thing to do this as most evil people will know how the Windows stuff works and so try and work out ways to defeat it.
On the other hand a Microsoft salesman will tell you that their AV product is far better integrated with the OS as they write both (pro's and con's in that statement!) along with the cloudy MS stuff and applications (word etc). They will say that the patches will be joined up etc.
It is true that their products are both the biggest target on the web but at the same time they probably have most focus and a broader knowledge and user base to sample to keep things right.

A few years ago I would have trusted the MS AV product to sit the right way on a toilet seat but they now regularly sit in the very top vendors for it.

It will be a constant cat and dog fight between AV and evil perps, just read the message carefully when they pop up and trust nothing at all.

Alistair,

Thank your very much for your help and guidance, I feel reassured now and will use the iphone mostly as I don't get any warnings, which I am (maybe) interpreting as a good thing and not a PITA that the desktop has become since that file appeared.

Talking of using the phone, My mate at the Men's Shed told me when he gets a nuisance call, he tells the caller that, yes, this was the phone of the person they are asking for but he/she died yesterday. Their reactions are worth listening to!!

Well well Alistair and other AVG users, this evening my AVG Driver Updater downloaded "AVG VPN Wire Guard Adapter 2" and all has returned to normal thank goodness.

Thanks again all who looked into this

Well I've given up and migrated to Dropbox..

I am a little late making a comment on this but since I have been more than a little busy of late and nobody advised me of the problem I was not aware of it at all.

tm-img.com is a service set up by Talk Morgan members for the use of members but beyond that is completely independent from Talk Morgan and has completely separate administration. The motivation for setting it up was the rather unethical way a popular hosting site suddenly started demanding payment for hosting.

tm-img.com is not available for public viewing but, having said that, anyone could create an account. We do however lightly monitor images that are posted to ensure that our terms of service are not breached.

Phishing is a term applied to emails that try to link you to sites, often purporting to be a bank site but also often courier sites, that try to obtain your account information, personal details and passwords.

Regarding passwords it is definitely not a good idea to use the same password that you use for your email or any other site, such as your bank, when you set up accounts on any forum or other form of internet service. Passwords are held in a secure way but should always be different from critical services.

Regarding the possibilty of tm-img.com being used as a phishing site it simply does not exist as there is no way for anyone to set up a page which requests the sort of data that a phishing scammer would want. The site does not have the possibility for a user to set up pages or forms. Certainly a AV program that objects to a particular image and give a phishing warning for it just does not have any sense at all so it is clearly a false output from the AV program.

I am glad that the problem has now been resolved but I wish to emphasize that it was never a problem with tm-img.com.

Peter