Malware check

Previous Thread Next Thread
S

sdw

New member
Jul 14, 2005
2,187
0
0
Sibar said:
Ran into a SP website where it stated a malware was present "grafika.kinoletnie.pl"

After going to here:

https://www.google.com/transparencyreport/safebrowsing/diagnostic/

It stated the website was not dangerous.
Click to expand...
When I Google "grafika.kinoletnie.pl" I get a listing of various sites - all of whom are warned against. "This site may harm your computer" https://support.google.com/websearch/answer/45449?hl=en&rd=1

I think it's a case of Google's left hand not knowing what it's right hand is doing. When I run scan with my anti-virus/malware software, the site is infected.
 
S

Sonny

Senior Member
Sep 12, 2004
3,731
220
63
Use Spybot Search & Destroy regularly along with Malwarebyte to do the trick on malicious entities out there. Include a run of AVG Anti-virus as well.
All have free versions.
 
S

sdw

New member
Jul 14, 2005
2,187
0
0
Sonny said:
Use Spybot Search & Destroy regularly along with Malwarebyte to do the trick on malicious entities out there. Include a run of AVG Anti-virus as well.
All have free versions.
Click to expand...
I used to swear by Spybot S&D, but Windows 10 and Spybot S&D don't seem to like each other. I've switched to Malwarebytes which is pretty good at finding stuff.
 
R

razr2krzr

Member
Aug 30, 2007
54
0
6
I have a problem. Laptop infected with ad.directrev.com
Tried AdwCleaner, Junkware Removal Tool, Malwarebytes Anti-Malware Free, Spybot S&D, and HitmanPro all to no avail.
Any ideas would be greatly appreciated and will try.
Thanks in advance.
 
B

Boobfetish

New member
Aug 3, 2015
48
0
0
Reformat

razr2krzr said:
I have a problem. Laptop infected with ad.directrev.com
Tried AdwCleaner, Junkware Removal Tool, Malwarebytes Anti-Malware Free, Spybot S&D, and HitmanPro all to no avail.
Any ideas would be greatly appreciated and will try.
Thanks in advance.
Click to expand...
I get the technical challenge part of trying to disinfect, but it's time to do a backup of your computer ( or at least he OS disk) and then reformat and reinstall your OS. You never truly know if a compromised system has been adequately disinfected anyways, and if you have run that gamut already do the safe thing and start with a clean slate.
 
C

cktc9

Member
Nov 22, 2014
45
0
6
Sounds like you tried some of the tools listed as being useful to remove it.
But it gets installed as an extra feature when installing some downloaded programs. You may need to track down which program installed it. If you still have the install files, fire them up, and see which offer it as an extra, but then don't complete the install. At least you may know where it is. However, since it likely installs itself at boot-up, and likely saves a copy at shut down, deleting it won't help. Then you may need go into safe mode, and erase the offending files there.
No fun either way. I had a different one that took a combination of tricks to finally eradicate.
Search in google, and keep digging for solutions.
If it's not too inconvenient, doing a total wipe and re-install of of your os and programs might save time...
 
B

Boobfetish

New member
Aug 3, 2015
48
0
0
cktc9 said:
...If it's not too inconvenient, doing a total wipe and re-install of of your os and programs might save time...
Click to expand...
I'd wager he's already exceeded my five hour rule - "If you can't reasonably expect to fix it in less than five hours, then it's time to wipe and reinstall" - on average it takes less than that to roll out even relatively complex systems and reinstall the sanitized data, especially given that you never really know what you missed. What little pice of code went into hiding from all currently known detection methods just waiting to reappear later?
 
C

cktc9

Member
Nov 22, 2014
45
0
6
Looks like he's tried all the advertised solutions.
I try to find the discussion groups / user groups that refer to the problem, and usually someone there will list the nuts and bolts solution.
example:
http://www.bleepingcomputer.com/forums/t/483933/redirect-virus-and-ad-popup-virus/

It's a pretty detailed how-to, but not for the faint of heart.
I don't like the advertised solutions, especially when they casually toss around statements like using regedit and look for any line that mentions the adware...
 
westwoody

westwoody

Well-known member
Jun 10, 2004
7,684
7,259
113
Westwood
Time to do a clean Re install.
I save my photos and music on a portable hard drive.
When finished go to msconfig and switch off as much stuff as you can. There is too much bloatware on operating systems.
I go to Task Manager and switch off half the services there too.
Don't use Microsoft Media Player, it is full of spyware too.
 
S

sdw

New member
Jul 14, 2005
2,187
0
0
The biggest mistake people make is doing everything in Administrator when using a Windows computer. People should always use a Standard Account when using a Windows computer, better yet make the Standard Account a Local Account by not using a Microsoft Account to sign in. Sure, you'll have to set a link to your Hotmail/Outlook/Live account because the Mail Icon and Calendar Icon won't work. But everyone in the world won't be able to hack you with one of the pre-made scripts that the script kids amuse themselves with.

Also, remove FLASH. Even Adobe is now telling people that Flash is a major security risk. Flash was built with thousands of back doors for LE, the NSA and the CIA. The script kids and practically everyone else that is hacking you, test for Administrator and then test for Flash. You become a lot more secure without Flash.

Sure, some sites won't run anymore in your browser. Sure, if you click a video in CTV or the Globe and Mail - it won't run. Tough Shit. The lazy ass webpage designer can design their page to use modern secure software instead of an ancient insecure piece of crap that was designed to make it easy to spy on you. My attitude is that if they are still using Flash - they don't want to talk to me or sell me their product.

Flash Backdoors
http://blog.trendmicro.com/trendlab...rs-brought-into-the-light-by-flash-zero-days/
http://www.gnucitizen.org/blog/backdooring-flash-objects-receipt/
 
R

Robert Upndown

You can call me Bob
Sep 23, 2011
1,006
374
83
Scan in Safe Mode where possible, but before doing any type of Malware\Virus Removal, DISABLE SYSTEM RESTORE or as soon as you reboot the offending program simply re installs itself in many cases.
 
S

sdw

New member
Jul 14, 2005
2,187
0
0
Larry Storch said:
Time for Linux on a SSD?
Click to expand...
Actually, the hackers find exploits for anything that has enough users to support a bot network. Apple used to have such a small installed base that it wasn't worthwhile to develop exploits. Then the iPhone came along. Now, there are a lot of exploits that are Apple specific. Steve Jobs started a Crusade against Flash shortly before he died because Flash was the largest attack vector. Now, Adobe is also advising against the use of Flash.

Smartphones are actually a better payoff for hackers because people's phones are on 24/7. Now all smartphone OSs are being hacked - usually through the browser and the Flash based games.

Malwarebytes has a blog that is usually fairly up to date: https://blog.malwarebytes.org/cyber-crime/2015/02/the-facts-about-botnets/
Some botnets you might have heard of

The botnets listed below had their 15 minutes of fame for various reasons.

Koobface is a botnet that for the biggest part relies on social engineering (Facebook) in order to spread. Koobface is typically used for data theft.
Zeus did not limit itself to Windows computers, but it had a component that stole online banking codes from several mobile devices running Symbian, Windows Mobile, Android and Blackberry.
Windigo is a spam-botnet that focuses primarily on Unix servers.
The Flashback botnet however, focuses on Macs.
The ASProx botnet became famous for compromising the Sony PlayStation website in order to spread their payload.
The Sefnit botnet made headlines when it took over the Tor network almost overnight and left all its users open to further infections.
Gameover Zeus has been used for the distribution of the CryptoLocker ransomware.
The Conficker botnet managed to infect millions of computers in over 200 countries in a relatively short period. These included government and large businesses systems.
Kovter is known to spread a great deal of ransomware like the one responsible for the recent suicide of a teenager that fell victim.
Click to expand...
 
S

sdw

New member
Jul 14, 2005
2,187
0
0
Gotee-man said:
What u guys think of lavasoft Ad-Aware?
Click to expand...
Ad-Aware doesn't work as well at stopping stuff as Spybot S&D - problem is that Spybot and Windows 10 don't like each other. So, if you aren't running Windows 10, Spybot is the way to go. If you are running Windows 10, I've been using Malwarebytes. Not the paid version. Which means that you have to scan when you think that you need to. In Windows 10, Windows Defender does an Okay job of controlling Viruses, It just doesn't scan and remove Malware - so you need both Windows Defender and Malwarebytes.
 
C

cktc9

Member
Nov 22, 2014
45
0
6
I run Avira and superantispyware. Both have free versions. Avira is self updating twice daily, and the other needs manual updates.
I have used malwarebytes as well.
Also CCleaner, to keep the cookies under control, and the Palemoon browser (be a smaller target), with their version of AdBlock, Latitude.
Used under Win 7 and 8.1
 
You must log in or register to reply here.
Ashley Madison
Previous Thread Next Thread
Vancouver Escorts
Top Bottom