jacko
|
| posted on 10/1/08 at 06:11 PM |
|
|
Malware San .com ? is this a trojan horse?
We keep getting a box up from our internet security (Avast) telling us it has stopped a trojan horse from accessing our computer. At the same time we
are getting a box up which is telling us to scan our computer with Malware Download. by Malwarescan.com. We have been told by Avast it is a dangerous
site. We are having trouble shutting the box down and are having to unplug the telephone or restart the computer by cont alt delete and going to
shutdown and restart. We have Zone alarm spy blocker installed and thought it would stop this spyware from getting in. Any comments.? Thank Graham
|
|
|
|
|
Pants On Fire
|
| posted on 10/1/08 at 06:21 PM |
|
|
I've started getting exactly the same in the last 2 or 3 days, Norton blocks 'Downloader' but the malware site is 'kin
annoying to say the least.
Yes, I am an agent of Satan, but my duties are largely ceremonial.
|
|
|
Mr Whippy
|
| posted on 10/1/08 at 06:27 PM |
|
|
Dont download anything at all unless you can verify it's genuine, or you'll have only yourself to blame.
Bin Norton it's rubbish, AVG works much better and finds viruses that Norton can't and it's free.
[Edited on 10/1/08 by Mr Whippy]
Fame is when your old car is plastered all over the internet
|
|
|
jacko
|
| posted on 10/1/08 at 06:32 PM |
|
|
We don't have norton on this computer but we used to have it on our last one. We never had these problems then. We have only had this computer
up and running for less than a week. What security blocker do you suggest to stop this kind of thing happening? We have Avast on at the moment. Graham
|
|
|
blakep82
|
| posted on 10/1/08 at 06:45 PM |
|
|
my other pc just says 'cannot locate operating system' now when i try to start it up... i don't know why 
________________________
IVA manual link http://www.businesslink.gov.uk/bdotg/action/detail?type=RESOURCES&itemId=1081997083
don't write OT on a new thread title, you're creating the topic, everything you write is very much ON topic!
|
|
|
iank
|
| posted on 10/1/08 at 06:49 PM |
|
|
Don't download anything from malware-scan com whatever you do.
http://www.siteadvisor.com/sites/malware-scan.com?ref=safesearch&client_ver=FF_26.5_6176&locale=en-GB&premium=false&aff_id=0
Can't really advise further, my anti-virus solution is not running windows 
--
Never argue with an idiot. They drag you down to their level, then beat you with experience.
Anonymous
|
|
|
jacko
|
| posted on 10/1/08 at 07:05 PM |
|
|
quote:
Originally posted by iank
Don't download anything from malware-scan com whatever you do.
http://www.siteadvisor.com/sites/malware-scan.com?ref=safesearch&client_ver=FF_26.5_6176&locale=en-GB&premium=false&aff_id=0
Can't really advise further, my anti-virus solution is not running windows
WARNING!
WARNING!
We have just clicked on your link and straight away this malware thing started up. Weve had to close the programme down to get rid of it.
|
|
|
omega 24 v6
|
| posted on 10/1/08 at 07:08 PM |
|
|
This is the same site that tried to upload the downloader.tibs virus to my machine last weekend. DON'T USE IT it is a c8nt to close as it keeps
on throwing up another pop up. I got there by trying to use a legitimate site while searching for Belgian Bus travel tickets
I think/hope i've got rid of it as all seems well at the moment. Going to do a scan later on and see.
If it looks wrong it probably is wrong.
|
|
|
iank
|
| posted on 10/1/08 at 07:18 PM |
|
|
Text from the first page of the link I provided (it carries on in the same vein. it's a mcafee site by the way)
malware-scan.com
Red Verdict Image
In our tests, we found downloads on this site that some people consider adware, spyware or other potentially unwanted programs.
Are you the owner of this site? Add a comment
User Reviews (27)
page 1 of 3
Learn more about our reviewer system.
Rating: Adware, spyware, or viruses
Posted at 01/04/2008-09:27:38 PM by rallybrendan2008, Reviewer , View profile [ Reputation score: 1 / 9 ]
Rating: Adware, spyware, or viruses
I didn't download anything from the site, so I don't know if it actually has a virus, spyware, etc. but the site is deceptive at best.
When you first come to the site it PRETENDS to be scanning your system and comes up with errors and tells you to download their program to fix them. I
can say that it pretends with confidence for a few reasons, but mainly because it shows "Local Disc(C ", "Local Disc(D",
"DVD-RAM(F" and "Shared Documents". My computer is not configured that way--it's just a canned script trying to scare
you into downloading their program. Heaven only knows what it will do once you download it. Don't trust it--run away!
Posted at 11/29/2007-01:38:06 AM by dcm32, Reviewer , View profile [ Reputation score: 1 / 9 ]
Rating: Adware, spyware, or viruses
(Also directly related to "Phising or other scams" and indirectly to "Browser exploit"
I would like to apologise greatly for my previous error and state that "malware-scan[DOT]com IS a current malware threat.
My analysis was brief and ignorant. After further reviewing this domain, I decided to run it through my own URL scanner in an attempt to locate any
sub-pages other than the home page of this domain: It was then that I located "scanner[DOT]malware-scan[DOT]com".
Once I entered this page, I was redirected to the domain of the rogue anti-malware application "MalwareAlarm". Once there, I was subject
to multiple browser-incorperated windows, text based, and image based warnings attempting to goad me in to believing my PC was infected with
malware.
MalwareAlarm it self was not origionally directly related to the malware-scan domain. However, the fact that I recieved this redirection indicates
that the domain: "malware-scan[DOT]com" is still utilised to promote rogue anti-malware applications.
Once again, I apologise profusely for any confusion my previous review may have caused and renounce any "This site is good" ratings
submitted on my part towards this particular domain.
----------------------------------------------------------
d4rkr1d3r
Posted at 11/26/2007-12:58:16 PM by darkrider53, Reviewer , View profile [ Reputation score: 1 / 9 ]
Rating: This site is good
This domain was once utilised to promote rogue anti-malware applications through a deceptive, fake malware scan .swf ("ShockWaveFlash" -
"Macromedia Flash/Shockwave" proprietary vector graphics file format) image with with no malware scanning capibilites. This .swf image
would then warn the user of non-existant malware infections on thier PC in an attempt to phish thier credit card (or other financial) details.
However, at this moment in time (25th November 2007, 21:02) the domain is simply blank except for a simple phrase: "Welcome to nginx!".
The HTML source of the domain has been analysed and tested for malicious content on a test PC and none could be located.
Here is the page source:
<html>
<head>
<title>Welcome to nginx!</title>
</head>
<body bgcolor="white" text="black">
<center><h1>Welcome to nginx!</h1></center>
</body>
</html>
As you can see, the HTML coding contains simply the phrase mentioned before, which is paralleled in the <title> at the top of the browser
window.
"nginx" is a legitimate lightweight, Russian web server/reverse proxy and mail (IMAP/POP3) proxy. nginx is currently employed on 329076
domains (0.26% market share).
Therefore, at this particular moment in time, the domain serves no active threat to the general public and should be dismissed as a threat until
it's possible renewal as a malware distributing domain.
----------------------------------------------------------
d4rkr1d3r
Posted at 11/25/2007-03:10:21 PM by darkrider53, Reviewer , View profile [ Reputation score: 1 / 9 ]
Rating: Adware, spyware, or viruses
this is a bad site. dont trust it.
Posted at 11/18/2007-01:31:42 PM by Zandy190, Reviewer , View profile [ Reputation score: 1 / 9 ]
Rating: Phishing or other scams
Fake
Posted at 11/18/2007-12:44:01 PM by Terrum, Reviewer , View profile [ Reputation score: 1 / 9 ]
Rating: Adware, spyware, or viruses
Total Malware site! Attempts to install itself under the guise of 'spyware protection.' This site is a MAJOR RISK and can cause MAJOR
HARM.
Posted at 11/13/2007-10:28:57 AM by edwards, Reviewer , View profile [ Reputation score: 1 / 9 ]
Rating: Adware, spyware, or viruses
Another Rough antispyware from RBN
scanner.malware-scan.com/aswp/Install-bTBybmluZ3g-Y3I1X3Vz-MQ.exe
Posted at 10/26/2007-07:33:48 AM by iamthelost, Reviewer , View profile [ Reputation score: 2 / 9 ]
Another rough antispyware from RBN
scanner.malware-scan.com/aswp/Install-bTBybmluZ3g-Y3I1X3Vz-MQ.exe
Posted at 10/26/2007-07:33:25 AM by iamthelost, Reviewer , View profile [ Reputation score: 2 / 9 ]
Rating: Adware, spyware, or viruses
It's a fake anti-spyware site that tries to scare you into buying a useless product. It may also be trying to install itself through a
backdoor.
[Edited on 10/1/08 by iank]
--
Never argue with an idiot. They drag you down to their level, then beat you with experience.
Anonymous
|
|
|
britishtrident
|
| posted on 10/1/08 at 09:00 PM |
|
|
A hostageware trojan.
Encountered a PC one similar just before Xmas Antivira sorted it out once pc was booted in safe mode with the system restore turned off.
Usual method is
(1) remove any existing anti-virus software
(2) down load Hijack This
(3) Download Startup List
(4) Download and install AntiVira
(5) Turn off system restore
(6) Boot in safe mode
(7) Run Widows TaskManager (ctrl alt del) and stop any running process that iffy
(8) Run HighjackThis and clear out anything iffy
(8) Install Free Antivira, update it and do a smart scan.
(9) Reboot in normal mode
(10) Turn system restore back on.
[I] What use our work, Bennet, if we cannot care for those we love? .
― From BBC TV/Amazon's Ripper Street.
[/I]
|
|
|
britishtrident
|
| posted on 10/1/08 at 09:01 PM |
|
|
Nearly forgot
(11) Install Firefox !
[I] What use our work, Bennet, if we cannot care for those we love? .
― From BBC TV/Amazon's Ripper Street.
[/I]
|
|
|
violentblue
|
| posted on 10/1/08 at 09:18 PM |
|
|
quote:
Originally posted by iank
my anti-virus solution is not running windows
i've found this to be the best solution as well.
a few pics of my other projects
|
|
|
Hellfire
|
| posted on 10/1/08 at 09:49 PM |
|
|
quote:
Originally posted by violentblue
quote:
Originally posted by iank
my anti-virus solution is not running windows
i've found this to be the best solution as well.
I found this is ok - if you don't want the majority industry standard software that people cant be arsed to write trojans/virii for in the first
place. Good in one way but bad in another - I'll persevere with Windoze... oh and firefox and AVG...
Steve
|
|
|
Pants On Fire
|
| posted on 11/1/08 at 09:36 AM |
|
|
quote:
Originally posted by Mr Whippy
Bin Norton it's rubbish, AVG works much better and finds viruses that Norton can't and it's free.
[Edited on 10/1/08 by Mr Whippy]
Uninstalled Norton and put AVG on, turned up 6 threats and Trojans that Norton missed. Ta Mr Whippy!
Yes, I am an agent of Satan, but my duties are largely ceremonial.
|
|
|
iank
|
| posted on 11/1/08 at 09:58 AM |
|
|
quote:
Originally posted by Hellfire
quote:
Originally posted by violentblue
quote:
Originally posted by iank
my anti-virus solution is not running windows
i've found this to be the best solution as well.
I found this is ok - if you don't want the majority industry standard software that people cant be arsed to write trojans/virii for in the first
place. Good in one way but bad in another - I'll persevere with Windoze... oh and firefox and AVG...
Steve
Fair enough it's not for everyone - but 90% of users just surf the web, send email, download music and pr0n, store/manipulate photos and write
the odd letter to the bank all of which can be done as well/better than windows.
I've yet to find anything I want to run that I can't. Only problem for most people would be playing games - just go and buy a console for
those.
By the way you are factually incorrect about the trojans/virii it's got little to do with hackers being bothered. Windoze is insecure in
it's basic design both through poor design for commercial reasons and requirements to be compatible with previous diabolically bad designs. If
you want a secure OS you just wouldn't want to start from there. The development model of Linux is also an advantage as every bit of code that
goes has been checked by a few dozen people and tested by thousands.
There have been Linux viruses/trojans but the way development works the security hole they snuck in through is fixed in minutes/hours and the
distributions have it patched and distributed in a few days. Microsoft have a monthly cycle for critical problems these days so average exposure to
danger is 2 weeks. Until recently they really haven't been a problem as people who run alternative OS's tend to be computer savvy and
aren't the kind of people to click on 'run this program to see a nekkid grl' links, this may change as it gets more popular.
--
Never argue with an idiot. They drag you down to their level, then beat you with experience.
Anonymous
|
|
|
britishtrident
|
| posted on 11/1/08 at 11:56 AM |
|
|
quote:
Originally posted by Pants On Fire
quote:
Originally posted by Mr Whippy
Bin Norton it's rubbish, AVG works much better and finds viruses that Norton can't and it's free.
[Edited on 10/1/08 by Mr Whippy]
Uninstalled Norton and put AVG on, turned up 6 threats and Trojans that Norton missed. Ta Mr Whippy!
Much as I dislike Norton a lot of threats reported by AV programs aren't a problem.
All AV programs give false posatives or report innocent programs such as Angry IPScanner as security breaches.
[I] What use our work, Bennet, if we cannot care for those we love? .
― From BBC TV/Amazon's Ripper Street.
[/I]
|
|
|
jacko
|
| posted on 13/1/08 at 06:18 PM |
|
|
malware
Thanks for all your help we have managed to get rid of our malware in the end with a little help from a friend and spyware called spydoctor. We tried
loads of spyware blockers and this was the only one we could get to dispose of it. The files were hidden in drive C and the pig came from Russia in
the form of a Trojan Horse. So far no pop ups have got through since we got rid. Touch Wood. Graham
|
|
|
