Solved

Can just visiting a website give my computer a virus?

Posted on 2008-11-02
16
1,934 Views
Last Modified: 2012-06-27
Can just visiting a website give my computer a virus? WITHOUT doing anything except just typing in the url? I visited this one website and right after my computer had new programs installed, things were popping up, all hell breaking loose...And I have no idea what virus I have. I tried 2 different virus programs, and nothing.

The only other info I can give you is the name of the website, but I don't suggest going there unless your computer is protected. If there's some way somebody can go there and find out what my computer might have, I'd appreciate it. The website is ***link removed by rpggamergirl, ZAPE***     I just did a search of it on google, and there was only ONE result....and that result was *****.  lol.

Any help would be appreciated.
0
Comment
Question by:Goatmetal
  • 6
  • 3
  • 2
  • +3
16 Comments
 

Author Comment

by:Goatmetal
ID: 22860667
Cool, thanks ravenpl for the suggestion for getting that daemon scanner...Since you have that on your computer and it's safe from anything being installed, could you visit that website I mentioned (www.*********.com) and maybe see what it's trying to install?

And thank you tenaj-207 for going to that site to test it out. I had the same problem you did where none of my virus or malware scanners I had installed on my computer would detect anything. It's really weird isn't it? I tried spybot just a little bit ago also, and it didn't detect anything. That's a terrible site. lol
0
 
LVL 43

Accepted Solution

by:
ravenpl earned 125 total points
ID: 22860618
> Can just visiting a website give my computer a virus?
Yes.

Install daemon scanner which can prevent virus installation while browsing Internet. Web scanners are fine, but cannot detect everything.
0
 
LVL 15

Expert Comment

by:tenaj-207
ID: 22860627
Yes, that site is a bad site.  I ran it in my VM and I can't tell you what type of spyware it is but my AV (Sophos) didn't catch any viruses.  As long as you didn't click on anything and went to the task manager and ended it you should be fine.  However, considering that you found that site in the first place I assume that you are probably infected and will need to do some serious spyware removal.  

As far as what specific spyware that site infects you with I'm not sure.  I can run a more in depth scan tomorrow.
0
 
LVL 43

Expert Comment

by:ravenpl
ID: 22860787
Goatmetal:
How come Your post is the very first post here?

The webpage You referred offers empty startup page, so no malicious software there, look, content-length is zero
[raven@kruk tmp]$ telnet ***avproscan.com 80
Trying 82.103.138.135...
Connected to ***.avproscan.com.
Escape character is '^]'.
GET / HTTP/1.1
Host: ***.avproscan.com

HTTP/1.1 200 OK
Date: Sun, 02 Nov 2008 08:24:11 GMT
Server: Apache/1.3.41 (Unix) PHP/5.2.6 with Suhosin-Patch
Last-Modified: Mon, 13 Oct 2008 06:35:59 GMT
ETag: "64a0bf-0-48f2ec4f"
Accept-Ranges: bytes
Content-Length: 0
Content-Type: text/html
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 22860810
I went there and some scanner was scanning my system, I then abort it quickly.

More likely a rogue or fake antivirus is what you get from that website rather than viruses. Like those family of rogue antivirus, AVsystemCare, Antivirus Pro, Antivirus 2008, 2009, 2010, they evolve into a new name very often.
So this could be "AV Pro' or 'Antivirus Pro" variant.
Try scanning the system with MalwareBytes or any of the 3 tools below and show us the logfile.

Download Malwarebytes' Anti-Malware to your desktop. check for Updates before scanning.
http://www.malwarebytes.org/mbam.php

Download SmitfraudFix, and select Option 2. Clean (Safe mode recommended)
http://siri.geekstogo.com/SmitfraudFix.php

Or SDFix, (only works in Safe Mode, extract the file and doubleclick on "RunThisBat").
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

How to use SDFix.
http://www.bleepingcomputer.com/forums/topic131299.html


0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 22860832
Please don't post a clickable link when the site could be malicioius.

That was a dodgy looking site, no legit site that scans your system after clicking the url which what happened when I clicked on its url the first time.
0
 

Author Comment

by:Goatmetal
ID: 22860862
Hey ravenpl, I was wondering that same thing about why my response was up there...It's usually the last one posted. But it's been doing this my last few posts for some reason...Maybe this one will be where it should be...

As for that website, I didn't do what all you others did probably...Didn't all of you use task manager to get out of there? I clicked on the "X" for whatever popped up. I heard from a few people that sometimes clicking "no" on those popups can mean "yes" so I thought the "x" would be safe....But I'll those those programs you suggested rpggamergirl...ty.
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 22860882
>>>Didn't all of you use task manager to get out of there?<<<
Yes, that's what I did to end task/close IE, which what i usually do for those obnoxious windows where Yes or No or even  the X won't do anything.
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 23

Expert Comment

by:phototropic
ID: 22861720
You can also try alt-f4 to close a window without clicking on anything.

0
 

Author Comment

by:Goatmetal
ID: 22862364
phototropic, I didn't think that would work with those "yes" or "no" popups? Does it really?
0
 
LVL 23

Expert Comment

by:phototropic
ID: 22863440
Usually works for me.
If it doesn't, then I use task manager.

0
 
LVL 12

Expert Comment

by:jahboite
ID: 22865566
To answer the question for future viewers of this thread:
Yes - you can be infected by malware just by visiting a website.  It's known as a Drive-by Download.  Typically some client-side scripting is performed upon arriving at the site in order to direct you to a suitable exploit or exploits which take advantage of vulnerabilities in software you may be running.

With this in mind, help yourself avoid these situations with the following:

a) Keep on top of patch-management - make sure you're running the latest version of any software you use.  A great tool for this job is Secunia's Personal Software Inspector http://secunia.com/vulnerability_scanning/personal/ which makes this task really easy.

b) Use the Firefox Web-browser with the No-Script add-on to prevent client-side scripting without your explicit consent.
0
 

Author Comment

by:Goatmetal
ID: 22891188
Well, I just noticed one good thing that came about all of this...I think I was the very first person to get this on my computer. Because when I checked google, there was only one result, and it was just the url of the website I got it from. I talked to a few of my friends who said that their computer was protected and I told them to go to this site just to see how protected it was, and sure enough their computer was messed up...Then I told them to do the same thing to some of their friends, and so on....Next thing I knew, there is now 150 results on google from people asking how to get rid of this thing...
Now THAT'S how to do it, eh? It's unfortunate that a lot of people have to get it on their computer for it to get attention, but it's getting the attention from some of the biggest virus places like Mcafee, etc...
0
 
LVL 15

Expert Comment

by:tenaj-207
ID: 22891204
So.... Goatmetal, if you couldn't find any link to this site... how did you find it?
0
 

Author Comment

by:Goatmetal
ID: 22891927
Huh??? What do you mean? I wasn't looking for links to that site. i didn't even know about it, until I was redirected to it from one of my google searches. Is that what you mean? When it took me to that site, numerous things on my computer started popping up with avproscan on it. Then I did a search on google for avproscan, and the only thing that came up was ww.avproscan.com   I'm not going near that site anymore. Somebody's gotta shut it down.
0
 

Author Closing Comment

by:Goatmetal
ID: 31512451
Well, you were the first person who answer "YES" to my question...And just recently I confirm that you are correct...lol...My computer was definately infected by just visiting a website. www.avproscan.com    THAT'S the website. www.avproscan.com  Damn you...
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
This video discusses moving either the default database or any database to a new volume.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now