Goatmetal
asked on
Can just visiting a website give my computer a virus?
Can just visiting a website give my computer a virus? WITHOUT doing anything except just typing in the url? I visited this one website and right after my computer had new programs installed, things were popping up, all hell breaking loose...And I have no idea what virus I have. I tried 2 different virus programs, and nothing.
The only other info I can give you is the name of the website, but I don't suggest going there unless your computer is protected. If there's some way somebody can go there and find out what my computer might have, I'd appreciate it. The website is ***link removed by rpggamergirl, ZAPE*** I just did a search of it on google, and there was only ONE result....and that result was *****. lol.
Any help would be appreciated.
The only other info I can give you is the name of the website, but I don't suggest going there unless your computer is protected. If there's some way somebody can go there and find out what my computer might have, I'd appreciate it. The website is ***link removed by rpggamergirl, ZAPE*** I just did a search of it on google, and there was only ONE result....and that result was *****. lol.
Any help would be appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes, that site is a bad site. I ran it in my VM and I can't tell you what type of spyware it is but my AV (Sophos) didn't catch any viruses. As long as you didn't click on anything and went to the task manager and ended it you should be fine. However, considering that you found that site in the first place I assume that you are probably infected and will need to do some serious spyware removal.
As far as what specific spyware that site infects you with I'm not sure. I can run a more in depth scan tomorrow.
As far as what specific spyware that site infects you with I'm not sure. I can run a more in depth scan tomorrow.
Goatmetal:
How come Your post is the very first post here?
The webpage You referred offers empty startup page, so no malicious software there, look, content-length is zero
[raven@kruk tmp]$ telnet ***avproscan.com 80
Trying 82.103.138.135...
Connected to ***.avproscan.com.
Escape character is '^]'.
GET / HTTP/1.1
Host: ***.avproscan.com
HTTP/1.1 200 OK
Date: Sun, 02 Nov 2008 08:24:11 GMT
Server: Apache/1.3.41 (Unix) PHP/5.2.6 with Suhosin-Patch
Last-Modified: Mon, 13 Oct 2008 06:35:59 GMT
ETag: "64a0bf-0-48f2ec4f"
Accept-Ranges: bytes
Content-Length: 0
Content-Type: text/html
How come Your post is the very first post here?
The webpage You referred offers empty startup page, so no malicious software there, look, content-length is zero
[raven@kruk tmp]$ telnet ***avproscan.com 80
Trying 82.103.138.135...
Connected to ***.avproscan.com.
Escape character is '^]'.
GET / HTTP/1.1
Host: ***.avproscan.com
HTTP/1.1 200 OK
Date: Sun, 02 Nov 2008 08:24:11 GMT
Server: Apache/1.3.41 (Unix) PHP/5.2.6 with Suhosin-Patch
Last-Modified: Mon, 13 Oct 2008 06:35:59 GMT
ETag: "64a0bf-0-48f2ec4f"
Accept-Ranges: bytes
Content-Length: 0
Content-Type: text/html
I went there and some scanner was scanning my system, I then abort it quickly.
More likely a rogue or fake antivirus is what you get from that website rather than viruses. Like those family of rogue antivirus, AVsystemCare, Antivirus Pro, Antivirus 2008, 2009, 2010, they evolve into a new name very often.
So this could be "AV Pro' or 'Antivirus Pro" variant.
Try scanning the system with MalwareBytes or any of the 3 tools below and show us the logfile.
Download Malwarebytes' Anti-Malware to your desktop. check for Updates before scanning.
http://www.malwarebytes.or
Download SmitfraudFix, and select Option 2. Clean (Safe mode recommended)
http://siri.geekstogo.com/
Or SDFix, (only works in Safe Mode, extract the file and doubleclick on "RunThisBat").
http://downloads.andymanch
How to use SDFix.
http://www.bleepingcompute
More likely a rogue or fake antivirus is what you get from that website rather than viruses. Like those family of rogue antivirus, AVsystemCare, Antivirus Pro, Antivirus 2008, 2009, 2010, they evolve into a new name very often.
So this could be "AV Pro' or 'Antivirus Pro" variant.
Try scanning the system with MalwareBytes or any of the 3 tools below and show us the logfile.
Download Malwarebytes' Anti-Malware to your desktop. check for Updates before scanning.
http://www.malwarebytes.or
Download SmitfraudFix, and select Option 2. Clean (Safe mode recommended)
http://siri.geekstogo.com/
Or SDFix, (only works in Safe Mode, extract the file and doubleclick on "RunThisBat").
http://downloads.andymanch
How to use SDFix.
http://www.bleepingcompute
Please don't post a clickable link when the site could be malicioius.
That was a dodgy looking site, no legit site that scans your system after clicking the url which what happened when I clicked on its url the first time.
That was a dodgy looking site, no legit site that scans your system after clicking the url which what happened when I clicked on its url the first time.
ASKER
Hey ravenpl, I was wondering that same thing about why my response was up there...It's usually the last one posted. But it's been doing this my last few posts for some reason...Maybe this one will be where it should be...
As for that website, I didn't do what all you others did probably...Didn't all of you use task manager to get out of there? I clicked on the "X" for whatever popped up. I heard from a few people that sometimes clicking "no" on those popups can mean "yes" so I thought the "x" would be safe....But I'll those those programs you suggested rpggamergirl...ty.
As for that website, I didn't do what all you others did probably...Didn't all of you use task manager to get out of there? I clicked on the "X" for whatever popped up. I heard from a few people that sometimes clicking "no" on those popups can mean "yes" so I thought the "x" would be safe....But I'll those those programs you suggested rpggamergirl...ty.
>>>Didn't all of you use task manager to get out of there?<<<
Yes, that's what I did to end task/close IE, which what i usually do for those obnoxious windows where Yes or No or even the X won't do anything.
Yes, that's what I did to end task/close IE, which what i usually do for those obnoxious windows where Yes or No or even the X won't do anything.
You can also try alt-f4 to close a window without clicking on anything.
ASKER
phototropic, I didn't think that would work with those "yes" or "no" popups? Does it really?
Usually works for me.
If it doesn't, then I use task manager.
If it doesn't, then I use task manager.
To answer the question for future viewers of this thread:
Yes - you can be infected by malware just by visiting a website. It's known as a Drive-by Download. Typically some client-side scripting is performed upon arriving at the site in order to direct you to a suitable exploit or exploits which take advantage of vulnerabilities in software you may be running.
With this in mind, help yourself avoid these situations with the following:
a) Keep on top of patch-management - make sure you're running the latest version of any software you use. A great tool for this job is Secunia's Personal Software Inspector http://secunia.com/vulnerability_scanning/personal/ which makes this task really easy.
b) Use the Firefox Web-browser with the No-Script add-on to prevent client-side scripting without your explicit consent.
Yes - you can be infected by malware just by visiting a website. It's known as a Drive-by Download. Typically some client-side scripting is performed upon arriving at the site in order to direct you to a suitable exploit or exploits which take advantage of vulnerabilities in software you may be running.
With this in mind, help yourself avoid these situations with the following:
a) Keep on top of patch-management - make sure you're running the latest version of any software you use. A great tool for this job is Secunia's Personal Software Inspector http://secunia.com/vulnerability_scanning/personal/ which makes this task really easy.
b) Use the Firefox Web-browser with the No-Script add-on to prevent client-side scripting without your explicit consent.
ASKER
Well, I just noticed one good thing that came about all of this...I think I was the very first person to get this on my computer. Because when I checked google, there was only one result, and it was just the url of the website I got it from. I talked to a few of my friends who said that their computer was protected and I told them to go to this site just to see how protected it was, and sure enough their computer was messed up...Then I told them to do the same thing to some of their friends, and so on....Next thing I knew, there is now 150 results on google from people asking how to get rid of this thing...
Now THAT'S how to do it, eh? It's unfortunate that a lot of people have to get it on their computer for it to get attention, but it's getting the attention from some of the biggest virus places like Mcafee, etc...
Now THAT'S how to do it, eh? It's unfortunate that a lot of people have to get it on their computer for it to get attention, but it's getting the attention from some of the biggest virus places like Mcafee, etc...
So.... Goatmetal, if you couldn't find any link to this site... how did you find it?
ASKER
Huh??? What do you mean? I wasn't looking for links to that site. i didn't even know about it, until I was redirected to it from one of my google searches. Is that what you mean? When it took me to that site, numerous things on my computer started popping up with avproscan on it. Then I did a search on google for avproscan, and the only thing that came up was ww.avproscan.com I'm not going near that site anymore. Somebody's gotta shut it down.
ASKER
Well, you were the first person who answer "YES" to my question...And just recently I confirm that you are correct...lol...My computer was definately infected by just visiting a website. www.avproscan.com THAT'S the website. www.avproscan.com Damn you...
ASKER
And thank you tenaj-207 for going to that site to test it out. I had the same problem you did where none of my virus or malware scanners I had installed on my computer would detect anything. It's really weird isn't it? I tried spybot just a little bit ago also, and it didn't detect anything. That's a terrible site. lol