Sources of infections

Baejung92 · 05-18-2009, 07:02 PM

With my computer's last infection having occurred while another person was using it, during and after the disinfection I attempted to track possible places the malware could have come from using Firefox's browsing history. I was able to glean a few likely sources, because there were a few entries there that were obviously redirects or popups.

Now, the question: is it possible for me to identify sources of drive-by downloads or other infections that do not involve obvious URLs? I have found that guide tools like Web of Trust and SiteAdvisor are not very useful for this, and I guess I could use DDS's "Recently Created" area to try and piece together scenarios, it looks like suspicious entries disappear when they have been disinfected and I assume malware that stays dormant for a while cannot be tracked this way.

It's not a real big deal, but especially after some nasty infections recently, I've been trying to always confirm a site safe before going there. It'd be nice if there was a way to see which of these presumed "safe" sites are in fact dangerous.

Any advice would be appreciated!

alpenadiver · 05-20-2009, 06:33 AM

If your using P2P software, or visiting some Bittorrent sites (warez), these are great places to pick up all kinds of viruses, and malware. These also will not show up in your browser.

Baejung92 · 05-21-2009, 04:51 PM

Hmm... I don't do either of those. I've been assuming that all the bad stuff I've ever picked up came from "normal" sites

mcorton · 05-21-2009, 08:29 PM

Many social sites like myspace, friendster, facebook, paltalk etc, accept advertisements from anyone who'll pay. I had a laptop that was destroyed by viruses picked up in ads when my daughter was using it. Not knowing what shew was doing she fell for the pop ups that say your computer is infected, click her to remove the viruses which installed more viruses. A lot of the infection comes from rouge ads on "normal" sites.

alpenadiver · 05-22-2009, 02:54 AM

If you want another layer of protection from questionable ads, run a modified host file.
http://www.mvps.org/winhelp2002/hosts.htm

I run this on all my computers, it does a great job. Just download then copy to your:
C:\Windows\System32\Drivers\Etc folder rename your current host file to host.old then paste new file.

Baejung92 · 05-23-2009, 02:36 PM

But the thing is, popups and ads usually show up in History, right? So it shouldn't be too difficult to trace where these infections came from. It's the sites that cannot be tracked like that that have me concerned.

As for the HOSTS thing, I'm trying it out now and it seems great. Thanks.

05-18-2009, 07:02 PM	#1 (permalink)
Baejung92 Registered User Join Date: Dec 2008 Posts: 174 OS: Windows XP SP3	Sources of infections With my computer's last infection having occurred while another person was using it, during and after the disinfection I attempted to track possible places the malware could have come from using Firefox's browsing history. I was able to glean a few likely sources, because there were a few entries there that were obviously redirects or popups. Now, the question: is it possible for me to identify sources of drive-by downloads or other infections that do not involve obvious URLs? I have found that guide tools like Web of Trust and SiteAdvisor are not very useful for this, and I guess I could use DDS's "Recently Created" area to try and piece together scenarios, it looks like suspicious entries disappear when they have been disinfected and I assume malware that stays dormant for a while cannot be tracked this way. It's not a real big deal, but especially after some nasty infections recently, I've been trying to always confirm a site safe before going there. It'd be nice if there was a way to see which of these presumed "safe" sites are in fact dangerous. Any advice would be appreciated!

05-20-2009, 06:33 AM	#2 (permalink)
alpenadiver Registered User Join Date: Jul 2007 Location: Alpena, Michigan Posts: 346 OS: Windows XP Pro, Windows 7 My System	Re: Sources of infections If your using P2P software, or visiting some Bittorrent sites (warez), these are great places to pick up all kinds of viruses, and malware. These also will not show up in your browser.

05-21-2009, 04:51 PM	#3 (permalink)
Baejung92 Registered User Join Date: Dec 2008 Posts: 174 OS: Windows XP SP3	Re: Sources of infections Hmm... I don't do either of those. I've been assuming that all the bad stuff I've ever picked up came from "normal" sites

05-21-2009, 08:29 PM	#4 (permalink)
mcorton Registered User Join Date: Apr 2009 Posts: 60 OS: Windows xp SP2	Re: Sources of infections Many social sites like myspace, friendster, facebook, paltalk etc, accept advertisements from anyone who'll pay. I had a laptop that was destroyed by viruses picked up in ads when my daughter was using it. Not knowing what shew was doing she fell for the pop ups that say your computer is infected, click her to remove the viruses which installed more viruses. A lot of the infection comes from rouge ads on "normal" sites.

05-22-2009, 02:54 AM	#5 (permalink)
alpenadiver Registered User Join Date: Jul 2007 Location: Alpena, Michigan Posts: 346 OS: Windows XP Pro, Windows 7 My System	Re: Sources of infections If you want another layer of protection from questionable ads, run a modified host file. http://www.mvps.org/winhelp2002/hosts.htm I run this on all my computers, it does a great job. Just download then copy to your: C:\Windows\System32\Drivers\Etc folder rename your current host file to host.old then paste new file. Last edited by alpenadiver; 05-22-2009 at 02:57 AM.

05-23-2009, 02:36 PM	#6 (permalink)
Baejung92 Registered User Join Date: Dec 2008 Posts: 174 OS: Windows XP SP3	Re: Sources of infections But the thing is, popups and ads usually show up in History, right? So it shouldn't be too difficult to trace where these infections came from. It's the sites that cannot be tracked like that that have me concerned. As for the HOSTS thing, I'm trying it out now and it seems great. Thanks.