Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Determine Cause Of Malware Infection


  • Please log in to reply
8 replies to this topic

#1 LoveMyDogs

LoveMyDogs

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 09 December 2007 - 01:26 PM

We are a small, fairly tech-savvy family who about a month ago was hit by malware. My son turned on the computer which had been running pristine clean the night before and went to a site he's been patronizing for years. The site is Gamewinners.com. He was asked if he wanted to download an updated driver and clicked No. Within seconds the computer was running slowly and he turned it off and left me a note. When I rebooted, I was faced with 4 days worth of malware removal (aided in part by information gleaned from this site and the internet). Finally my computer was back to her old self. I kept my son off the computer for 2 weeks. After thinking it was a one time occurrence since previously we hadn't had problems at the gamewinners site I let him back on the computer. When he went back to gamewinners again, we got the malware infection again. This one took me about 2 days to get rid of since I knew most of the techniques from the first time. Again, computer working great!

I was at the store Sunday and yup...my son stopped to look at that site and boom, infected again. How can I find out what the heck is going on at that site? Since my system is clean again, I don't want to go back there to try and report problems. How exactly does one go about telling someone they are doing something bad? It seems like they are attempting to sell malware removal software and oh dear does it strong arm you!

Sad to say, we can't go back there but I'd like to let someone know what's going on.


Mom

BC AdBot (Login to Remove)

 


#2 Master5270

Master5270

  • Members
  • 131 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where am I?
  • Local time:02:09 PM

Posted 09 December 2007 - 02:36 PM

Well, it is possible that the site has been "Hi-Jacked" By hackers. I used to use that site long ago. You could give your son some safe game information sites such as gamefaqs.com
It could also be that the infection is not completly removed, and is there any sign of pop-ups, if so, what are they regarding?

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,091 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:09 PM

Posted 09 December 2007 - 04:13 PM

GameWinners.com is a cheat site for obtaining cheat codes for playstation3, playstation2, Xbox 360, Wii, PSP, Nintendo DS and others.

Game cheat sites like gaming, crack and keygens sites are an increasing source of system infection. They can lead to other sites containing more malware which you can inadvertently download without knowledge or consent. Users visiting such sites may see innocuous-looking banner ads containing code which can trigger pop-up ads and Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. These type of sites can put you at risk to fraud, phishing and theft of personal data. Even if the site is a clean site, there is always the potential of some type of malware making its way there and then onto your system.

You can register a complaint about malware that has infected you at Malware Complaints.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 LoveMyDogs

LoveMyDogs
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 09 December 2007 - 07:34 PM

Well, it is possible that the site has been "Hi-Jacked" By hackers. I used to use that site long ago. You could give your son some safe game information sites such as gamefaqs.com
It could also be that the infection is not completly removed, and is there any sign of pop-ups, if so, what are they regarding?


Hi Master,

I'm positive the infections were removed completely prior to reinfection. Each time, my system was cleaned and running absolutely pristine. It wasn't until going back to that site that my computer was immediately seized. Within seconds, it crawled to a halt. The first time my son visited 2 gaming sites so I didn't know exactly which one caused it. The second time it was ONLY gamewinners he went to so I knew it was the source. Unfortunately I didn't communicate that well to him so he didn't know not to go back to the site for the 3rd time. He knows now!!

I'm sad because I think maybe the site owners are actually trying to sell some "malware" removal program and that's what's causing the problem. It literally locks you down until you bend to their tactics. I won't bend...nor will my computer ever see that site again.

Mom

#5 buddy215

buddy215

  • Moderator
  • 13,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:09 PM

Posted 09 December 2007 - 08:18 PM

You mentioned your son clicking on a link before getting infected. There is also a good possibility that JUST visiting
that site will put malware on your computer. That is called "Driveby" malware installs.
One of the best ways to avoid being infected by drivebys is to use the Firefox Browser with NoScript addon.

You should also consider using McAfee's Site Advisor. When doing searches with Google it will rate the sites and tell you about each of the links in the search page. Doesn't slow down your searches but might prevent you clicking on a site that is dangerous or you definitely would not want to click on any of the links in the dangerous sites.

Edited by buddy215, 09 December 2007 - 08:22 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,091 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:09 PM

Posted 10 December 2007 - 08:06 AM

It wasn't until going back to that site that my computer was immediately seized

It would be a good idea to block going back to that site.

How to Use a Hosts File
Blocking Unwanted Sites with a Hosts File
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 LoveMyDogs

LoveMyDogs
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 11 December 2007 - 11:49 PM

It wasn't until going back to that site that my computer was immediately seized

It would be a good idea to block going back to that site.

How to Use a Hosts File
Blocking Unwanted Sites with a Hosts File


Yup...did that as soon as I nailed that site as being the culprit of the infestation. I can't and won't allow him to go back there. Ever.

My trusty host file is my friend.

Mom

#8 LoveMyDogs

LoveMyDogs
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:09 AM

Posted 11 December 2007 - 11:50 PM

You mentioned your son clicking on a link before getting infected. There is also a good possibility that JUST visiting
that site will put malware on your computer. That is called "Driveby" malware installs.
One of the best ways to avoid being infected by drivebys is to use the Firefox Browser with NoScript addon.

You should also consider using McAfee's Site Advisor. When doing searches with Google it will rate the sites and tell you about each of the links in the search page. Doesn't slow down your searches but might prevent you clicking on a site that is dangerous or you definitely would not want to click on any of the links in the dangerous sites.


I'll check those out. The NoScript addon sounds right up my alley.

Thanks to everyone helping me with information on this topic.

Mom

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,091 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:09 PM

Posted 12 December 2007 - 08:52 AM

Your welcome.

To protect yourself against malware and reduce the potential for re-infection, be sure to read:
"Simple and easy ways to keep your computer safe".
"How did I get infected?, With steps so it does not happen again!".
"The Ten Most Dangerous Things Users Do Online".
"The 10 Biggest Security Risks".
"Hardening Windows Security - Part 1" and "Hardening Windows Security - Part 2".

Safe surfing and have a malware free day.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users