Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

URLVoid and Virustotal


  • Please log in to reply
21 replies to this topic

#1 Castle Robin

Castle Robin

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:50 PM

Posted 06 March 2014 - 05:28 AM

How accurate are URLVoid and VirusTotal for results of which sites are safe and dangerous?

 

I don't know if these and/or which other web sites give the most accurate results, as I've read some reviews of WOT that it's biased and others saying it's accurate.  As it's recommended on BC, I'm inclined to go with BC and have reinstalled it, avoiding any sites with yellow or red lights, but URLVoid and VirusTotal have given very negative reviews for Lifehacker, thus this would also apply to Disconnect, but these two scanners give Disconnect a Zero (safe) rating:

 

http://www.urlvoid.com/scan/lifehacker.com/

https://www.virustotal.com/en/url/0c495016e8e621f1662b0afba18378d3de9ac5db27248b1e1135283340f794a1/analysis/1394098312/

 

Wilders Security seems to be reliable.  If they are, I assume that this article is accurate?:

 

http://www.wilderssecurity.com/showthread.php?p=1979978

 

I like the concept of Private search engines, provided they don't have any hidden agendas.


Edited by Castle Robin, 06 March 2014 - 06:30 AM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:50 PM

Posted 06 March 2014 - 07:17 AM


There are several places where you can check suspicious sites using various URL Link Scanners:Use several different vendors when performing queries to confirm the results of page content. Even doing this, you still need to be cautions of other links on the page itself which can redirect to a malicious page.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:50 PM

Posted 06 March 2014 - 07:17 AM

Firefox makes use of the Google site advisor. Along with that and using the add-on NoScript will protect you from malware being installed by just

visiting a web page and many other types of malware.

 

Of course, keeping those very vulnerable/ often exploited programs such as Adobe Reader, Adobe Flash, JAVA,

browsers and OSes updated is necessary, too. Other than that, avoiding downloading free videos, music and pirated programs using P2P is necessary, too.

 

Today, almost every free program, even those which once were adware free, have adware. Some you can prevent adware from being installed by simply UNchecking

their install and some not....foistware.


Edited by buddy215, 06 March 2014 - 07:49 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:50 PM

Posted 06 March 2014 - 07:30 AM

BTW, if you already are using Firefox, you can use the VTzilla Add-on to check (analyze) a URL or file for malware at VirusTotal before downloading and saving it to you computer.
 

VTzilla is a Mozilla Firefox browser plugin that simplifies the process of scanning Internet resources with VirusTotal. It allows you to download files directly with VirusTotal's web application prior to storing them in your PC. Moreover, it will not only scan files, but also URLs. The scanning options are embedded in Firefox's context menu and download dialog, making the analysis process as easy as clicking a single button...Once you have checked the file, you will decide whether or not to download it to your PC.

VTzilla: Mozilla Firefox Browser Extension

vtzilla-download-1.png

The VTzilla adds an option to the Context Menu which allows you to right-click on any URL and choose "Scan with Virus Total". VTzilla will also create a Virus Total toolbar, which if checked in View > Toolbars adds options in the browser to Scan the current site or Search Virus Total.

vtzilla-contextmenu-1.png
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Castle Robin

Castle Robin
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:50 PM

Posted 06 March 2014 - 08:25 AM

These are an excellent set of web sites.  From the few sites I've so far checked, most tend to be positive against negative, which can make things very tricky to know which sources are accurate, but theyr'e very useful.

 

Unlike IXQuick, Duck Duck Go seems to be approved overall, both in terms of these links and individual reviews.

 

There are several places where you can check suspicious sites using various URL Link Scanners:

Use several different vendors when performing queries to confirm the results of page content. Even doing this, you still need to be cautions of other links on the page itself which can redirect to a malicious page.

 



#6 Castle Robin

Castle Robin
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:50 PM

Posted 06 March 2014 - 08:30 AM

Firefox makes use of the Google site advisor. Along with that and using the add-on NoScript will protect you from malware being installed by just

visiting a web page and many other types of malware.

 

Of course, keeping those very vulnerable/ often exploited programs such as Adobe Reader, Adobe Flash, JAVA,

browsers and OSes updated is necessary, too. Other than that, avoiding downloading free videos, music and pirated programs using P2P is necessary, too.

 

Today, almost every free program, even those which once were adware free, have adware. Some you can prevent adware from being installed by simply UNchecking

their install and some not....foistware.

 

Like Quietman7, your advice is also invaluable. :)

 

As to downloading free videos, I think this software product, also available as a Firefox add-on may or may not be suspicious, if the display of "Coupons Helper" and "Play strategy games" when right clicking on the add-on icon in the top right of the screen is relevant.  It's an invaluable, easy to use program, but the two displays have made me wonder if they signify anything sinister, as the Helper and Games are also downloadable as separate add-ons and I was given no option to install or refuse them, I just noticed them when I right clicked the add-on to see which features exist in the program:  

 

http://www.downloadhelper.net/

 

The report described in this link also gives me the impression this program is suspicious.  I have since deleted the add-on which didn't hijack my computer in any way, but I'm just not too sure about it:

 

https://support.mozilla.org/en-US/questions/795258

 

In contrast, Sandboxie is highly recommended by many people to use in conjunction with other security program to help reduce malware getting into a computer:

 

http://www.sandboxie.com

 

I temporarily uninstalled Sandboxie during a malware removal process where certain programs needed to be disabled, as I wasn't sure how to temporarily disable Sandboxie, but I've since found a way and will reinstall it once I get confirmation that my computer is now clean.  Nasdaq has been most invaluable in giving me various steps to remove and look out for junk on my computer to remove.


Edited by Castle Robin, 06 March 2014 - 08:54 AM.


#7 Castle Robin

Castle Robin
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:50 PM

Posted 06 March 2014 - 08:36 AM

I'd not heard of VTzilla before, only Stopzilla.  This sounds like a very useful add-on.  Normally, I tend to avoid toolbars, as they're often renowned for adding spyware or malware in them, but in this case the opposite applies.

 

The difficulty I, probably most, if not all of us find is that, while WOT and other programs are very useful in warning users which sites to avoid when viewing sets of pages in a search engine list, eg green (safe), yellow (suspicious) or red (dangerous), if a grey symbol appears (where WOT doesn't know the status of a web site) or we click onto innocent looking sites, it's not always easy to tell if they're dangerous, as very few malware warnings to block a site ever appear.

 

Although Virus Total appears in English, it looks like it could be based in Spain, unless the Spanish image of the add-on is just a Spanish version example, but it's very interesting to translate and compare the Spanish word equivalents. :)

 

BTW, if you already are using Firefox, you can use the VTzilla Add-on to check (analyze) a URL or file for malware at VirusTotal before downloading and saving it to you computer.
 

VTzilla is a Mozilla Firefox browser plugin that simplifies the process of scanning Internet resources with VirusTotal. It allows you to download files directly with VirusTotal's web application prior to storing them in your PC. Moreover, it will not only scan files, but also URLs. The scanning options are embedded in Firefox's context menu and download dialog, making the analysis process as easy as clicking a single button...Once you have checked the file, you will decide whether or not to download it to your PC.

VTzilla: Mozilla Firefox Browser Extension

vtzilla-download-1.png

The VTzilla adds an option to the Context Menu which allows you to right-click on any URL and choose "Scan with Virus Total". VTzilla will also create a Virus Total toolbar, which if checked in View > Toolbars adds options in the browser to Scan the current site or Search Virus Total.

vtzilla-contextmenu-1.png

 



#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:50 PM

Posted 06 March 2014 - 09:18 AM


Many site rating vendors (i.e. McAfee SiteAdvisor, WOT) use a system of volunteer testers that continually patrol the Web to browse sites, download files, and enter information on sign-up forms. All the results are documented and supplemented with feedback from users, Web site owners, and analysis from their own employees. The advising site vendor then summarizes the results sometimes into a color-coded red, yellow and green ratings scale to help inform Web users as to the safety of each tested site. The use of such rating sites does not always guarantee an accurate rating of the results they provide. Even Bleeping Computer has been incorrectly rated - see here.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 Castle Robin

Castle Robin
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:50 PM

Posted 06 March 2014 - 10:57 AM

It's very concerning that, even though well intended, web sites' traffic light system of not always using the correct code could put users at potential risk of visiting a bad site or missing out on a good site, and when other web site monitors vary considerably can complicate things, as users won't know which sources are accurate including Duck Duck Go, which has mixed opinions on whether it's safe or a scam, but overall, it sounds as though everyone who takes the necessary precautions with site advisors, anti-viruses (one only or one regular and one cloud, as they both work differently from one another with the same purpose), an anti-malware, a firewall and a sandbox, etc will considerably increase their protection, as far as possible, against malware and the like.

 

I see what you mean about the error rating for Bleepingcomputer. :o  Scamadviser too.

 

Many site rating vendors (i.e. McAfee SiteAdvisor, WOT) use a system of volunteer testers that continually patrol the Web to browse sites, download files, and enter information on sign-up forms. All the results are documented and supplemented with feedback from users, Web site owners, and analysis from their own employees. The advising site vendor then summarizes the results sometimes into a color-coded red, yellow and green ratings scale to help inform Web users as to the safety of each tested site. The use of such rating sites does not always guarantee an accurate rating of the results they provide. Even Bleeping Computer has been incorrectly rated - see here.


Edited by Castle Robin, 06 March 2014 - 10:59 AM.


#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:50 PM

Posted 06 March 2014 - 11:47 AM


That's why it's important to use several different vendors when performing queries to confirm the results of page content.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 Castle Robin

Castle Robin
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:50 PM

Posted 06 March 2014 - 11:53 AM

That's why it's important to use several different vendors when performing queries to confirm the results of page content.

 

The only dilemma I have is when vendor queries and independent review sites vary considerably between each other so that I'm not always sure which sources are accurate.  IXQuick being a prime example, but I've since removed it, thanks to Nasdaq's recommendation, and several vendors have given malware reviews for this particular search engine, but fewer people are suspicious of Duck Duck Go.


Edited by Castle Robin, 06 March 2014 - 11:54 AM.


#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:50 PM

Posted 06 March 2014 - 01:43 PM

IXQuick and DuckDuckGo are two of many search engines...they allow you to search anonymously and protect your privacy which is why many folks use them.

Nasdaq' referred you to this link which pertains to Ixquick Toolbar, not the search engine. That is what he was referring to when saying "It's your call if you want to keep IXQuick". In fact, the information you have been reading in regards to it being malware, most likely pertains to these toolbars and add-ons, not the actual search engine itself.

Toolbars and add-ons are not an infection in the typical sense...they are more accurately classified as Potentially Unwanted Programs (PUPs) and PUPS do not fall in the same category as malicious files such as viruses, Trojans, worms, rootkits and bots. A PUP is a very broad threat category which can encompass any number of different programs to include those which are benign as well as problematic. To learn more about PUPs and how you get them, please read: About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs)

Both IXQuick and DuckDuckGo will allow you install search plugins to your browser. You do not need to install them in order to use either as a search engine. I have used both of them and several other search engines at various times.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#13 Castle Robin

Castle Robin
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:50 PM

Posted 07 March 2014 - 09:04 AM

IXQuick and DuckDuckGo are two of many search engines...they allow you to search anonymously and protect your privacy which is why many folks use them.

 

I agree.  Google is an excellent site for design, navigation and choice of features in its search engine, but unfortunately they don't allow privacy.
 

 

Nasdaq' referred you to this link which pertains to Ixquick Toolbar, not the search engine. That is what he was referring to when saying "It's your call if you want to keep IXQuick". In fact, the information you have been reading in regards to it being malware, most likely pertains to these toolbars and add-ons, not the actual search engine itself.

 

I didn't realise Nasdaq was referring to the Toolbar, as I had assumed he meant anything to do with IXQuick, but this is reassuring news.  Having said that, I remain reluctant to use it in any capacity.  Although Virustotal gives it the all clear, multiple sources relating to Herdprotect list several detections, whereas Duck Duck Go isn't recognised by Herdprotect and the number of reviews of suspicion are more directed towards IXQuick:

 

http://www.herdprotect.com/domain-ixquick.com.aspx
 

 

Toolbars and add-ons are not an infection in the typical sense...they are more accurately classified as Potentially Unwanted Programs (PUPs) and PUPS do not fall in the same category as malicious files such as viruses, Trojans, worms, rootkits and bots. A PUP is a very broad threat category which can encompass any number of different programs to include those which are benign as well as problematic. To learn more about PUPs and how you get them, please read: About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs)

 

This is an invaluable link.  I prefer to remove toolbars and PUPs as a general rule, but am happy to retain the VTzilla search bar due to the useful purpose it serves.
 

 

Both IXQuick and DuckDuckGo will allow you install search plugins to your browser. You do not need to install them in order to use either as a search engine. I have used both of them and several other search engines at various times.

 

I very much like the concept of both of these browsers, but I'd much prefer to use Duck Duck Go, just as a browser only, and avoid IXQuick, due to the number of negative results I've read under Herdprotect and other sites.


Edited by Castle Robin, 07 March 2014 - 09:24 AM.


#14 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,597 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:50 PM

Posted 07 March 2014 - 09:14 AM

:thumbup2:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#15 Castle Robin

Castle Robin
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:50 PM

Posted 07 March 2014 - 09:21 AM

Thank you for your updates and links, Quietman7. :)


Edited by Castle Robin, 07 March 2014 - 09:22 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users