Malware sneaks its way in here?

Viruses and worms
1

See: http://urlquery.net/report.php?id=1445120535196 malware detected.
Adware and tracking as well -http://uk-ads.openx.net/w/1.0/jstag
and this as part of the malcode detected: -http://clkrev.com/adServe/banners?tid=V2MFOOTER&type=footer&size=728x90
Still the converter site is given all green here: http://antivirus-alarm.ru/proverka/?url=www.video2mp3.net%2Fru

polonus

2

What is that image? :-\

3

Hi Pernaman,

Removed as it was not essentially related. Thought this was descriptive of the way how that malcode sneaks in and tracking monitoring also goes on almost undetected, just acting full stealth as the U-Boot wolf packs in WWII. Whenever the site is being visited with Tracker SSL extension enabled you will see that a tracking-nids to -apis.google.com goes unencrypted over the wires, when you do not have that extension installed that all will be going on behind your back unnoticed. Banner adware also flagged there. The converter download itself is being blocked by both Adguard and Bitdefender TrafficLight.
Users better shun to visit that site, users also reported issues on WOT.

polonus

4

That exposition got little over my head. :-[ I hope you don’t mean that the image in your first post had any malicious code in it :o

5

Hi Pernaman,

I would not dare to ever do that. I always break all the links I give even inside code. Was there any live code detectable Avast or MBAM or Adguard would alarm or my Malware Script detector v.02b via Tampermonkey code would block.

Didn’t you always see the little “-” right before the html address, like -http://some-very-dangerous-website.com that means it is broken, no one can click it to get infested. When I ever forget this I will get a PM right away from my good forum friend Pondus and he will say “Damian, you left a life link open there and there”. When newbies do this I always report to moderator to break such a live link.

So that jpeg image of the submarine raising from the ocean at dawn was just a complete harmless picture/illustration.
You can search pictures with an extension called TinEye.
Whenever you see a red dot inside the Google search result page next to a picture - do not click that it can be dangerous to do so. The good pictures/images have a green dot next to it.

I myself also try to avoid any direct contact with any malcode. So never actually go to suspicious or malicious links and never click them. Always do some research myself before clicking any link.
Always scan inside a scanner via CUT & PASTE. Always use third party info and reports on such sites.
As an extra precaution I scan inside a sandbox environment - like with Malzilla.

All real direct contact with suspicious code should be done on a special computer in lab settings, exclusively meant for that kind of research and not connecting out not to any network or the Internet for that matter.

“In complete and utter isolation you shall dissect your malware”
is the first commandment of any malware research book. :wink:

polonus