Broadband Tech > Security > Security > virus/spyware: divxturka.net

virus/spyware: divxturka.net

You got it because you ignored a warning. You can prevent it in future by not continuing to ignore warnings. Meanwhile, you might want to visit »Security Cleanup
--
Pain is weakness leaving the body

reply to chris_j11

reply to chris_j11
I have the paid version of Malwarebytes operating on the taskbar and it blocks that domain.

reply to chris_j11
yes, i did ignore the warning
i didn't think to much of it since i've been using the website for a few months now and i just got the virus last night

can i still visit the website w/o getting virus
firefox + noscript + adblock + flashblock + microsoft security essential?

I wonder if you could use something like Comodo Firewall or something similar which has a sandbox and running IE in the sandbox trying to get to that site.
Maybe that site became infected recently too. My Malwarebytes just wants to block that site.

reply to chris_j11
If your browser is running as a full admin you should know better. You need to run it as a limited user, or have UAC(Vista/Win7) enabled properly to prevent things like this.

The plugins are commonly targeted for exploits, and so are the browsers so it's good to make sure those are up to date.

No anti-software is perfect, and they can only detect a finite number of patterns, which can also lead to false positives. So you cannot depend on them to protect you from your own actions.
--
My hourly rates:
$25 per hour.
$35 per hour if you want to watch.
$45 per hour if you want to help.
$75 per hour if you tried to fix it, and failed.
Security through obscurity is for the ignorant who don't deserve security.

reply to chris_j11

reply to chris_j11
»Security Cleanup FAQ »Mandatory Steps Before Requesting Assistance

reply to chris_j11
One thing I'd like to point out, is that from the user standpoint, there is essentially no such thing as a trusted site. Sites get hacked; they may have been vulnerable and someone may have inserted a malicious script onto the site, or it simply may have ads provided by a second party, and an ad might be infected. Many people have been infected when that happens on legitimate sites because they trusted them, and continued on despite warnings from a browser or even their security software. Help sites that assist users with problems have been infected, and even the NY Times has had users infected through a malicious ad. You should never add a site to your Trusted Sites list unless functionality there is broken with it being there, and I'd recommend browsing with FireFox with the AdBlock Plus and NoScript add-ons installed, and be very stingy with NoScript in the sites that you do allow.
--
Proud ASAP member since 2005
Microsoft MVP/Consumer Security 2009-2010

reply to chris_j11
Kaspersky allowed the site to load BUT it did freak out when I tried to access: hxxp://www.uppdapa.co.cc/prot.php which is visible if you look at the source code.

Yes you can still use your site but keep NoScript on

reply to chris_j11

reply to chris_j11
I went there on Vista Ultimate on Firefox 3 using the Proxomitron, Avast5, WinPatrol, and OA++ and I got NO warnings, no infections. I looked around at some forums and threads. The ONLY problem I had was that is an EXTREMELY SLOW site. It was very slow to load initially (almost 30 seconds) and then each page took FOREVER to load. But other than that, I sure didn't see any malware there.

So, either the malware comes from an ad there which Proxo filters out or only IE gets infected. If Java is involved, I have an older version of Java 1.6.0_5 yet I didn't get any Java window there.

--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson

reply to chris_j11
i went to the website but i didn't see anything when i went there.. i am using firefox 3.6.8 with "noscript" and "adblock plus"..

i am guessing that the problem involved an "iframe" which was blocked by "noscript", which was why i didn't see anything when i went to the website..

i didn't try lowering my security-settings to see what would happen..

in the original post, i am curious about "chrome's" giving a warning for the website (?)..

reply to chris_j11

reply to chris_j11

 
Pinging divxturka.net [127.0.0.1] with 32 bytes of data:
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms 
 

reply to chris_j11
»www.google.com/safebrowsing/diag···urka.net

Odd. Google Safebrowsing doesn't currently have it listed as suspicious though it has before... Sounds like they need an update!
--
There are 10 types of people that understand binary numbers. Those that do - and those that do not...

URL void shows the same, so much for reputation based sites
»www.urlvoid.com/scan/divxturka.net

reply to chris_j11

reply to chris_j11
Patient: "It hurts when I do "that"".
Doctor: "Don't do "that""!.