Tag Archives: malicious

I kind of regret having ads on my website…

Today I decided to take a look at my website without any ad blocking software through Internet Explorer 11. With my web history cleared and with no cookies for Google’s ad service to create targeted ads for me, I was served a suspicious ad with this link:

hxxp://file-downloads.net/download/?pi=zitstif.no-ip.org&gclid=CJLtkeHr97wCFcURMwodTnQAtg

That looks legit!

Let’s see what VirusTotal says about this URL:

https://www.virustotal.com/en/url/f0e704606da846903a630c56cee42812a7a943b897fa550a50db0e0bbb19fccd/analysis/1393900872/

It’s too legit to quit now!

Upon visiting this link I was served up immediately an EXE file with the title, “7zip_14381_stn.exe”… how wonderful. Why don’t we just upload this to VirusTotal?

https://www.virustotal.com/en/file/fc80f6307596ce2d6139710873be7ede8693a65681067c75b9bf17617a1af070/analysis/

Granted this piece of software isn’t necessarily malicious per se but it’s the kind of crap I get sick of seeing on Windows systems. Here are some tools I strongly recommend using when dealing with this kind of junkware:

http://www.bleepingcomputer.com/download/rkill/
http://www.bleepingcomputer.com/download/junkware-removal-tool/
http://www.bleepingcomputer.com/download/adwcleaner/

In addition, I recently found a tool that is kind of equivalent to having a portable version of VirusTotal:

http://www.herdprotect.com/downloads.aspx

Even though it doesn’t delete/quarantine/cure anything, use the herdprotect scanner with care because it can throw off false positives but it is still very useful. Anyways, I wish Google’s ad service would stop referring people to crapware, but they’re paying customers too and no, you won’t offend me if you use ad blocking software on my website.