Jump to content
David Schwartz

is the site infected?

Recommended Posts

I fatfingered something over the weekend and a page came up with a bunch of naked men on it. Not my thing. But ever since then I've been getting weird stuff happening here. I'l click on a link and the form will open in another tab while the previous one opens some spammy site. One that keeps showing up is digitaltrends-dot-com, but it's not the only one.

Share this post


Link to post

Everything still normal as seen from here. It is probably your system which has been compromised. You should urgently conduce a malware scan with up-to-date anti-malware software. If you don't find anything, try scanning by booting you system out of an independent bootable device (Rescue disk or something like that).

 

Share this post


Link to post

No unusual stuff happening on my end. But I don't have deepest insight into the machine running the server. However it it seems more likely your cookies need some cleaning up.

Share this post


Link to post
Guest
1 hour ago, Sherlock said:

However it it seems more likely your cookies need some cleaning up.

What cookies !???

Guys, are you getting cookies ?

 

@Sherlock Have you even wear gloves before inspecting his cookies in pandemic era ? did you smoke pipe near them too ?

 

Share this post


Link to post

It was happening at first only from this site, but it started happening in other browser windows, so it's probably not related.

 

Our IT Dept puts so much crap on our machines for both security and general protection it's hard to believe. The CPU activity is constantly jumping around when I'm not doing anything. I don't like it.

 

Anyway, all that "protection" and something apparently snuck through. <sigh>

Share this post


Link to post
Guest

If there is security software on your device then most likely it is not serious, just try to clean your own browser form extensions ! those what easily can bypass almost all AV as they are not malicious, just advertising or crypto mining.

Share this post


Link to post

Hi,

 

Usually IT departments install a lot of stuff to prevent infection, but once you're infected is another ball game.

Check if your firewall is up and running.

If you can install ( user permission wise ) a software in your machine, I strongly recommend you to download malwarebytes   https://www.malwarebytes.com/  (Personal edition will be just fine ) from a clean machine, copy the installer to a pen-drive and install and run it in your machine. Let it run. Hopefully most of those nasty fellows can be removed. Unfortunately there's no "one antivirus to rule them all", so you might need some other antivirus software to clean it up.

 

If your firewall is NOT active. turn off your machine at once. Don't waste time trying to put it back online, especially if you are in a LAN and have access to other machine in the network. Once windows reboots, your firewall should be up and running again.

Don't use your machine without a firewall. If your firewall is deactivated again, shut it down for good and let the IT department deal with it

 

HTH,

Clément

 

Share this post


Link to post
Guest

<gloat>I am so happy not to have an IT-department. One of my clients share an IT-department and working for them is twice as cumbersome compared to my other clients that have an in-house IT-person or even another solution all together. <might_bite_back>Myself, i do everything, so i can keep track of my HW and OS's, VM's and whatnot.</might_bite_back></gloat>

 

BUT if a browser is acting up, and your IT-department allows you to install another browser, then if the same thingies appear in another browser, it's something platform-dependent on a system level and that would be very bad. If, on the other hand, the other browser behaves properly then the problem /should/ be local to the browser and, yes, cookies /can/ have something to do with it, IMHO. I have something odd on a laptop that refuses to log into DX ticketing while it works perfectly on all the other machines. Odd but not worry-some, some detail in their new OAuth implementation simply will not work.

 

Anyways, i understand my post will not help you in any way, so it remains for me to wish you all the best of luck going forward and removing the problem!

Share this post


Link to post

I'm switching to Opera on my work laptop here. I don't think IT cares. I like how it can run a few extensions I use in Chrome that I really love. 

 

* RoboForm

* Session Buddy

* The Great Suspender

Edited by David Schwartz

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×