AVG and TDSSkiller

This popped up yesterday:

AVG LinkScanner Alert

! Threat was blocked!

File name: Spywareblockers411.com/
Threat name: Exploit Rogue Scanner (type 831)


Process name: C:\Program Files\Comodo\IceDragon\icedragon.exe
Process ID: 8052

Something has changed though, possibly as a result of one more intrusions. Since using IceDragon, unlike the first time malware was picked up last week, this time around there was no menu listed to vacate the web site or enter at own risk nor an instant blanking of the web site, so after I clicked off the above warning, Spywareblockers411.com was still displayed. This must mean my computer has become infected as a result of this.

Since then, I’ve reset the Hosts File to clear malware, so my computer must be cleared or in a safer state than before, as far as I can tell.

tdsskiller.exe by Kaspersky - is this really malware?

Is Spywareblockers411.com safe or unsafe?

I got a warning from AVG anti-virus (paid version) that this is an unsafe site, but strangely, on this occasion, it gave no option “To get me out of here” or proceed at my own risk, so when I returned to the site (after having a few windows open), this time around the web site was not blanked out.

Results are mixed from the URL Void link sources, which exclude Web Inspector.

Web Inspector would be a good addition to these surveys:

I split and merged the second post of this topic in from another topic.

May be it is a false positive by AVG LinkScanner. Comodo Site Inspector shows this page as clean: http://siteinspector.comodo.com/public/reports/9046569 .

TDSS Killer is a safe file and not malware but may sometimes be seen as malware. Please test the sample on Virus Total.

tdsskiller.exe by Kaspersky not an infection .

I just used it today. I guess it works well for rootkits. and is very portable and lightweight

It’s so difficult to know which source to go by when AVG and Comodo conflict in opinions on web sites, but as Comodo is geared towards Security, I’ll go by Comodo. On that basis, visiting these links should be safe after all, as AVG gives a negative review while Comodo gives a positive one, and if the owner of Webuda intentionally had malware on his site, I don’t think he’d have it on two web pages and clean pages on the rest of his site.



As to the Kaspersky link, when I uploaded the .exe file to a Comodo link, it classed it as Malware.

Virus Total gives it the all clear:

I agree, it’s very good.

So far, no rootkits found in the search.

However, Kaspersky Security Search has a fault in it. I tried to do a Full Scan and the “0%” remained stuck.