Is the following site infested?

skandaloes

skandaloes

Level 1
Thread author
Verified
Mar 15, 2016
17
32
29
44
Germany
Hey folks,

today I had a strange behavior on the following page.

Code: 
hxxp://www.expertenseite.de/42777-vorlage-webdesign-angebot-gesucht.html

The site is apparently linked to phishing sites, i will be forwarded to the following page.

Code: 
'hxxp://gewinner1.microsoft.com-gluckliche-gewinner-heute.online/Deutschland/l1-v639-de-l1/Danke.html?isp=Deutsche%20Telekom%20AG&model=Desktop&voluumdata=vid..00000003-acb1-4987-8000-000000000000__vpid..0fc4f800-ea9d-11e5-894f-f6000ed9fac2__caid..ef3df6c8-348d-4954-a5b8-5900461f42e7__rt..D__lid..d74d836b-12c9-40d8-8f92-86a86fdfadfd__oid1..56dae6b7-904b-458d-98d4-f6496e19398e__var1..5624d6ff017706d5663ee77c__var2..n%2Fa__var3..wifi__var4..windows__var5..DE__rd..__aid..__sid..&sourceid=5624d6ff017706d5663ee77c&match=n/a&carrier=wifi&mob_pf=windows&country=DE&cpc=0.0153#b

Now I wonder if the affected side is contaminated and my computer could have captured something?

Emsisoft and adguard have nothing displayed.

Thanks for your help and answers!
 
I got redirected to another site, but definitely would not visit the sites.

upload_2016-3-15_14-39-11.png
 
  • Like
Reactions: frogboy, LabZero and OokamiCreed
  • Like
Reactions: safe1st, LabZero, Venustus and 1 other person
skandaloes said:
Thank you for the reply.
Can I be sure that I not be afraid of an infection?
Click to expand...
There is no way to tell due to the redirections.You can do system scans using your security and also use online scanners like ESET, Bitdefender. If you are really not sure you can also clear out the browser cache.And you might also want to use a sandboxed browser in future for such cases.
 
  • Like
Reactions: LabZero, russ0408, Venustus and 1 other person
Ok, well EAM and Hitman find nothing except some tracking cookies.
Which sandboxed browser can you recommend, to time I use only the normal chrome browser.
 
  • Like
Reactions: Rishi
skandaloes said:
Thank you for the reply.
Can I be sure that I not be afraid of an infection?
Click to expand...

If you are using the latest version of your web browser with no vulnerable plugins, then I assume your PC is safe. Make sure you haven't entered any credential details to these sites, or downloaded any software. As a precaution, you could perform a quick scan with your Antivirus or on-demand scanners.

You can download the free version of Sandboxie here, it's simple and easy to set-up.
Sandboxie - Sandbox software for application isolation and secure Web browsing

If you have any questions regarding Sandboxie, post them here, Sandboxie (Invincea)
 
  • Like
Reactions: safe1st, frogboy, LabZero and 2 others
I use the latest version of chrome only whith adguard at this time.
When the page loads, I have these immediately closed and i dont entered details or downloaded any software.

Than i want look a littlebit closer to sandboxie.

also i replaced adguard by ublock, in the hope that this makes those pages.
 
  • Like
Reactions: Rishi
It is a bit difficult to make a solid valutation based on the elements that we have.
Sometimes these redirections load "drive by" attacks on Javascript-based malicious code executed when the page loads in the user's browser. Normally, the code uses other scripts to get more malicious components, which, in their turn, attempt to exploit the flaws of the browser or the operating system.
As already suggested, it is useful to clear the cache and run multiple antimalware scans repeated after a few days and use Sandboxie for future reference.
Update the browser and OS if necessary.
 
  • Like
Reactions: Rishi, safe1st and frogboy
Also thank you for the answer.
I deleted yesterday the browser cache already and and have several scans (Hitman Pro, EAM) performed and nothing was found.

I hope, if something had been downloaded, would EAM noticed this?!
 
You must log in or register to reply here.

You may also like...