Jump to content

How are viruses like SpywareGuard and antivirus 360 being spread?

Recommended Posts


I work with a website that for the past few months has been getting complaints from users claiming to have gotten a virus or malware while using us.

We have had them install malwarebytes and it has solved their issues, but they still claim they gotten warnings and the popups, etc., while using our site - and blame us. However, we have had no luck in tracking down any issues. We have only had one of our checkers get redirected, and only once. We could not replicate it, or find out how or why. If we had malicious code on the site, I would think it would not be so random. Am I incorrect?

How are these types of trojans/viruses being spread? I see hundreds of sites talking about removing the programs, but almost none on how they got them.

Any thoughts or assistance would be greatly appreciated.

Thank you!

Link to post
Share on other sites

Hi Seeker.

Does the site in question serve any ads? Such as banner\flash style? This is one of the latest vectors used in malware spreading.

You can read all about rogue banner ads on Sandi Hardemier's blog, Spyware Sucks


Thanks for the reply. I will check out that website.

We sometimes shift from one company to another. We first started getting complaints when only using adwords (via google) but we also use adbrite as well now and again.

We suspected this especially due to the random nature and mentioned this to Google. Of course, they claim all of their ads are fine and upstanding and could not be the cause. When the problem has been reported by users, no one knows or remembers what ad was being displayed or would have been displayed to help track that theory.

Link to post
Share on other sites

Some additional information.

We have found from some users that they were (they think) using certain pages of our website when the alerts from their antivirus went off or when the redirects and popups occured. But of course, we can never verify it and most users use the same pages without incident. (which yes points to the randomness of ads)

However, at least with one user, once they were verifiably infected, it redirect them every time they went to certain pages on the site, but did not seem to do so when they went to other pages on other sites. Once Malwarebytes was run, the virus was removed and no more problem. But why did it pick on those certain pages/urls?

Are certain keywords or url paths possible triggers for these types of viruses?

How can we separate users who were infected elsewhere, but getting triggered popups/warnings while on our site, from a user possibly getting infected from something on our site. We want to solve this and help users, but the finger pointing and blaming doesn't help at all. We have also had many users take offense that their computer could have a virus and refuse to scan it and simply blame us!


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.