Jump to content

https://fmovies.to/ . . . Website blocked . . . Why? . . . What does it do?

slack7639
 Share

Recommended Posts

slack7639

slack7639

Posted
Posted

A few days ago, I watched this movie:
Smiley (2012) - FMovies . . . https://fmovies.to/film/smiley.wlw7/n8r5km

And then later, this one:
Spy (2015) - FMovies . . . https://fmovies.to/film/spy.prj4

I gave the link for the first one to a friend.  He said it showed "pop-up" viruses.
I asked him how he knew.  He said that something in his AV caught it.

I had AdBlock Plus running, and didn't notice a thing.  I thought, maybe AdBlock Plus protected my computer.
And, these movies streamed really well.  I was very impressed. If it's a bad site, it's not easy to discern.

Anyway, I thought maybe I had better check for viruses.

I forget why I quit using Malwarebytes a while back.
I think because I read somewhere that Avast did everything it does now, so I decided to just rely on Avast.

Anyway, I thought it would be a good idea, so I installed Malwarebytes' free Trial, and it caught a few things.
I ran it a second time, and found that the computer was clean.

I read that AdwCleaner was purchased by Malwarebytes, but was still being run as a standalone program.  It is to be integrated into Malwarebytes.
I ran AdwCleaner, and it found like 4 things (PUPs)
I ran it again, and it found a couple of more.  Maybe they were for my "Classic Shell," which I wouldn't want to remove, but it doesn't provide enough info.
I ran it again, and it didn't find anything.

What does Norton SafeWeb say about fmovies.to ? . . . "This site has not been tested yet" . . . https://safeweb.norton.com/

So today, I go back to https://fmovies.to/ . . . to watch another move, and it has blocked this site

I was wondering what this "Website blocked" code means:  Port 50245 / Outbound

What kind of bad activity is this site doing?

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Here's what AdwCleaner found, and I deleted:

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

fmovies.jpg

Link to post
Share on other sites
Firefox

Firefox

Posted
Posted
1 minute ago, slack7639 said:

I had AdblockPlus on.  Did that protect me?

Possible, depending on Ad and how creative they got on the pages serving the ads...

2 minutes ago, slack7639 said:

Avast Free did not indicate anything.

this is why we need layered protection, so if one protection does not catch it the second one will

 

2 minutes ago, slack7639 said:

Any idea in what way they're malicious?  I have no idea.

It can be a Varity of malwares anywhere from a fake your infected popup to a popup that gets you to click on it and then downloads a ransomware

 

3 minutes ago, slack7639 said:

Would the free version of Malwarebytes have caught it?

No, you would need the Premium version to actively protect you.  If I try and go to that site with the Premium version, I can't even get to it because MB3 Web Protection blocks it.  The free version does not have Web Protection running in free mode.

Link to post
Share on other sites
slack7639

slack7639

Posted
  • Author
Posted

I would say that I never click on ads . . . unless it's in the way - and then, I would only click on the X . . . I find that I only do this on YouTube.

If you never click on ads, can you still get something on your computer?

Apparently, the answer to this is "yes," because MB and AdwCleaner found some PUPs on mine.

How does this get on my computer, if I never clicked anything? . . . Do they download, and get installed, from the video stream?

Link to post
Share on other sites
dcollins

dcollins

Posted
Posted
6 hours ago, slack7639 said:

If you had the free version, and made a note to manually run it once per day, it would be protecting you, after the fact.  Is there any downside to that?

No downside, but you are still leaving yourself open to attack vectors. In this example, if the file that was downloaded was a piece of Ransomware, it could have plenty of time to encrypt all your files before your scheduled scan is set to run.

Link to post
Share on other sites
TempLost

TempLost

Posted
Posted (edited)

After the fact can be too late. And whatever protection you use, you massively increase the chances of infection if you knowingly visit "risky" sites - no Antivirus or Anti-Malware is 100% reliable. And if Ransomware takes hold, you probably won't get a chance to eradicate it before all your data gets encrypted. 

Edit: you beat me to it, Devin! 

Edited by TempLost
Comment
Link to post
Share on other sites
slack7639

slack7639

Posted
  • Author
Posted

Are you saying that there's a "drive by" malicious software, that will install itself, by itself, and encrypt my drive . . . even if I don't click on anything?

Ok, I just checked my UAC in Win 10 . . . Control Panel / Security and Maint / Change UAC settings . . . I see that I had it off, on level 1 of 4 (I didn't know about this "drive by" issue) . . . I have put it on level 3 . . . I think I'll change it so that I leave it on 3, unless I'm doing Installs / De-Installs, which is when I'll temporarily put it on 1.

Maybe that's why I didn't see anything when I watched those movies, and how that page probably put the PUPs on.

If I have UAC on level 3 of 4, though, it's supposed to notify me when Apps make changes to my computer, so that should prevent a "drive by" attack, right? . . . and running MB Free, after the fact, once per day, is acceptable.

I Clonezilla my C: once per month, to two SSDs.  It might be a month old, but that's my backup plan if something serious happened to C:

I backup my data to two spindle drives daily, so a serious attack could get some changes I made, it looks like.

I see that there is a firmware update for my C: SSD.  I just read that keeping the firmware up-to-date also helps with security issues, so I'll add a note to take a look at that once per month, when I make the clones.

 

 

Link to post
Share on other sites
slack7639

slack7639

Posted
  • Author
Posted

In Win 10, does UAC protect you against "drive by" malicious software, that would install itself, by itself, and encrypt my hard drive . . . even if I don't click on anything? . . . I had it off.  I'll put it on level 3 of 4.

So, if UAC is on, then running MB Free, after the fact, once per day, is acceptable?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.