Attack site??

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by JimLL, Dec 29, 2010.

  1. JimLL

    JimLL I can't follow the rules

    I'd like to know if the following site is a known good or bad web site.

    http://www.dll4free.com/sshnas21.dll.html

    A support group asked me for a copy of sshnas21.dll from my system32 folder and I decided to check up on it. There is definitely some misinformation out there, but I'll be hanged if I can tell for sure which side are the good guys.

    This is a request for personal experience information, not a search for anti-virus programs, malware lectures, etc.
     
    JimLL, Dec 29, 2010
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Not recommended. Not a positively known malware site but they have lots of tricky click this, download this, etc type links all over the place to useless utiltities that you don't want and don't need. More like a spam site. That is not to say that people have never downloaded anything from the site that was malware. They may have as I doubt this site checks everything. They also make it tricky for you to even find and download the files you want. My recommendation is to stay away from it.

    You can check sites using WOT: http://www.mywot.com/en/scorecard/dll4free.com

    You will see some none flattering remarks there.
     
    chaslang, Dec 29, 2010
    #2
  3. JimLL

    JimLL I can't follow the rules

    Thank you very much. WOT is a good tool to have.

    Judging from their evaluation and my own experience I wouldn't be surprised if there were some actual malicious things going on there. It isn't a very appealing site to see, but that proves nothing either way.
     
    JimLL, Dec 29, 2010
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome.
    Right inline with my assessment and warning to stay away from them. ;)
     
    chaslang, Dec 29, 2010
    #4
  5. JimLL

    JimLL I can't follow the rules

    I was wondering why those AV support people asked for that file in the first place. (SSHNAS21dotDLL) Turns out it was one hellacious trojan they gathered that I had, judging by logs from another AV and they didn't have a signature for it. I had to remind them that I had the other anti-malware program that had done away with it after theirs wouldn't.

    Strange that several sites offer a download of a file by that name right up front... There is no legitimate process by that name.

    Actually I keep 3 AM programs around - one with an active background guard running. Nobody gets them all. But it's good that they made an effort to include it.
     
    JimLL, Dec 30, 2010
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Yes it has long been associated with some fake antivirus removal programs. SUPERAntiSpyware and several other tools have found and removed it for quite some time now.
     
    chaslang, Dec 30, 2010
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds