Dan.com

status-resolved Trojan alert on namepros.com (Update: It’s unrelated to namepros.com)

NameSilo

The Durfer

Wesley Sweatman
Impact
15,685
Wow my antivirus company is working overtime. Just got a warning and block of a trojan here on namepros. Also been getting a powershell exploit block also everytime i sign in. hmmm. Scary world we have stuck ourselves in. oh well, make an invention and good and bad people are going to hear about it or use it. :)
 

twiki

Top Contributor
Impact
20,106
Wow my antivirus company is working overtime. Just got a warning and block of a trojan here on namepros. Also been getting a powershell exploit block also everytime i sign in. hmmm. Scary world we have stuck ourselves in. oh well, make an invention and good and bad people are going to hear about it or use it. :)
It's a known windows bug. There has been coverage in media.

Not Namepros.

Edit: A bug that leads to a trojan install indeed.
 
Last edited:
I've never had any issues on here. I've always found AV programs that you run in the background. (or these days in the cloud?) to be more trouble then they are worth.

Try running malware bytes and periodically check your task manager for programs that shouldn't be there. Overall it helps to have a default state of your computer where everything should be quiet if you haven't explicitly directed your computer to do something. Allowing too many programs to run in the background muddies the waters. I know there's a problem just by the slightest change in how my computer functions.

Also, in domaining you often have to go to many domains that you know nothing about so it helps to run a sandbox program for your browser.

Another tip is to never run an executable file - or any file - that you've downloaded without first running it through an antivirus program. I think it's probably been a decade now I haven't had a virus but root kits are the worst though. In such cases usually better to start fresh.
 
Last edited:
Impact
3,035
@The Durfer, it sounds like your device is infected from some other source, unrelated to NamePros.com. Your browser is probably infected, and that's causing alerts for websites that you visit.

Which antivirus software are you using?

It can be confirmed to be unrelated to NamePros by using the same antivirus software on another device.
 

The Durfer

Wesley Sweatman
Impact
15,685
@The Durfer, it sounds like your device is infected from some other source, unrelated to NamePros.com. Your browser is probably infected, and that's causing alerts for websites that you visit.

Which antivirus software are you using?

It can be confirmed to be unrelated to NamePros by using the same antivirus software on another device.
Malwarebytes, browser: firefox
 
Last edited:
Impact
4,482
Wow my antivirus company is working overtime. Just got a warning and block of a trojan here on namepros. Also been getting a powershell exploit block also everytime i sign in. hmmm. Scary world we have stuck ourselves in. oh well, make an invention and good and bad people are going to hear about it or use it. :)
Keep in mind that the alerts you're seeing may actually be the malware itself, not your antivirus software. Some malware masquerades as antivirus software.

You definitely have malware, and if your antivirus software isn't removing it, you should bring your computer to a place that specializes in malware removal.

It's a known windows bug. There has been coverage in media.
This is probably just run-of-the-mill malware, not the result of a Windows bug.

@Paul tell us about this stallion please
This isn't an issue with NamePros, so there's not much I can say unless I examine the computer in question.
 

twiki

Top Contributor
Impact
20,106
Keep in mind that the alerts you're seeing may actually be the malware itself, not your antivirus software. Some malware masquerades as antivirus software.

You definitely have malware, and if your antivirus software isn't removing it, you should bring your computer to a place that specializes in malware removal.


This is probably just run-of-the-mill malware, not the result of a Windows bug.


This isn't an issue with NamePros, so there's not much I can say unless I examine the computer in question.
There's a widespread malware right now that takes advantage of some issues with Powershell in order to infect the computer. Haven't saved the articles but got quite a lot of them about a week or two ago.

Edit: As usual, MS issues patches that either don't work in all cases, or they block users' computers so they have to rollback and issue another... etc.
 
Last edited:
Impact
4,482
There's a widespread malware right now that takes advantage of some issues with Powershell in order to infect the computer. Haven't saved the articles but got quite a lot of them about a week or two ago.
Are you thinking of this one? That's probably not what's at play here, though it's possible that's how it got installed.
 

The Durfer

Wesley Sweatman
Impact
15,685
i restored my computer from a past date, seeing if it removed it. havent seen a warning yet. Something fishy about it though, i worked at company once that had a intranet system and whenever they wanted to take over your computer they would of course call and ask but then a dos drive window would open and mines been doing that when i turn it on. Dont know if thats a tell tale or not but someone could be doing this remotely near and around me where i am.
 
Last edited:
Impact
4,482
well, it my antivirus seems to be working because they are the ones giving me the warning messages and blocking the attack. It seems to be random and not a pattern. Havent seen it pop up on namepros but once, but has been any website.
If you're still seeing the messages, it's not fully working. These days, antivirus software tends to be rather ineffective, unfortunately.

i restored my computer from a past date, seeing if it removed it. havent seen a warning yet.
Restoring will never fully remove malware, although it can deactivate it in some cases.

mines been doing that when i turn it on
Sounds like buggy malware. You should file a bug report. ;)
 
Top down