Hey, hopefully this is the correct forum for this thread.

I was searching google to check what ports borderlands was using, and the first result I opened, I got a blank page with a message box saying my computer could be infected, and I don't have any antivirus, and he wants me to install one, bla bla bla, most likely you came across this.

At this time, I didn't pressed anything, I ctrl+alt+del and clossed firefox process. Now I do have Kaspersky installed, and he didn't pop up any warnings.

Could I have gotten infected thru this? If anyone who is a guru in websites, I could give you the link I pressed to check it out, if you know what your doing and don't get infected (if in fact that's the purpose of that site, to infect you with spyware/malaware).

Is Kaspersky suppose to protect you in this type of circumstances? I have KIS 8.0.0.506

Websites can infect you when you open them, websites with exploits and things like that. Kaspersky protects you from these and would alert you and block the website from loading - primarily via the use of its Web-Antivirus.

The website you saw was for a fake antivirus I presume. Those websites open a download box after around 20seconds or when you try to close the web-broser (tab, not sure about firefox). You, the user have to click to allow the download and have to click open the file. If you don't do that, then you're fine. Also, if you were infected, you'd know it because you'll have the fake antivirus popping up and annoying you saying you have trojans and viruses, and telling you to buy their product.

Unfortunately, the buggers who create and distribute these malware make many new variants everyday and distribute them through websites, with new ones popping up everyday, so its difficult for antiviruses to blacklist the websites and detect all variants.


Email the weblink of the malicious website to newvirus@kaspersky.com. In the subject of the email, write fraudtool and in the main text body, write the web-link. Kaspersky may add it to detections or its Web-AV blacklist - thats if the website is still working. These websites tend to have a short life-span.

Thank you for your response. I was actually thinking of reverting to a previous copy of my C:/ drive that I backed up a few weeks ago.
What I was afraid the most, is that website not only get you to install their fake antivirus so youl get popups, but also sneak in spyware/malaware that would have other intent like stealing my passwords.

I will send the website to KIS. Thank you

Edit: Can't find the site anymore when I google the same thing I did yesterday :/

No problem, the website is probably dead or Google removed it from its search results. You can probabily get the site from your web-browser's history, but I wouldnt worry too much about it if I was you.

as dawgg mentioned, KIS does indeed warn you/block suspicious websites (those known for spreading malware).

However and for the sake of knowledge, nor KIS (nor any other product out there) can protect you from *every* threat. Some 0day vulnerabilities are undisclosed for months/years, and are exploited by the bad guys all the time. They develop exploits for those undisclosed vulnerabilities and they serve malware (making use of those exploits) through all kinds of websites, even those that you wouldn't expect to be "suspicious". The recent incident with Gizmodo's ads is just one example in a million.

The most scary malware is those making use of 0day exploits for browser vulnerabilities. And here comes KIS to rescue with one of its great features, the "safe run" (my security zone). By adding your browser(s) to the "safe run application", you insure that any browser compromise doesn't lead to private data leakage.

Ok thanks, I found the site again and sent it to KIS email.

Kaspersky does protect you regarding these type of threats as well right? I don't need extra programs like Spybot:S&D, etc?

Yes, Kaspersky protects you from exploits, but as I said, it is very hard to keep up with protecting against fraudtools and fake AVs - like the website you saw because there are new ones created many times a day.

At least you proved you are a safe/sensible-surfer, so KIS combined with you is good protection.


.simo is suggesting, if you want additional protection, run your web-browser in SafeRun. It isolates your web-browser from the rest of your computer, so any malicious websites you go on or software you run in SafeRun, your computer will be protected from. The malicious things will only have affect within the SafeRun, and outside, nothing will happen.
http://support.kaspersky.com/faq/?qid=208280134
http://support.kaspersky.com/faq/?qid=208280532
http://support.kaspersky.com/find?product=...p;search=search.

SafeRun is only available in KIS version 2010 though. You can upgrade if you wish using instructions shown here.


You can use additional protection software if you wish, but I'd recommend you use them for on-demand scans only and not keep them constantly running as they can cause incompatibility issues.