How to Find and Report Known Malware URLs

I recently came across an interesting site called “Fighting Malware” at http://www.malwareurl.com . Fighting Malware is a website that lists the URLs of known malware, the IP address of the server it is on, the type of infection it is, the country it where it is hosted and the ability to look up more detailed information such as what the legitimate antiviruses detect it as.

Since this site lists the URLs of where you can get infected (be careful), it is a great place to infect a virtual machine of your own so you can practice your manual virus removal skills.

Additionally, if you ever come across a new infection this would be a great place to report it.

Join 15,600+ other happy readers and subscribe to Technibbles Email Digest and receive new posts sent directly to your inbox. All new signups get a copy of our Computer Technicians Quick Reference Guide free. Signup Now!

Your Blogmaster is Bryce Whitty
Bryce Whitty is a Professional Computer Technician who started his business when he was 17 year old. Bryce writes Technibble articles about Business How-to's and stories from "the trenches".

Other Blog posts by Bryce Whitty

Kevin says:

December 19th, 2009 at 9:14 am

LOL… I was looking for something like this earlier this week and found it; so I could test out some security software.

Now I’m looking for a way to put some kind of dynamic ip address updater to put on my clients computers. Something that would sit in the background and monitor the WAN IP Address of the Router address and report to me the new ip address like by email, a file on my ftp server or web server. Because dyndns.org is just not feasible and unintrusive to my clients. I want to do this so I can use remote desktop built into Windows instead of TeamViewer, VNC, LogMeIn, Etc.. The Windows Remote Desktop just seems more faster to use. So if anyone knows of any software that does what I just mentioned; I would appreciate the feedback. Thank you!

LD says:

December 19th, 2009 at 11:29 am

I really liked the info on your site until I realized it was just another store pushing its prefered products. How sad

mike smith says:

December 19th, 2009 at 12:18 pm

You could buy a domain for yourself and host DNS at easydns.com and then make host records for each client i.e. clienta.mydomain.com, clientb.mydomain.com. easydns.com supports dynamic IPs and has links to update clients that run as a service for mac win and linux.
Some firewall/routers support the dynamic update for easydns.com like m0n0wall and ipcop.

no-ip.com also has a client updater that runs as a service (in the background).

I would also take a look at Dameware for remote management. I’d install it on a server at their site and then RDP to that server and use Dameware on that server to remote control and manage the stations inside that lan. It works fine from an rdp connection, and gives you remote control like pcanywhere but slicker. Dameware is licensed per admin not per computer.

Sometimes it’s very important to be able to watch the user interact with the application in troubleshooting their problem. RDP cant do this.
Be aware that users often invent their own “lingo” or misuse technical terms when describing problems in order to not sound stupid. Accepting their “description” of the problem at face value can ultimately waste your time and theirs.

(manage a couple hundred or more users and you will understand)

A key to spotting this type of user is phrases like “I’m not new to computers” or “I’m good on computers”.

One port to control them all
Simply rdp to the clients server, fire up dameware, remote control the users computer, click the button to show the remote mouse, and say “show me”. No you see what they click (screw up).

I also find it helpful to use the phrase “let me drive” when you want them to stop moving the mouse or typing, and when you want them to take back control, “okay, you drive”.

You can also click the keyboard/mouse lock button to prevent them from moving the mouse or typing if they cannot understand that you want them to stop their input at the computer.

Be aware that they will invariably believe that in addition to controlling their computer from across the internet, you can also see them. They will say things like “no click that one” and wonder why you cant see what they are pointing at. I kid you not.

Hope this helps.

mike smith says:

December 19th, 2009 at 12:33 pm

LD, the world does not revolve around you. There is nothing on this site compelling you to do or buy anything. This site presents information and experience, and expects nothing from you in return.

Without this sites commercial offerings, there would be no site, which means that there would be no free information for you.

Without this sites commercial experience servicing clients and repairing their computers and networks, their would be no experience gained and thus presented here for you for free.

LD you really should be quiet and actually read this site and understand the fundamentals I have just described. Neither the world or this site owe you anything.

Marty K says:

December 19th, 2009 at 6:36 pm

signed up from the link on your email message for malwareurl.com. when the download message appeared I tried to both download and open the file but my AV program AVG with most current profiles blocked both and gave this message. Blocked because of exploit trojan fake codec (type 678).

Steve says:

December 21st, 2009 at 8:57 am

A good way to protect your computer and learn more about viruses and share this info with others

Teknyka says:

December 21st, 2009 at 12:27 pm

It would be great if MalwareURL could provide an automated HOSTS update to prevent users from being able to connect these malicious sites…

gabe says:

December 25th, 2009 at 8:54 pm

well those problems are only for windows ppl , for linux ppl like me those site are nt a problem at all