| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 110969 | 2010-07-08 21:28:00 | DriverCure - legit or malware? | nofam (9009) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1117226 | 2010-07-08 21:28:00 | A client of mine rang me last night to say he now has a nag screen for this whenever he booted. The website for it looks legit, but he didn't knowingly install it, so is it a genuine driver update tool (which he doesn't need at any rate), or something more malicious? | nofam (9009) | ||
| 1117227 | 2010-07-08 21:50:00 | See Here forums.techguy.org Looks suspect; |
kjaada (253) | ||
| 1117228 | 2010-07-08 22:12:00 | but he didn't knowingly install it This alone should be cause for alarm -___- |
GreacherTech (15784) | ||
| 1117229 | 2010-07-08 22:19:00 | This alone should be cause for alarm -___- Indeed - hence me asking; to be fair, the user in question isn't the most tech-savvy person, so a drive-by installation is quite likely! ;) |
nofam (9009) | ||
| 1117230 | 2010-07-08 22:24:00 | Well I've never even hurd of it, so yeah I would say it's malicious. Would be good if I knew the process that was behind it though, then you could just check out processlibrary.com and look it up to make sure it was under there as a trojan or malware etc |
GreacherTech (15784) | ||
| 1117231 | 2010-07-08 23:29:00 | Normally what I do is find the .exe process in Task Manager and then google it. or check www.processlibrary.com | icow (15313) | ||
| 1117232 | 2010-07-08 23:52:00 | Isn't that what I just said? | GreacherTech (15784) | ||
| 1117233 | 2010-07-09 01:11:00 | I'd say it's Crapware (the technical term ;) ), bogus, probhably not malware. Google: "Drivercure is not malware. Drivercure has been scanned by 41 AV engines and came up clean, see the results here: www.virustotal.com ef34278c69550d-1252563198" Paretologic are(or were) a ligit company, also sell what was(2 years ago) a good spyware scanner. however, its not uncommon for some Malware to use a very similar name to Ligit products. |
sroby (11519) | ||
| 1117234 | 2010-07-09 01:11:00 | A client of mine rang me last night to say he now has a nag screen for this whenever he booted. The website for it looks legit, but he didn't knowingly install it, so is it a genuine driver update tool (which he doesn't need at any rate), or something more malicious? Yeah he would have installed it, either as an add on to something he knew he was installing or clicked on the wrong download button on a web page. |
Sam I Am (1679) | ||
| 1117235 | 2010-07-09 01:20:00 | I run what's running net (www.whatsrunning.net/) to see what drivers, modules, TCP IP connections, etc are trying to be established or are present. Or use the netstat commands (netstat -a, and others). I once found some rogue free screen saver sites trying to constantly connect which were not/or cannot be picked up by /antivirus/Hijack This/Malwarebytes, etc. Easy way to prevent connections/display was to edit the hosts file (as suggested by many others) by adding the rogue sites address to the hosts file. |
kahawai chaser (3545) | ||
| 1 2 | |||||