Author Topic: URL blocked by Avast and keep getting redirects then automatics downloads  (Read 16407 times)

0 Members and 1 Guest are viewing this topic.

ineedhelpbad

  • Guest
no blocks by Avast but tonite i got this (see attached screenshot), also couldn't X page out, had to right click tab and close tab. Also noticed when I signed on my fonts had been changed, so something is going on.

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5564
  • Spartan Warrior
You may be right.

microsoft antivirus is this:  http://www.2-spyware.com/remove-microsoft-antivirus-has-found-critical-process-activity-on-your-pc.html

BTW, take no action on any advice on this website.  Wait for essexboy to come back.  This link provided just fyi.

[EDIT:]  Site recommends downloading and running SpyHunter.  Do not run this program, not worth the trouble, and it may make things worse.

Microsoft is the vendor of this program:  http://windows.microsoft.com/en-us/windows/security-essentials-download

Not the same thing.

Again, I'd wait 'til essexboy comes online again, to see what he says, as you are in the best of hands here.
« Last Edit: July 24, 2013, 08:45:55 AM by mchain »
Windows 10 Home 64-bit 22H2 Avast Premier Security version 24.1.6099 (build 24.1.88821.762)  UI version 1.0.797
 UI version 1.0.788.  Windows 11 Home 23H2 - Windows 11 Pro 23H2 Avast Premier Security version 24.2.6105 (build 24.1.8918.827) UI version 1.0.801

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
OK lets try a little fishing expedition

Download and Install Combofix
 
Download ComboFix from one of the following locations:
Link 1
Link 2
 
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
 
* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks




  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.[/b]
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

3.  If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

ineedhelpbad

  • Guest
Ok I Avast, windows defender, malwarebytes and superantispyware.  I turned off windows defender, malwarebytes and superantispyware free version does not have real time so didn't have to disable.  I tried to disable Avast by right clicking icon, and also by looking for "shield control" to disable it, was unable to find it.  Is Avast the same as others, I have the free version of Avast, so is there a way to disable it?

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Right click the orange blob
Select Shield control > Disable until reboot

If combofix still complains then accept the warning and allow to run

ineedhelpbad

  • Guest
Ok attached is combofix log and thank you so much for help.  Will let you know how computer does if I notice any issues.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Hmm again nothing of import there.  I will review all logs to see if I missed anything 

ineedhelpbad

  • Guest
ok tyvm, I did delete 2 programs when I was looking for malwares to disable, I uninstalled Microsoft Essential Security that was one that was installed in the past 30 days, also another program can't recall name now but I didn't use the program.  Will keep you posted if i get any more redirects to try to download or notice any changes on home page or settings.


1 hr or so after i typed the above, got another tab opened and got following screenshot attached
« Last Edit: July 27, 2013, 02:24:44 AM by ineedhelpbad »

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5564
  • Spartan Warrior
The wording of both screenshots is identical, as is the domain "myvnc.com"  Appears you are using Chrome browser when this happens.  Only difference is the random characters preceding the domain name.

Ignore the warning, as essexboy is sure to look into the source of this.
Windows 10 Home 64-bit 22H2 Avast Premier Security version 24.1.6099 (build 24.1.88821.762)  UI version 1.0.797
 UI version 1.0.788.  Windows 11 Home 23H2 - Windows 11 Pro 23H2 Avast Premier Security version 24.2.6105 (build 24.1.8918.827) UI version 1.0.801

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
That is generated from an infected web page as opposed to your computer..  Still looking

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2219
    • The WAR Against Malware
So to confirm, this only occurs in Chrome?

~!Donovan
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

ineedhelpbad

  • Guest
Yes, just chrome.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Any further instances of this ?

ineedhelpbad

  • Guest
Wow I had just typed nothing since July 27th and soon as i closed avast out, i got a pop up, so I had to modify this reply.  When I was able to close page out i also got a msg saying what the virus are.  As noted above Microsoft Security Essentials was one of the applications I removed last week.  See 2 screenshots.
« Last Edit: July 31, 2013, 05:53:43 PM by ineedhelpbad »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
What site were you on at the time ?