Avast WEBforum

Other => Viruses and worms => Topic started by: Ashielf on October 24, 2019, 05:05:05 PM

Title: Blocked Threads (HTML:RedirME-inf, URL:Blacklist)
Post by: Ashielf on October 24, 2019, 05:05:05 PM

Hi all!

I get infrequent and irregular (3-4 times while working on my PC for multiple hours) warnings from Avast and Malwarebytes while having my browsers (primary an up-to-date Opera) open. The URL's vary but it's always about "HTML:RedirMe-inf [Trj]" and "URL:Blacklist".

I have already installed and run Malwarebytes but it doesn't find anything except when I ran it the first time (see last block in the Malwarebytes attachment).

I was not able to pin the cause. I don't have the same sites open when it happens and it also occurred once when opening Chrome.
I attached the FRST readings.

Could anyone help me?

Title: Re: Blocked Threads (HTML:RedirME-inf, URL:Blacklist)
Post by: Michael (alan1998) on October 24, 2019, 05:26:26 PM

Darkweb surfing are we? :P >> D:\Tor Browser\Browser\TorBrowser\Tor\tor.exe

I'll bring Sass Drake around to have a look for you.

Title: Re: Blocked Threads (HTML:RedirME-inf, URL:Blacklist)
Post by: Ashielf on October 24, 2019, 05:29:42 PM

Quote from: Michael (alan1998) on October 24, 2019, 05:26:26 PM

Darkweb surfing are we? :P >> D:\Tor Browser\Browser\TorBrowser\Tor\tor.exe

I'll bring Sass Drake around to have a look for you.

Damn, I thought wearing a hoody and balaklava would be enough to stop detection. Now you have me.
In all seriousness though, I have only used it on common sites to stop annoying trackers and the like or to get an unfiltered view. Shouldn't have gotten anything via Tor.

Thanks for helping.

Title: Re: Blocked Threads (HTML:RedirME-inf, URL:Blacklist)
Post by: Pondus on October 24, 2019, 05:52:49 PM

Have you tried to clear your browsers cache / surf history ?

Title: Re: Blocked Threads (HTML:RedirME-inf, URL:Blacklist)
Post by: Ashielf on October 24, 2019, 06:44:48 PM

Quote from: Pondus on October 24, 2019, 05:52:49 PM

Have you tried to clear your browsers cache / surf history ?

To be honest, this slipped my mind. I have done it now and will keep an eye on the prompts.

Title: Re: Blocked Threads (HTML:RedirME-inf, URL:Blacklist)
Post by: Michael (alan1998) on October 24, 2019, 07:39:56 PM

Quote from: Ashielf on October 24, 2019, 06:44:48 PM

Quote from: Pondus on October 24, 2019, 05:52:49 PM

Have you tried to clear your browsers cache / surf history ?

To be honest, this slipped my mind. I have done it now and will keep an eye on the prompts.

I was joking around about Tor. I wasn't trying to insinuate you were doing anything bad. I have a dark sense of humour, so my apologies. (Tone doesn't translate very well over text either.)

Title: Re: Blocked Threads (HTML:RedirME-inf, URL:Blacklist)
Post by: Ashielf on October 24, 2019, 07:46:40 PM

No offence taken.  8)

Unfortunately, the alarms still persist, even after clearing the cache/history. Here is the newest one:

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 24/10/2019
Protection Event Time: 19:44
Log File: f814386c-f685-11e9-b636-5404a66bc052.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.629
Update Package Version: 1.0.13053
Licence: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: PUP
Domain: usa.godabert-nap.com
IP Address: 52.207.141.11
Port: [52313]
Type: Outbound
File: C:\Program Files (x86)\Opera\64.0.3417.61\opera.exe

(end)