Avast WEBforum

Other => Viruses and worms => Topic started by: TracyR on July 29, 2022, 08:19:23 PM

Title: Trojan warning from Avast, virus not detected by any antivirus
Post by: TracyR on July 29, 2022, 08:19:23 PM
I keep getting the following pop-up from Avast, when searching with Google. I've run Avast, MalwareBytes and CCleaner but none of them are finding any problems. Any help would be appreciated. 
 
Thanks in advance.


Threat secured
We've safely aborted connection on prodfliying.com because it was infected with Script:SNH-gen [TrJ]

Threat name Script:SNH-gen [TrJ]
Threat Type: Trojan - This threat pretends to be something else (eg, picture, document, or other file) to trick you into running it and infecting your computer

URL hxtps://prodfliying.com/238234c2a4c4b5d393.js

Process C:\Program Files\Google\Chrome\Application\chrome.exe

Detected by WebShield
Status  Connection aborted


6ad7a88805eb/2022-07-29T16:45:20.898Z
Title: Re: Trojan warning from Avast, virus not detected by any antivirus
Post by: Pondus on July 29, 2022, 09:11:37 PM
https://www.virustotal.com/gui/url/464212909163104397eb07e96d96cf0f972d92a02c99a913a0fffb80d6756ea8?nocache=1


Try clear Your browser  (scroll down and find Your browser)

https://www.avast.com/c-how-to-clear-browser-history

https://support.avast.com/en-eu/article/reset-browser/#mac





Title: Re: Trojan warning from Avast, virus not detected by any antivirus
Post by: TracyR on July 30, 2022, 12:11:29 AM
Thanks, but unfortunately it didn't help. I cleared my browser history, but it's still popping up.
Title: Re: Trojan warning from Avast, virus not detected by any antivirus
Post by: DavidR on July 30, 2022, 12:37:44 AM
Try running Chrome without browser extensions/add-ons.

If that stops it then it would point to one of the extensions/add-ons.  From there look particularly at recently added or modified ones and disable one at a time to try and pinpoint the one responsible.

Other detections on that domain reported here - https://www.virustotal.com/gui/url/c54b7e526bd86e1006630997d5311ee630e64e6a641a754afae52f83bf3a3aed
And Medium risk here - https://sitecheck.sucuri.net/results/prodfliying.com
Website Security Rating of F - https://snyk.io/test/website-scanner/?test=220729_AiDc6E_DXE&utm_medium=referral&utm_source=webpagetest&utm_campaign=website-scanner

So it is most certainly a good detection.
Title: Re: Trojan warning from Avast, virus not detected by any antivirus
Post by: TracyR on July 30, 2022, 04:58:08 AM
Thanks, David! I haven't had a notification since I disabled everything. Not sure which was the bad extension yet -- I  had quite a few that were no longer necessary so I am slowly adding them back when/if needed. I'm sure many will be deleted soon.
Title: Re: Trojan warning from Avast, virus not detected by any antivirus
Post by: DavidR on July 30, 2022, 09:03:56 AM
You're welcome.
Title: Re: Trojan warning from Avast, virus not detected by any antivirus
Post by: Heisanevilgenius on July 30, 2022, 07:51:07 PM
Thanks, David! I haven't had a notification since I disabled everything. Not sure which was the bad extension yet -- I  had quite a few that were no longer necessary so I am slowly adding them back when/if needed. I'm sure many will be deleted soon.

Did you figure out which extension it is? I've been having the same issue. Here are the extensions I have on. If you could identify any extensions you also have, maybe we can identify the culprit:

"Adobe Acrobat: PDF edit, convert, sign tools", "BetterTTV", "DownAlbum", "FrankerFaceZ", "GoFullPage - Full Page Screen Capture", "Google Docs Offline", "IG Downloader", "Image downloader - Imageye", "LastPass: Free Password Manager", "RightToCopy", "Story Saver", "Tab Session Manager", "Tampermonkey", "Twitch Downloader"
Title: Re: Trojan warning from Avast, virus not detected by any antivirus
Post by: DavidR on July 30, 2022, 09:04:03 PM
@    Heisanevilgenius

You really need to be brutal with extensions, many could simply be downloaded and work done with an off line resource.

For example (there are others) 'image downloader/s', many browsers have that function built in.

Your post looks more like an advert for extensions :)
Look at how frequently you use them and cull those that aren't used that frequently.
Title: Re: Trojan warning from Avast, virus not detected by any antivirus
Post by: Heisanevilgenius on July 30, 2022, 10:16:20 PM
Thanks, I'm aware I can download images already but certain websites use scripting and other methods to prevent images from being downloaded with a simple right-click. These extensions are often much easier than trying to inspect elements, sort through code, etc, to find the specific images.
Title: Re: Trojan warning from Avast, virus not detected by any antivirus
Post by: polonus on August 01, 2022, 01:28:58 PM
How to check on browser extensions:
https://www.wired.com/story/how-to-audit-browser-extensions-security-chrome-firefox-edge-safari/ 
(info credits/source David Nield).

Also check on the site of the developer of such an extension or check at VT.
Always install from a reliable source.

Remember cybercriminals also are into this and may also spread mal-extensions.

polonus
Title: Re: Trojan warning from Avast, virus not detected by any antivirus
Post by: Heisanevilgenius on August 03, 2022, 01:31:33 AM
Just to update, I haven't had the issue since, so I'm thinking it wasn't one of these extensions. I disabled and deleted some old extensions when I posted this and it still had a lingering effect but after I closed and reopened Chrome the issue went away.
Title: Re: Trojan warning from Avast, virus not detected by any antivirus
Post by: DavidR on August 03, 2022, 01:51:51 AM
Thanks for the update.

I don't know if it needed a restart of the browser for the changes to take effect.
Title: Re: Trojan warning from Avast, virus not detected by any antivirus
Post by: polonus on August 06, 2022, 11:23:12 PM
L.S.

In the case of unwanted adware pop-ups from prodfliying dot com etc., it is advisable to set your browser back to it's original settings, and do so without 3rd party applications, this will reset the start-up page, newtab page, search engine and pinnend tabs (in Google chrome for instance).

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)